Abstract-Security of cryptographic embedded devices has become a prevalent concern, especially since the introduction of Differential Power Analysis (DPA) by Paul Kocher et al. In the past years, many efforts have been made to improve the resistance against Side Channel Attack (SCA) of cryptographic devices. Among the countermeasures, masking is a typical and efficient strategy. However, a number of effective attacks on masked cryptographic devices have been developed in recent years, and this paper continues this line of research. On theory, a DES with a masking scheme is secure under first order SCA, but we dig out a new leakage problem which makes it possible to attack a masked DES without using higher-order power analysis. Concretely, we perform a first-order correlation power analysis based on the leakage relationship between two different arithmetic components of DES. And the reason for this leakage is analyzed and verified by us through simulation and real card attacks.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.