The World Is Not Enough: Another Look on Second-Order DPA

13 years 2 months ago

Download eprint.iacr.org

In a recent work, Mangard et al. showed that under certain assumptions, the (so-called) standard univariate side-channel attacks using a distance-of-means test, correlation analysis and Gaussian templates are essentially equivalent. In this paper, we show that in the context of multivariate attacks against masked implementations, this conclusion does not hold anymore. While a single distinguisher can be used to compare the susceptibility of different unprotected devices to first-order DPA, understanding second-order attacks requires to carefully investigate the information leakages and the adversaries exploiting these leakages, separately. Using a framework put forward by Standaert et al. at Eurocrypt 2009, we provide the first analysis that explores these two topics in the case of a masked implementation exhibiting a Hamming weight leakage model. Our results lead to refined intuitions regarding the efficiency of various practically-relevant distinguishers. Further, we also investigate...

François-Xavier Standaert, Nicolas Veyrat-C

Real-time Traffic

ASIACRYPT 2010 | Cryptology | Necessary Noise Level | Univariate Side-channel Attacks | Weight Leakage Model |

claim paper

Post Info
More Details (n/a)

Added	10 Feb 2011
Updated	10 Feb 2011
Type	Journal
Year	2010
Where	ASIACRYPT
Authors	François-Xavier Standaert, Nicolas Veyrat-Charvillon, Elisabeth Oswald, Benedikt Gierlichs, Marcel Medwed, Markus Kasper, Stefan Mangard

Comments (0)

Sciweavers

The World Is Not Enough: Another Look on Second-Order DPA

ASIACRYPT 2010 | Cryptology | Necessary Noise Level | Univariate Side-channel Attacks | Weight Leakage Model |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers