Representation-, Leakage- and Cipher-Dependencies in Algebric Sidde-Channel Attacks

By combining the extraction of side-channel information leakages with classical cryptanalysis techniques, the recently introduced Algebraic Side- Channel Attacks trade a part of the data complexity in standard DPA attacks for more computations. But predicting the success rate of such attacks is made harder because of the numerous parameters that come into play when solving large algebraic systems of equations. In this paper, we study the impact of three of these parameters empirically, along with the metrics needed to quantify them. First, we analyze the efficiency of different representations of the side-channel information as low degree boolean equations. Second, we investigate the impact of different types of information leakages on the attack resolution times. Third, we discuss how these conclusions depend on the target ciphers. From simulated experiments performed in various contexts, we finally provide some more general intuitions for the security of leaking devices.

[1]  Josef Pieprzyk,et al.  Cryptanalysis of Block Ciphers with Overdefined Systems of Equations , 2002, ASIACRYPT.

[2]  Elisabeth Oswald,et al.  An Efficient Masking Scheme for AES Software Implementations , 2005, WISA.

[3]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[4]  Frederik Armknecht,et al.  Efficient Computation of Algebraic Immunity for Algebraic and Fast Algebraic Attacks , 2006, EUROCRYPT.

[5]  François-Xavier Standaert,et al.  Algebraic Side-Channel Attacks on the AES: Why Time also Matters in DPA , 2009, CHES.

[6]  Christof Paar,et al.  A Stochastic Model for Differential Side Channel Cryptanalysis , 2005, CHES.

[7]  Claude Castelluccia,et al.  Extending SAT Solvers to Cryptographic Problems , 2009, SAT.

[8]  Adi Shamir,et al.  Side Channel Cube Attacks on Block Ciphers , 2009, IACR Cryptol. ePrint Arch..

[9]  François-Xavier Standaert,et al.  Algebraic Side-Channel Attacks , 2009, Inscrypt.

[10]  Frédéric Valette,et al.  Enhancing Collision Attacks , 2004, CHES.

[11]  Frederic P. Miller,et al.  Advanced Encryption Standard , 2009 .

[12]  Moti Yung,et al.  A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks (extended version) , 2009, IACR Cryptol. ePrint Arch..

[13]  Willi Meier,et al.  Algebraic Immunity of S-Boxes and Augmented Functions , 2007, FSE.

[14]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[15]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[16]  Brian A. Carter,et al.  Advanced Encryption Standard , 2007 .

[17]  Andrey Bogdanov,et al.  Algebraic Methods in Side-Channel Collision Attacks and Practical Collision Detection , 2008, INDOCRYPT.