Vade mecum on side-channels attacks and countermeasures for the designer and the evaluator

Implementation-level attacks are nowadays well known and most designers of security embedded systems are aware of them. However, both the number of vulnerabilities and of protections have seriously grown since the first public reporting of these threats in 1996. It is thus difficult to assess the correct countermeasures association to cover all the possible attack paths. The goal of this paper is to give a clear picture of the possible adequation between actually risks and mitigation techniques. A specific focus is made on two protection techniques addressing primarily side-channel attacks: masking and hiding. For the first time, we provide with a way to estimate a tradeoff depending on the environmental conditions (amount of noise) and on the designer skills (ability to balance the design). This tradeoff is illustrated in a decision diagram, helpful for the security designer to justify choices and to account for the cost overhead.