Towards Sound Approaches to Counteract Power-Analysis Attacks
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
DES and Differential Power Analysis (The "Duplication" Method)
CHES '99 Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems
Using Second-Order Power Analysis to Attack DPA Resistant Software
CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Power Analysis Attacks: Revealing the Secrets of Smart Cards (Advances in Information Security)
Power Analysis Attacks: Revealing the Secrets of Smart Cards (Advances in Information Security)
Dynamic differential self-timed logic families for robust and low-power security ICs
Integration, the VLSI Journal
Block Ciphers Implementations Provably Secure Against Second Order Side Channel Analysis
Fast Software Encryption
CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Statistical Analysis of Second Order Differential Power Analysis
IEEE Transactions on Computers
Theoretical and Practical Aspects of Mutual Information Based Side Channel Analysis
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
Mutual Information Analysis: How, When and Why?
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Mutual Information Analysis: a Comprehensive Study
Journal of Cryptology - Special Issue on Hardware and Security
A formal study of power variability issues and side-channel attacks for nanoscale devices
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
A comprehensive evaluation of mutual information analysis using a fair evaluation framework
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
A stochastic model for differential side channel cryptanalysis
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
Successfully attacking masked AES hardware implementations
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
Revisiting higher-order DPA attacks: multivariate mutual information analysis
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Efficient entropy estimation for mutual information analysis using b-splines
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
Analyzing side channel leakage of masked implementations with stochastic methods
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Information theoretic and security analysis of a 65-nanometer DDSLL AES S-box
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
On the power of fault sensitivity analysis and collision side-channel attacks in a combined setting
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Statistical tools flavor side-channel collision attacks
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Multi-location leakage resilient cryptography
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Optimal first-order masking with linear and non-linear bijections
AFRICACRYPT'12 Proceedings of the 5th international conference on Cryptology in Africa
Unified and optimized linear collision attacks and their application in a non-profiled setting
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Comparison between side-channel analysis distinguishers
ICICS'12 Proceedings of the 14th international conference on Information and Communications Security
ACM Transactions on Information and System Security (TISSEC)
Block ciphers that are easier to mask: how far can we go?
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
Hi-index | 0.00 |
The goal of generic side-channel distinguishers is to allow key recoveries against any type of implementation, under minimum assumptions on the underlying hardware. Such distinguishers are particularly interesting in view of recent technological advances. Indeed, the traditional leakage models used in side-channel attacks, based on the Hamming weight or distance of the data contained in an implementation, are progressively invalidated by the increased variability in nanoscale electronic devices. In this paper, we consequently provide two contributions related to the application of side-channel analysis against emerging cryptographic implementations. First, we describe a new statistical test that is aimed to be generic and efficient when exploiting high-dimensional leakages. The proposed distinguisher is fully non-parametric. It formulates the leakage distributions using a copula and discriminates keys based on the detection of an "outlier behavior". Next, we provide experiments putting forward the limitations of generic side-channel analysis in advanced scenarios, where leaking devices are protected with countermeasures. Our results exhibit that all non-profiled attacks published so far can sometimes give a false sense of security, due to incorrect leakage models. That is, there exists settings in which an implementation is secure against such non-profiled attacks and can be defeated with profiling. This confirms that the evaluations of cryptographic implementations should always consider profiling, as a worst case scenario.