Detecting Hidden Leakages

Moradi, Amir; Guilley, Sylvain; Heuser, Annelie

doi:10.1007/978-3-319-07536-5_20

Cited by 47 publications

(28 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The masked block-cipher AES-256 in encryption mode without any mode of operation is implemented on target cryptographic device Atmel ATMega-163-based smart card. The implemented masking scheme is a variant of the Rotating Sbox Masking [23], [64]. According to the authors, this masking scheme keeps performance and complexity close to the unprotected scheme and is resistant to several side-channel attacks.…”

Section: Settings Of Experimentsmentioning

confidence: 99%

See 1 more Smart Citation

k-Nearest Neighbors Algorithm in Profiling Power Analysis Attacks

Malina¹,

Zeman²,

Martinasek³

et al. 2016

RADIOENGINEERING

View full text Add to dashboard Cite

show abstract

Section: Settings Of Experimentsmentioning

confidence: 99%

“…offset value, which is drawn randomly at the beginning of computation, is a secret value. Mask values are rotating according to the offset value [23], [64]. Each stored trace has 435 002 samples associated to the same secret key and corresponds to the first and to the beginning of the second round of AES algorithm.…”

Section: Settings Of Experimentsmentioning

confidence: 99%

k-Nearest Neighbors Algorithm in Profiling Power Analysis Attacks

Malina¹,

Zeman²,

Martinasek³

et al. 2016

RADIOENGINEERING

View full text Add to dashboard Cite

show abstract

“…Similarly MixColumns can also be identified by just looking the bytes manipulated together. Moreover, detecting precise leakage points of each operation can help an attacker run collision attacks (see e.g., [27,26]). …”

Section: Accelerating Side-channel Attacksmentioning

confidence: 99%

Side-channel leakage and trace compression using normalized inter-class variance

Bhasin

Danger

Guilley

et al. 2014

Proceedings of the Third Workshop on Hardware and Architectural Support for Security and Privacy

Self Cite

View full text Add to dashboard Cite

Security and safety critical devices must undergo penetration testing including Side-Channel Attacks (SCA) before certification. SCA are powerful and easy to mount but often need huge computation power, especially in the presence of countermeasures. Few efforts have been done to reduce the computation complexity of SCA by selecting a small subset of points where leakage prevails. In this paper, we propose a method to detect relevant leakage points in side-channel traces. The method is based on Normalized Inter-Class Variance (NICV). A key advantage of NICV over state-of-the-art is that NICV does neither need a clone device nor the knowledge of secret parameters of the crypto-system. NICV has a low computation requirement and it detects leakage using public information like input plaintexts or output ciphertexts only. It is shown that NICV can be related to Pearson correlation and signal to noise ratio (SNR) which are standard metrics. NICV can be used to theoretically compute the minimum number of traces required to attack an implementation. A theoretical rationale of NICV with some practical application on real crypto-systems are provided to support our claims.

show abstract

“…In RSM only sixteen Substitution boxes (S-boxes) are used and all the sixteen outputs of SubBytes are masked by a different mask. We take great in this paper to exploit second-order leakage (in particular, we avoid the first-order leakage identified by Moradi et al [15]). Moreover, the same mask is used for the AddRoundKey operation where it is XORed to one plaintext byte P and in the SubBytes operation where it is XORed with the S-box output depending on another plaintext byte P .…”

Section: Implementation Of the Masking Schemementioning

confidence: 99%

Boosting Higher-Order Correlation Attacks by Dimensionality Reduction

Bruneau

Danger

Guilley

et al. 2014

Security, Privacy, and Applied Cryptography Engineering

Self Cite

View full text Add to dashboard Cite

Abstract. Multi-variate side-channel attacks allow to break higher-order masking protections by combining several leakage samples. But how to optimally extract all the information contained in all possible d-tuples of points? In this article, we introduce preprocessing tools that answer this question. We first show that maximizing the higher-order CPA coefficient is equivalent to finding the maximum of the covariance. We apply this equivalence to the problem of trace dimensionality reduction by linear combination of its samples. Then we establish the link between this problem and the Principal Component Analysis. In a second step we present the optimal solution for the problem of maximizing the covariance. We also theoretically and empirically compare these methods. We finally apply them on real measurements, publicly available under the DPA Contest v4, to evaluate how the proposed techniques improve the second-order CPA (2O-CPA).

show abstract

Detecting Hidden Leakages

Cited by 47 publications

References 40 publications

k-Nearest Neighbors Algorithm in Profiling Power Analysis Attacks

k-Nearest Neighbors Algorithm in Profiling Power Analysis Attacks

Side-channel leakage and trace compression using normalized inter-class variance

Boosting Higher-Order Correlation Attacks by Dimensionality Reduction

Contact Info

Product

Resources

About