Correlation power analysis (CPA) is a well-known attack against cryptographic modules with which an attacker evaluates the correlation between the power consumption and the sensitive data candidates calculated from a guessed sub-key and known data such as plaintexts and ciphertexts. This paper enhances CPA to propose a new general power analysis, built-in determined sub-key CPA (BS-CPA), which finds a new sub-key by using the previously determined sub-keys recursively to compute the sensitive data candidates and to increase the signal-to-noise ratio in its analysis. BS-CPA also reuses the power traces in the repetitions of finding sub-keys to decrease the total number of the required traces for determining the all sub-keys. BS-CPA is powerful and effective when the multiple sensitive data blocks such as sbox outputs are processed simultaneously as in the hardware implementation. We apply BS-CPA to the power traces provided at the DPA contest and succeed in finding a DES key using fewer traces than the original CPA does.
[1]
Thomas S. Messerges,et al.
Securing the AES Finalists Against Power Analysis Attacks
,
2000,
FSE.
[2]
William P. Marnane,et al.
Correlation Power Analysis of Large Word Sizes
,
2007
.
[3]
Thomas S. Messerges,et al.
Using Second-Order Power Analysis to Attack DPA Resistant Software
,
2000,
CHES.
[4]
FRANÇOIS-XAVIER STANDAERT,et al.
An Overview of Power Analysis Attacks Against Field Programmable Gate Arrays
,
2006,
Proceedings of the IEEE.
[5]
Christophe Giraud,et al.
An Implementation of DES and AES, Secure against Some Attacks
,
2001,
CHES.
[6]
Siva Sai Yerubandi,et al.
Differential Power Analysis
,
2002
.
[7]
Kouichi Itoh,et al.
DPA Countermeasure Based on the "Masking Method"
,
2001,
ICISC.
[8]
Christof Paar,et al.
Higher Order Masking of the AES
,
2006,
CT-RSA.
[9]
David A. Wagner,et al.
Towards Efficient Second-Order Power Analysis
,
2004,
CHES.