A new key rank estimation method to investigate dependent key lists of side channel attacks

Rank estimation algorithm (REA) is a useful post-analysis tool to evaluate key recovery threat of real side-channel attacks. The existing rank estimation algorithms only consider the score lists of independent subkeys. This paper looks at dependent score lists, which correspond to the result of the key-recovery attack and the key-difference recovery attack, e.g. k0, k1 and k0,1· First, we propose a new REA that can combine the dependent score lists called DK-REA. After selecting one subkey value, the rest subkey lists and key difference lists are combined to create new score lists for further key rank estimation in DK-REA. With simulated side-channel leakage of AES-128, we apply DK-REA to investigate the correct key rank when different score lists are combined. Our result shows that when the number of power traces is enough to obtain reliable results, merging more score lists leads to the rise of the correct key's rank up to 220. When the number of dependent score lists added is over a certain amount, the rank will drop with the added score lists.

[1]  Tanja Lange,et al.  Tighter, faster, simpler side-channel security evaluations beyond computing power , 2015, IACR Cryptol. ePrint Arch..

[2]  Romain Poussier,et al.  Simpler and More Efficient Rank Estimation for Side-Channel Security Assessment , 2015, FSE.

[3]  Andrey Bogdanov,et al.  Fast and Memory-Efficient Key Recovery in Side-Channel Attacks , 2015, SAC.

[4]  Avishai Wool,et al.  A Bounded-Space Near-Optimal Key Enumeration Algorithm for Multi-subkey Side-Channel Attacks , 2017, CT-RSA.

[5]  Amir Moradi,et al.  Side-Channel Leakage through Static Power - Should We Care about in Practice? , 2014, CHES.

[6]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[7]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[8]  François-Xavier Standaert,et al.  Security Evaluations beyond Computing Power , 2013, EUROCRYPT.

[9]  François-Xavier Standaert,et al.  An optimal Key Enumeration Algorithm and its Application to Side-Channel Attacks , 2012, IACR Cryptol. ePrint Arch..

[10]  Thomas Eisenbarth,et al.  Correlation-Enhanced Power Analysis Collision Attack , 2010, CHES.

[11]  Elisabeth Oswald,et al.  Counting Keys in Parallel After a Side Channel Attack , 2015, ASIACRYPT.

[12]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[13]  Yang Li,et al.  On the Power of Fault Sensitivity Analysis and Collision Side-Channel Attacks in a Combined Setting , 2011, CHES.

[14]  Moti Yung,et al.  A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks (extended version) , 2009, IACR Cryptol. ePrint Arch..

[15]  Christof Paar,et al.  Large laser spots and fault sensitivity analysis , 2016, 2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[16]  Jerry den Hartog,et al.  Improving DPA by Peak Distribution Analysis , 2010, Selected Areas in Cryptography.

[17]  Christof Paar,et al.  A New Class of Collision Attacks and Its Application to DES , 2003, FSE.

[18]  Thomas Roche,et al.  Collision-Correlation Attack against Some 1st-Order Boolean Masking Schemes in the Context of Secure Devices , 2013, COSADE.

[19]  Willi Meier,et al.  Analysis of Pseudo Random Sequence Generated by Cellular Automata , 1991, EUROCRYPT.