Generalized Spectral Approach to Speed up the Correlation Power Analysis

As shown previously in Sect. 3.2.3, the Correlation Power Analysis (CPA) is a method that allows to recover the secret information concealed in embedded devices [1]. It consists in leveraging the Pearson correlation coefficient as a way to relate an assumed model with the measured power consumed during the running of the operations that involve a secret subkey. Power analysis attacks are based on the principle that the instantaneous power consumption of a cryptographic device depends on the processed data and on the performed operations [2]. During a symmetric protocol, those operations are in particular processed by a non-linear function called S-box which is parametrized by a secret key and the involved message [3, 4].

[1]  Simon Heron,et al.  Encryption: Advanced Encryption Standard (AES) , 2009 .

[2]  W. Rosenstiel,et al.  Correlation power analysis in frequency domain extended abstract , 2010 .

[3]  Karl Pearson F.R.S. LIII. On lines and planes of closest fit to systems of points in space , 1901 .

[4]  Ralph Howard,et al.  Data encryption standard , 1987 .

[5]  Christof Paar,et al.  Pushing the Limits: A Very Compact and a Threshold Implementation of AES , 2011, EUROCRYPT.

[6]  Emmanuel Prouff,et al.  Statistical Analysis of Second Order Differential Power Analysis , 2009, IEEE Transactions on Computers.

[7]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[8]  Gilles Millerioux,et al.  Spectral Approach for Correlation Power Analysis , 2017, C2SI.

[9]  Marc Joye,et al.  Cryptographic hardware and embedded systems - CHES 2004 : 6th International Workshop, Cambridge, MA, USA, August 11-13, 2004 : proceedings , 2004 .

[10]  Vincent Rijmen,et al.  Higher-Order Threshold Implementations , 2014, ASIACRYPT.

[11]  Christof Paar,et al.  A Stochastic Model for Differential Side Channel Cryptanalysis , 2005, CHES.

[12]  Christof Paar,et al.  DPA on n-Bit Sized Boolean and Arithmetic Operations and Its Application to IDEA, RC6, and the HMAC-Construction , 2004, CHES.

[13]  François-Xavier Standaert,et al.  Security analysis of higher-order Boolean masking schemes for block ciphers (with conditions of perfect masking) , 2008, IET Inf. Secur..

[14]  Paul Bottinelli,et al.  Computational aspects of correlation power analysis , 2016, Journal of Cryptographic Engineering.

[15]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[16]  Sylvain Guilley,et al.  Good is Not Good Enough: Deriving Optimal Distinguishers from Communication Theory , 2014, IACR Cryptol. ePrint Arch..

[17]  Sylvain Guilley,et al.  Masks will Fall Off - Higher-Order Optimal Distinguishers , 2014, IACR Cryptol. ePrint Arch..