Comparison between Side-Channel Analysis Distinguishers

Side-channel analyses allow to extract keys from devices whatever their length. They rely on tools called "distinguishers". In this paper, we intend to compare two generic distinguishers per se: we provide a characterization environment where all the implementation details are equal, hence a fair comparison. In the field of distinguishers that use a model, the notion of equivalence between distinguishers has already been studied in some seminal works [6,13]. However, no such work has been carried out for generic distinguishers, that work on observable values distributions rather than on their values themselves. In this paper, we set up simulations that aim at showing experimentally that two generic distinguishers are different. Then, we develop a theory to actually prove that one distinguisher is better than the other.

[1]  Thomas Peyrin,et al.  Side-Channel Analysis of Six SHA-3 Candidates , 2010, CHES.

[2]  François-Xavier Standaert,et al.  Generic Side-Channel Distinguishers: Improvements and Limitations , 2011, IACR Cryptol. ePrint Arch..

[3]  Erik Knudsen,et al.  Ways to Enhance Differential Power Analysis , 2002, ICISC.

[4]  Elisabeth Oswald,et al.  An Exploration of the Kolmogorov-Smirnov Test as a Competitor to Mutual Information Analysis , 2011, CARDIS.

[5]  David A. Wagner,et al.  Towards Efficient Second-Order Power Analysis , 2004, CHES.

[6]  Stefan Mangard,et al.  Cryptographic Hardware and Embedded Systems, CHES 2010, 12th International Workshop, Santa Barbara, CA, USA, August 17-20, 2010. Proceedings , 2010, CHES.

[7]  Stefan Mangard,et al.  One for All - All for One: Unifying Standard DPA Attacks , 2009, IACR Cryptol. ePrint Arch..

[8]  Moti Yung,et al.  A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks (extended version) , 2009, IACR Cryptol. ePrint Arch..

[9]  Marc Joye,et al.  Cryptographic Hardware and Embedded Systems - CHES 2004 , 2004, Lecture Notes in Computer Science.

[10]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[11]  Berk Sunar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2005, 7th International Workshop, Edinburgh, UK, August 29 - September 1, 2005, Proceedings , 2005, CHES.

[12]  Bart Preneel,et al.  Mutual Information Analysis A Generic Side-Channel Distinguisher , 2008 .

[13]  Bart Preneel,et al.  Mutual Information Analysis , 2008, CHES.

[14]  François-Xavier Standaert,et al.  Mutual Information Analysis: How, When and Why? , 2009, CHES.

[15]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[16]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[17]  Stefan Mangard,et al.  One for all - all for one: unifying standard differential power analysis attacks , 2011, IET Inf. Secur..

[18]  Jon A. Wellner,et al.  A Glivenko-Cantelli Theorem and Strong Laws of Large Numbers for Functions of Order Statistics , 1977 .

[19]  Lejla Batina,et al.  Differential Cluster Analysis , 2009, CHES.

[20]  Sylvain Guilley,et al.  Differential Power Analysis Model and Some Results , 2004, CARDIS.

[21]  Werner Schindler,et al.  Revealing side-channel issues of complex circuits by enhanced leakage models , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[22]  François-Xavier Standaert,et al.  Univariate side channel attacks and leakage modeling , 2011, Journal of Cryptographic Engineering.

[23]  Chae Hoon Lim,et al.  Information Security and Cryptology — ICISC 2002 , 2003, Lecture Notes in Computer Science.

[24]  Elisabeth Oswald,et al.  Cryptographic Hardware and Embedded Systems - CHES 2008, 10th International Workshop, Washington, D.C., USA, August 10-13, 2008. Proceedings , 2008, CHES.

[25]  Christophe Clavier,et al.  Cryptographic Hardware and Embedded Systems - CHES 2009, 11th International Workshop, Lausanne, Switzerland, September 6-9, 2009, Proceedings , 2009, CHES.

[26]  Elisabeth Oswald,et al.  A Comprehensive Evaluation of Mutual Information Analysis Using a Fair Evaluation Framework , 2011, CRYPTO.

[27]  Emmanuel Prouff,et al.  Theoretical and practical aspects of mutual information-based side channel analysis , 2010, Int. J. Appl. Cryptogr..

[28]  Jean-Jacques Quisquater,et al.  FPGA Implementations of the DES and Triple-DES Masked Against Power Analysis Attacks , 2006, 2006 International Conference on Field Programmable Logic and Applications.

[29]  Lejla Batina,et al.  Mutual Information Analysis: a Comprehensive Study , 2011, Journal of Cryptology.

[30]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[31]  Christof Paar,et al.  A Stochastic Model for Differential Side Channel Cryptanalysis , 2005, CHES.

[32]  Jean-Louis Lanet,et al.  Smart Card Research and Advanced Application, 9th IFIP WG 8.8/11.2 International Conference, CARDIS 2010, Passau, Germany, April 14-16, 2010. Proceedings , 2010, CARDIS.

[33]  Moti Yung,et al.  A New Randomness Extraction Paradigm for Hybrid Encryption , 2009, EUROCRYPT.