A Comparison of χ 2-Test and Mutual Information as Distinguisher for Side-Channel Analysis

Masking is known as the most widely studied countermeasure against side-channel analysis attacks. Since a masked implementation is based on a certain number of shares (referred to as the order of masking), it still exhibits leakages at higher orders. In order to exploit such leakages, higher-order statistical moments individually at each order need to be estimated reflecting the higher-order attacks. Instead, Mutual Information Analysis (MIA) known for more than 10 years avoids such a moment-based analysis by considering the entire distribution for the key recovery. Recently the \(\chi ^2\)-test has been proposed for leakage detection and as a distinguisher where also the whole distribution of the leakages is analyzed.

[1]  Christof Paar,et al.  A Comparative Study of Mutual Information Analysis under a Gaussian Assumption , 2009, WISA.

[2]  Christof Paar,et al.  Side-Channel Attacks on the Yubikey 2 One-Time Password Generator , 2013, RAID.

[3]  Christof Paar,et al.  Breaking Mifare DESFire MF3ICD40: Power Analysis and Templates in the Real World , 2011, CHES.

[4]  Vincent Rijmen,et al.  Secure Hardware Implementation of Nonlinear Functions in the Presence of Glitches , 2011, Journal of Cryptology.

[5]  Amir Moradi,et al.  Side-Channel Resistant Crypto for Less than 2,300 GE , 2011, Journal of Cryptology.

[6]  Amir Moradi,et al.  Hardware Masking, Revisited , 2018, IACR Trans. Cryptogr. Hardw. Embed. Syst..

[7]  Amir Moradi,et al.  On the Simplicity of Converting Leakages from Multivariate to Univariate - (Case Study of a Glitch-Resistant Masking Scheme) , 2013, CHES.

[8]  Christof Paar,et al.  On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoqCode Hopping Scheme , 2008, CRYPTO.

[9]  Daniel Dinu,et al.  EM Analysis in the IoT Context: Lessons Learned from an Attack on Thread , 2018, IACR Trans. Cryptogr. Hardw. Embed. Syst..

[10]  Tim Güneysu,et al.  Robust and One-Pass Parallel Computation of Correlation-Based Attacks at Arbitrary Order , 2015, COSADE.

[11]  Andrew Morris,et al.  An information theoretic measure of sequence recognition performance , 2002 .

[12]  Bart Preneel,et al.  Mutual Information Analysis , 2008, CHES.

[13]  Christof Paar,et al.  When Reverse-Engineering Meets Side-Channel Analysis - Digital Lockpicking in Practice , 2013, Selected Areas in Cryptography.

[14]  Francis Olivier,et al.  Electromagnetic Analysis: Concrete Results , 2001, CHES.

[15]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[16]  Emmanuel Prouff,et al.  Statistical Analysis of Second Order Differential Power Analysis , 2009, IEEE Transactions on Computers.

[17]  Amir Moradi,et al.  Leakage Detection with the x2-Test , 2018, IACR Trans. Cryptogr. Hardw. Embed. Syst..

[18]  Benedikt Heinz,et al.  Localized Electromagnetic Analysis of Cryptographic Implementations , 2012, CT-RSA.