A Case for Maximal Leakage as a Side Channel Leakage Metric
This work addresses the need for a principled trade-off between cost and leakage in side channel security, offering a novel metric that could improve risk assessment for applications vulnerable to such attacks.
The paper tackles the problem of quantifying side channel leakage in security vulnerabilities by advocating for maximal leakage as a metric, demonstrating empirically that it more accurately reflects threats compared to conventional metrics like mutual information and channel capacity, and shows that optimal protection can be achieved with at most two deterministic schemes.
Side channels represent a broad class of security vulnerabilities that have been demonstrated to exist in many applications. Because completely eliminating side channels often leads to prohibitively high overhead, there is a need for a principled trade-off between cost and leakage. In this paper, we make a case for the use of maximal leakage to analyze such trade-offs. Maximal leakage is an operationally interpretable leakage metric designed for side channels. We present the most useful theoretical properties of maximal leakage from previous work and demonstrate empirically that conventional metrics such as mutual information and channel capacity underestimate the threat posed by side channels whereas maximal leakage does not. We also study the cost-leakage trade-off as an optimization problem using maximal leakage. We demonstrate that not only can this problem be represented as a linear program, but also that optimal protection can be achieved using a combination of at most two deterministic schemes.