Efficient 2nd-order power analysis on masked devices utilizing multiple leakage

A common algorithm-level effective countermea-sure against side-channel attacks is random masking. However, second-order attack can break first-order masked devices by utilizing power values at two time points. Normally 2nd-order attacks require the exact temporal locations of the two leakage points. Without profiling, the attacker may only have an educated guessing window of size nw for each potential leakage point. An attack with exhaustive search over combinations of the two leakage points will lead to computational complexity of O(n2w). Waddle and Wagner introduced FFT-based attack with a complexity of O(nw log(nw)) in CHES 2004 [1]. Recently Belgarric et al. proposed five preprocessing techniques using time-frequency conversion tools basing on FFT in [2]. We propose a novel efficient 2nd-order power analysis attack, which pre-processes power traces with FFT to find multiple candidate leakage point pairs and then combines the attacks at multiple candidate pairs into one single attack. We derive the theoretical conditions for two different combination methods to be successful. The resulting attacks retain computational complexity of O(nw log(nw)) and are applied on two data sets, one set of power measurements of an FPGA implementation of masked AES scheme and the other set of measurements from DPA Contest V4 for a software implementation of masked AES. Our attacks improve over the previous FFT-based attacks, particularly when the window size nw is large. Each of the two attacks works better respectively on different data sets, confirming the theoretical conditions.

[1]  Eric Peeters,et al.  Template Attacks in Principal Subspaces , 2006, CHES.

[2]  Hermann Drexler,et al.  Improved Template Attacks , 2010 .

[3]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[4]  Liwei Zhang,et al.  A Statistical Model for Higher Order DPA on Masked Devices , 2014, IACR Cryptol. ePrint Arch..

[5]  Olivier Meynard,et al.  Combined Side-Channel Attacks , 2010, WISA.

[6]  Ingrid Verbauwhede,et al.  Selecting Time Samples for Multivariate DPA Attacks , 2012, CHES.

[7]  Thomas S. Messerges,et al.  Using Second-Order Power Analysis to Attack DPA Resistant Software , 2000, CHES.

[8]  Adrian Thillard,et al.  How to Estimate the Success Rate of Higher-Order Side-Channel Attacks , 2014, IACR Cryptol. ePrint Arch..

[9]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[10]  Markus Kasper,et al.  The World is Not Enough: Another Look on Second-Order DPA , 2010, IACR Cryptol. ePrint Arch..

[11]  Emmanuel Prouff,et al.  Statistical Analysis of Second Order Differential Power Analysis , 2009, IEEE Transactions on Computers.

[12]  Elisabeth Oswald,et al.  Practical Template Attacks , 2004, WISA.

[13]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[14]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[15]  Bart Preneel,et al.  Mutual Information Analysis , 2008, CHES.

[16]  David A. Wagner,et al.  Towards Efficient Second-Order Power Analysis , 2004, CHES.

[17]  Christophe Giraud,et al.  An Implementation of DES and AES, Secure against Some Attacks , 2001, CHES.

[18]  François-Xavier Standaert,et al.  Using Subspace-Based Template Attacks to Compare and Combine Power and Electromagnetic Information Leakages , 2008, CHES.

[19]  Sylvain Guilley,et al.  Time-Frequency Analysis for Second-Order Attacks , 2013, CARDIS.