Ridge-Based DPA: Improvement of Differential Power Analysis For Nanoscale Chips

Differential power analysis (DPA), as a very practical type of side-channel attacks, has been widely studied and used for the security analysis of cryptographic implementations. However, as the development of the chip industry leads to smaller technologies, the leakage of cryptographic implementations in nanoscale devices tends to be nonlinear (i.e., leakages of intermediate bits are no longer independent) and unpredictable. These phenomena make some existing side-channel attacks not perfectly suitable, i.e., decreasing their performance and making some common used prior power models (e.g., Hamming weight) to be much less respected in practice. To solve the above issues, we introduce the regularization process from statistical learning to the area of side-channel attack and propose the ridge-based DPA. We also apply the cross-validation technique to search for the most suitable value of the parameter for our new attack methods. In addition, we present theoretical analyses to deeply investigate the properties of ridge-based DPA for nonlinear leakages. We evaluate the performance of ridge-based DPA in both simulation-based and practical experiments, comparing to the state-to-the-art DPAs. The results confirm the theoretical analysis. Further, our experiments show the robustness of ridge-based DPA to cope with the difference between the leakages of profiling and exploitation power traces. Therefore, by showing a good adaptability to the leakage of the nanoscale chips, the ridge-based DPA is a good alternative to the state-to-the-art ones.

[1]  Christof Paar,et al.  Gaussian Mixture Models for Higher-Order Side Channel Analysis , 2007, CHES.

[2]  Christof Paar,et al.  Higher Order Masking of the AES , 2006, CT-RSA.

[3]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[4]  Dawu Gu,et al.  Evaluation and Improvement of Generic-Emulating DPA Attacks , 2015, CHES.

[5]  Elisabeth Oswald,et al.  Profiling DPA: Efficacy and Efficiency Trade-Offs , 2013, CHES.

[6]  Yuval Ishai,et al.  Private Circuits: Securing Hardware against Probing Attacks , 2003, CRYPTO.

[7]  François-Xavier Standaert,et al.  Generic Side-Channel Distinguishers: Improvements and Limitations , 2011, IACR Cryptol. ePrint Arch..

[8]  Bart Preneel,et al.  Mutual Information Analysis , 2008, CHES.

[9]  Christof Paar,et al.  A Stochastic Model for Differential Side Channel Cryptanalysis , 2005, CHES.

[10]  A. E. Hoerl,et al.  Ridge regression: biased estimation for nonorthogonal problems , 2000 .

[11]  Dawu Gu,et al.  Ridge-Based Profiled Differential Power Analysis , 2017, CT-RSA.

[12]  Josep Balasch,et al.  Inner Product Masking Revisited , 2015, EUROCRYPT.

[13]  Jasper G. J. van Woudenberg,et al.  Getting More from PCA: First Results of Using Principal Component Analysis for Extensive Power Analysis , 2012, CT-RSA.

[14]  Stefan Mangard,et al.  Practical Second-Order DPA Attacks for Masked Smart Card Implementations of Block Ciphers , 2006, CT-RSA.

[15]  François-Xavier Standaert,et al.  Mutual Information Analysis: How, When and Why? , 2009, CHES.

[16]  Werner Schindler,et al.  Advanced stochastic methods in side channel analysis on block ciphers in the presence of masking , 2008, J. Math. Cryptol..

[17]  Klaus Nordhausen,et al.  The Elements of Statistical Learning: Data Mining, Inference, and Prediction, Second Edition by Trevor Hastie, Robert Tibshirani, Jerome Friedman , 2009 .

[18]  François-Xavier Standaert,et al.  Univariate side channel attacks and leakage modeling , 2011, Journal of Cryptographic Engineering.

[19]  Eric Peeters,et al.  Template Attacks in Principal Subspaces , 2006, CHES.

[20]  Ingrid Verbauwhede,et al.  Revisiting Higher-Order DPA Attacks: , 2010, CT-RSA.

[21]  Olivier Markowitch,et al.  The bias–variance decomposition in profiled attacks , 2015, Journal of Cryptographic Engineering.

[22]  Bart Preneel,et al.  Revisiting Higher-Order DPA Attacks: Multivariate Mutual Information Analysis. , 2009 .

[23]  Emmanuel Prouff,et al.  Provably Secure Higher-Order Masking of AES , 2010, IACR Cryptol. ePrint Arch..

[24]  Denis Flandre,et al.  A Formal Study of Power Variability Issues and Side-Channel Attacks for Nanoscale Devices , 2011, EUROCRYPT.

[25]  Markus G. Kuhn,et al.  Efficient Template Attacks , 2013, CARDIS.

[26]  François Durvaux,et al.  How to Certify the Leakage of a Chip? , 2014, IACR Cryptol. ePrint Arch..

[27]  Lejla Batina,et al.  Differential Cluster Analysis , 2009, CHES.

[28]  Claude Carlet,et al.  Boolean Functions for Cryptography and Error-Correcting Codes , 2010, Boolean Models and Methods.

[29]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[30]  Elisabeth Oswald,et al.  Robust Profiling for DPA-Style Attacks , 2015, CHES.

[31]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[32]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[33]  Emmanuel Prouff,et al.  A New Second-Order Side Channel Attack Based on Linear Regression , 2013, IEEE Transactions on Computers.

[34]  Elisabeth Oswald,et al.  The Myth of Generic DPA...and the Magic of Learning , 2014, CT-RSA.