In his keynote speech at CHES 2004, Kocher advocated that side-channel attacks were an
illustration that formal cryptography was not as secure as it was believed because some
assumptions (eg, no auxiliary information is available during the computation) were not
modeled. This failure is caused by formal methods' focus on models rather than
implementations. In this paper, we present formal methods and tools for designing protected
code and proving its security against power analysis. These formal methods avoid the …

In his keynote speech at CHES 2004, Kocher advocated that side-channel attacks were an
illustration that formal cryptography was not as secure as it was believed because some
assumptions (eg, no auxiliary information is available during the computation) were not
modeled. This failure is caused by formal methods' focus on models rather than
implementations. In this paper we present formal methods and tools for designing protected
code and proving its security against power analysis. These formal methods avoid the …