Moments-Correlating DPA

We generalize correlation-enhanced power analysis collision attacks into moments-correlating DPA. The resulting distinguisher is applicable to the profiled and non-profiled (collision) settings and is able to exploit information lying in any statistical moment. It also benefits from a simple rule-of-thumb to estimate its data complexity. Experimental results show that such a tool allows answering with confidence to some important questions regarding the design of side-channel countermeasures (e.g. what is the most informative statistical moment in the leakages of a threshold implementation). We further argue that moments-correlating DPA is a natural candidate for leakage detection tests, enjoying the simplicity of correlation power analysis and advanced features for the evaluation of higher-order attacks with an easy-to-compute confidence level.

[1]  Marcin Wójcik,et al.  Does My Device Leak Information? An a priori Statistical Power Analysis of Leakage Detection Tests , 2013, ASIACRYPT.

[2]  Amir Moradi,et al.  Statistical Tools Flavor Side-Channel Collision Attacks , 2012, EUROCRYPT.

[3]  François-Xavier Standaert,et al.  Blind Source Separation from Single Measurements Using Singular Spectrum Analysis , 2015, CHES.

[4]  Tim Güneysu,et al.  Cryptographic hardware and embedded systems - CHES 2015 : 17th international workshop Saint-Malo, France, September 13-16, 2015 : proceedings , 2015 .

[5]  Christof Paar,et al.  Pushing the Limits: A Very Compact and a Threshold Implementation of AES , 2011, EUROCRYPT.

[6]  Amir Moradi,et al.  How Far Should Theory Be from Practice? - Evaluation of a Countermeasure , 2012, CHES.

[7]  FRANÇOIS-XAVIER STANDAERT,et al.  An Overview of Power Analysis Attacks Against Field Programmable Gate Arrays , 2006, Proceedings of the IEEE.

[8]  François Durvaux,et al.  Towards Easy Leakage Certification , 2016, CHES.

[9]  François Durvaux,et al.  From Improved Leakage Detection to the Detection of Points of Interests in Leakage Traces , 2016, EUROCRYPT.

[10]  Christof Paar,et al.  Practical evaluation of DPA countermeasures on reconfigurable hardware , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[11]  Patrick Schaumont,et al.  Cryptographic Hardware and Embedded Systems – CHES 2012 , 2012, Lecture Notes in Computer Science.

[12]  François-Xavier Standaert,et al.  Low Entropy Masking Schemes, Revisited , 2013, CARDIS.

[13]  François-Xavier Standaert,et al.  Unified and Optimized Linear Collision Attacks and Their Application in a Non-profiled Setting , 2012, CHES.

[14]  Denis Flandre,et al.  A Formal Study of Power Variability Issues and Side-Channel Attacks for Nanoscale Devices , 2011, EUROCRYPT.

[15]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[16]  Amir Moradi,et al.  Early Propagation and Imbalanced Routing, How to Diminish in FPGAs , 2014, IACR Cryptol. ePrint Arch..

[17]  Vincent Rijmen,et al.  Secure Hardware Implementation of Nonlinear Functions in the Presence of Glitches , 2011, Journal of Cryptology.

[18]  Markus Kasper,et al.  The World is Not Enough: Another Look on Second-Order DPA , 2010, IACR Cryptol. ePrint Arch..

[19]  Emmanuel Prouff,et al.  Statistical Analysis of Second Order Differential Power Analysis , 2009, IEEE Transactions on Computers.

[20]  Stefan Mangard,et al.  Side-Channel Leakage of Masked CMOS Gates , 2005, CT-RSA.

[21]  Yves Deville,et al.  Efficient Selection of Time Samples for Higher-Order DPA with Projection Pursuits , 2015, COSADE.

[22]  Christof Paar,et al.  A New Class of Collision Attacks and Its Application to DES , 2003, FSE.

[23]  François-Xavier Standaert,et al.  Making Masking Security Proofs Concrete - Or How to Evaluate the Security of Any Leaking Device , 2015, EUROCRYPT.

[24]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[25]  Christof Paar,et al.  One Attack to Rule Them All: Collision Timing Attack versus 42 AES ASIC Cores , 2013, IEEE Transactions on Computers.

[26]  Stefan Mangard,et al.  One for all - all for one: unifying standard differential power analysis attacks , 2011, IET Inf. Secur..

[27]  Amir Moradi,et al.  Side-Channel Resistant Crypto for Less than 2,300 GE , 2011, Journal of Cryptology.

[28]  Adrian Thillard,et al.  Success through Confidence: Evaluating the Effectiveness of a Side-Channel Attack , 2013, CHES.

[29]  Kenneth G. Paterson Advances in Cryptology - EUROCRYPT 2011 - 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tallinn, Estonia, May 15-19, 2011. Proceedings , 2011, EUROCRYPT.

[30]  Amir Moradi,et al.  Assessment of Hiding the Higher-Order Leakages in Hardware - What Are the Achievements Versus Overheads? , 2015, CHES.

[31]  A. Adam Ding,et al.  A Statistical Model for DPA with Novel Algorithmic Confusion Analysis , 2012, CHES.

[32]  Vincent Rijmen,et al.  A More Efficient AES Threshold Implementation , 2014, AFRICACRYPT.

[33]  Thomas Eisenbarth,et al.  Correlation-Enhanced Power Analysis Collision Attack , 2010, CHES.

[34]  François Durvaux,et al.  How to Certify the Leakage of a Chip? , 2014, IACR Cryptol. ePrint Arch..

[35]  A. Satoh,et al.  Side-Channel Attack Standard Evaluation Board SASEBO-W for Smartcard Testing , 2011 .

[36]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[37]  Christof Paar,et al.  A Hardware-Based Countermeasure to Reduce Side-Channel Leakage: Design, Implementation, and Evaluation , 2015, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[38]  Tim Güneysu,et al.  Cryptographic Hardware and Embedded Systems -- CHES 2015 , 2015, Lecture Notes in Computer Science.

[39]  Patrick Schaumont,et al.  Cryptographic hardware and embedded systems : CHES 2012 : 14th International Workshop, Leuven, Belgium, September 9-12, 2012 : proceedings , 2012 .

[40]  Moti Yung,et al.  A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks (extended version) , 2009, IACR Cryptol. ePrint Arch..

[41]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[42]  Stefan Mangard,et al.  Hardware Countermeasures against DPA ? A Statistical Analysis of Their Effectiveness , 2004, CT-RSA.