Theoretical and Practical Aspects of Mutual Information Based Side Channel Analysis
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
First-Order Side-Channel Attacks on the Permutation Tables Countermeasure
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Higher-Order Masking and Shuffling for Software Implementations of Block Ciphers
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Improving first order differential power attacks through digital signal processing
Proceedings of the 3rd international conference on Security of information and networks
Mutual information analysis under the view of higher-order statistics
IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
Theoretical and practical aspects of mutual information-based side channel analysis
International Journal of Applied Cryptography
WISA'10 Proceedings of the 11th international conference on Information security applications
Affine masking against higher-order side channel analysis
SAC'10 Proceedings of the 17th international conference on Selected areas in cryptography
Generic side-channel distinguishers: improvements and limitations
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Protecting AES with Shamir's secret sharing scheme
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Extractors against side-channel attacks: weak or strong?
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Revisiting higher-order DPA attacks: multivariate mutual information analysis
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Masking with randomized look up tables
Cryptography and Security
A first-order leak-free masking countermeasure
CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
INDOCRYPT'11 Proceedings of the 12th international conference on Cryptology in India
Blind cartography for side channel attacks: cross-correlation cartography
International Journal of Reconfigurable Computing - Special issue on Selected Papers from the International Conference on Reconfigurable Computing and FPGAs (ReConFig'10)
Conversion of security proofs from one leakage model to another: a new issue
COSADE'12 Proceedings of the Third international conference on Constructive Side-Channel Analysis and Secure Design
Optimal first-order masking with linear and non-linear bijections
AFRICACRYPT'12 Proceedings of the 5th international conference on Cryptology in Africa
Selecting time samples for multivariate DPA attacks
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Shuffling against side-channel attacks: a comprehensive study with cautionary note
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Horizontal and vertical side-channel attacks against secure RSA implementations
CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
Power Analysis of Hardware Implementations Protected with Secret Sharing
MICROW '12 Proceedings of the 2012 45th Annual IEEE/ACM International Symposium on Microarchitecture Workshops
Side-channel indistinguishability
Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy
RSM: a small and fast countermeasure for AES, secure against 1st and 2nd-order zero-offset SCAs
DATE '12 Proceedings of the Conference on Design, Automation and Test in Europe
A low-entropy first-degree secure provable masking scheme for resource-constrained devices
Proceedings of the Workshop on Embedded Systems Security
COSADE'13 Proceedings of the 4th international conference on Constructive Side-Channel Analysis and Secure Design
Hi-index | 14.98 |
Second order Differential Power Analysis (2O-DPA) is a powerful side-channel attack that allows an attacker to bypass the widely used masking countermeasure. To thwart 2O-DPA, higher order masking may be employed but it implies a nonnegligible overhead. In this context, there is a need to know how efficient a 2O-DPA can be, in order to evaluate the resistance of an implementation that uses first order masking and, possibly, some hardware countermeasures. Different methods of mounting a practical 2O-DPA attack have been proposed in the literature. However, it is not yet clear which of these methods is the most efficient. In this paper, we give a formal description of the higher order DPA that are mounted against software implementations. We then introduce a framework in which the attack efficiencies may be compared. The attacks we focus on involve the combining of several leakage signals and the computation of correlation coefficients to discriminate the wrong key hypotheses. In the second part of this paper, we pay particular attention to 2O-DPA that involves the product combining or the absolute difference combining. We study them under the assumption that the device leaks the Hamming weight of the processed data together with an independent Gaussian noise. After showing a way to improve the product combining, we argue that in this model, the product combining is more efficient not only than absolute difference combining, but also than all the other combining techniques proposed in the literature.