Towards Sound Approaches to Counteract Power-Analysis Attacks
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
DES and Differential Power Analysis (The "Duplication" Method)
CHES '99 Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems
On Boolean and Arithmetic Masking against Differential Power Analysis
CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
Using Second-Order Power Analysis to Attack DPA Resistant Software
CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Elements of Information Theory (Wiley Series in Telecommunications and Signal Processing)
Elements of Information Theory (Wiley Series in Telecommunications and Signal Processing)
CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Information Security and Cryptology --- ICISC 2008
A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Statistical Analysis of Second Order Differential Power Analysis
IEEE Transactions on Computers
Theoretical and Practical Aspects of Mutual Information Based Side Channel Analysis
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
Practical second-order DPA attacks for masked smart card implementations of block ciphers
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
Higher order masking of the AES
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
On second-order differential power analysis
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
An AES smart card implementation resistant to power analysis attacks
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Template attacks on masking—resistance is futile
CT-RSA'07 Proceedings of the 7th Cryptographers' track at the RSA conference on Topics in Cryptology
Mutual information analysis under the view of higher-order statistics
IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
Theoretical and practical aspects of mutual information-based side channel analysis
International Journal of Applied Cryptography
Leakage squeezing countermeasure against high-order attacks
WISTP'11 Proceedings of the 5th IFIP WG 11.2 international conference on Information security theory and practice: security and privacy of mobile devices in wireless communication
Generic side-channel distinguishers: improvements and limitations
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
A first-order leak-free masking countermeasure
CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
Towards different flavors of combined side channel attacks
CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
Blind cartography for side channel attacks: cross-correlation cartography
International Journal of Reconfigurable Computing - Special issue on Selected Papers from the International Conference on Reconfigurable Computing and FPGAs (ReConFig'10)
How far should theory be from practice?: evaluation of a countermeasure
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Selecting time samples for multivariate DPA attacks
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Power Analysis of Hardware Implementations Protected with Secret Sharing
MICROW '12 Proceedings of the 2012 45th Annual IEEE/ACM International Symposium on Microarchitecture Workshops
RSM: a small and fast countermeasure for AES, secure against 1st and 2nd-order zero-offset SCAs
DATE '12 Proceedings of the Conference on Design, Automation and Test in Europe
Revealing side-channel issues of complex circuits by enhanced leakage models
DATE '12 Proceedings of the Conference on Design, Automation and Test in Europe
Sleuth: automated verification of software power analysis countermeasures
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
Hi-index | 0.00 |
Security devices are vulnerable to side-channel attacks that perform statistical analysis on data leaked from cryptographic computations. Higher-order (HO) attacks are a powerful approach to break protected implementations. They inherently demand multivariate statistics because multiple aspects of signals have to be analyzed jointly. However, most works on HO attacks follow the approach to first apply a pre-processing function to map the multivariate problem to a univariate problem and then to apply established 1st order techniques. We propose a novel and different approach to HO attacks, Multivariate Mutual Information Analysis (MMIA), that allows to directly evaluate joint statistics without pre-processing. While this approach can benefit from a good power model, it also works without an assumption. We present the first experimental results for 2nd and 3rd order MMIA as well as state-of-the-art HO attacks based on real measurements. A thorough empirical evaluation confirms the advantage of the new approach: 3rd order MMIA attacks require about 800 measurements to achieve 100% success while state-of-the-art HODPA requires 1000 measurements to achieve about 40% success. As a consequence, the security provided by the masking countermeasure needs to be reconsidered as 3rd and possibly higher order attacks become more practical.