Non-profiled Mask Recovery: the impact of Independent Component Analysis

As one of the most prevalent SCA countermeasures, masking schemes are designed to defeat a broad range of side channel attacks. An attack vector that is suitable for low-order masking schemes is to try and directly determine the mask(s) (for each trace) by utilising the fact that often an attacker has access to several leakage points of the respectively used mask(s). Good examples for implementations of low-order masking schemes include the table re-computation schemes as well as the masking scheme in DPAContest V4.2. We propose a novel approach based on Independent Component Analysis (ICA) to efficiently utilise the information from several leakage points to reconstruct the respective masks (for each trace) and show it is a competitive attack vector in practice.

[1]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[2]  Erkki Oja,et al.  Independent component analysis: algorithms and applications , 2000, Neural Networks.

[3]  Thomas S. Messerges,et al.  Securing the AES Finalists Against Power Analysis Attacks , 2000, FSE.

[4]  Ingrid Verbauwhede,et al.  Theory and Practice of a Leakage Resilient Masking Scheme , 2012, ASIACRYPT.

[5]  Hua Chen,et al.  My Traces Learn What You Did in the Dark: Recovering Secret Signals Without Key Guesses , 2017, CT-RSA.

[6]  Emmanuel Prouff,et al.  Higher-order glitch free implementation of the AES using Secure Multi-Party Computation protocols , 2012, Journal of Cryptographic Engineering.

[7]  Michael Tunstall,et al.  Masking Tables - An Underestimated Security Risk , 2013, FSE.

[8]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[9]  Yuval Ishai,et al.  Private Circuits: Securing Hardware against Probing Attacks , 2003, CRYPTO.

[10]  Huaxiong Wang,et al.  On 3-Share Threshold Implementations for 4-Bit S-boxes , 2013, COSADE.

[11]  Sylvain Guilley,et al.  Multivariate High-Order Attacks of Shuffled Tables Recomputation , 2015, Journal of Cryptology.

[12]  Emmanuel Prouff,et al.  A Generic Method for Secure SBox Implementation , 2007, WISA.

[13]  Sylvain Guilley,et al.  Analysis and Improvements of the DPA Contest v4 Implementation , 2014, SPACE.

[14]  Jerry den Hartog,et al.  You Cannot Hide behind the Mask: Power Analysis on a Provably Secure S-Box Implementation , 2009, WISA.

[15]  Sylvain Guilley,et al.  RSM: A small and fast countermeasure for AES, secure against 1st and 2nd-order zero-offset SCAs , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[16]  Manfred von Willich A Technique with an Information-Theoretic Basis for Protecting Secret Data from Differential Power Attacks , 2001, IMACC.

[17]  Jean-Sébastien Coron,et al.  Higher Order Masking of Look-up Tables , 2014, IACR Cryptol. ePrint Arch..