How (not) to Use Welch's T-test in Side-Channel Security Evaluations

  title={How (not) to Use Welch's T-test in Side-Channel Security Evaluations},
  author={François-Xavier Standaert},
  journal={IACR Cryptology ePrint Archive},
The Test Vector Leakage Assessment (TVLA) methodology is a qualitative tool relying on Welch’s T-test to assess the security of cryptographic implementations against side-channel attacks. Despite known limitations (e.g., risks of false negatives and positives), it is sometimes considered as a pass-fail test to determine whether such implementations are “safe” or not (without clear definition of what is “safe”). In this note, we clarify the limited quantitative meaning of this test when used as… CONTINUE READING
Highly Cited
This paper has 24 citations. REVIEW CITATIONS

From This Paper

Figures, tables, and topics from this paper.


Publications citing this paper.
Showing 1-10 of 14 extracted citations

Leak Me If You Can : Does TVLA Reveal Success Rate ?

View 4 Excerpts
Highly Influenced

A flexible leakage trace collection setup for arbitrary cryptographic IP cores

2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) • 2018
View 2 Excerpts

Confident leakage assessment — A side-channel evaluation framework based on confidence intervals

2018 Design, Automation & Test in Europe Conference & Exhibition (DATE) • 2018
View 1 Excerpt


Publications referenced by this paper.
Showing 1-10 of 27 references

The generalization of Student’s problem when several different population variances are involved

Bernard L. Welch
View 4 Excerpts
Highly Influenced

Leakage assessment methodology

Journal of Cryptographic Engineering • 2016
View 4 Excerpts
Highly Influenced

Cryptographic Hardware and Embedded Systems – CHES 2016

Lecture Notes in Computer Science • 2016

Similar Papers

Loading similar papers…