Mode-Finding for Mixtures of Gaussian Distributions
IEEE Transactions on Pattern Analysis and Machine Intelligence
Towards Sound Approaches to Counteract Power-Analysis Attacks
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Pattern Recognition and Machine Learning (Information Science and Statistics)
Pattern Recognition and Machine Learning (Information Science and Statistics)
Gaussian Mixture Models for Higher-Order Side Channel Analysis
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Security Evaluation of WDDL and SecLib Countermeasures against Power Attacks
IEEE Transactions on Computers
A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Statistical Analysis of Second Order Differential Power Analysis
IEEE Transactions on Computers
Theoretical and Practical Aspects of Mutual Information Based Side Channel Analysis
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
Mutual Information Analysis: How, When and Why?
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
A Comparative Study of Mutual Information Analysis under a Gaussian Assumption
Information Security Applications
All of Statistics: A Concise Course in Statistical Inference
All of Statistics: A Concise Course in Statistical Inference
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Revisiting higher-order DPA attacks: multivariate mutual information analysis
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Protecting AES with Shamir's secret sharing scheme
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Hi-index | 0.00 |
A large variety of side channel analyses performed on embedded devices involve the linear correlation coefficient as wrong-key distinguisher. This coefficient is actually a sound statistical tool to quantify linear dependencies between univariate variables. At CHES 2008, Gierlichs et al. proposed to use the mutual information measure as an alternative to the correlation coefficient since it detects any kind of statistical dependency. Substituting it for the correlation coefficient may indeed be considered as a natural extension of the existing attacks. Nevertheless, the first published applications have raised several open issues. In this paper, we conduct a theoretical analysis of MIA in the Gaussian leakage model to explore the reasons why and when it is a sound key recovery attack. Also, we generalise MIA to higher-orders (i.e., against masked implementations). Secondly, we address the main practical issue of MIA: the mutual information estimation which itself relies on the estimation of statistical distributions. We describe three classical estimation methods and we apply them in the context of MIA. Eventually, we present various attack simulations and practical attack experiments that allow us to check the efficiency of MIA in practice and to compare it to classical correlation-based attacks.