[Resource Topic] 2009/228: Revisiting Higher-Order DPA Attacks: Multivariate Mutual Information Analysis

Welcome to the resource topic for 2009/228

Title:
Revisiting Higher-Order DPA Attacks: Multivariate Mutual Information Analysis

Authors: Benedikt Gierlichs, Lejla Batina, Bart Preneel, Ingrid Verbauwhede

Abstract:

Security devices are vulnerable to side-channel attacks that perform statistical analysis on data leaked from cryptographic computations. Higher-order (HO) attacks are a powerful approach to break protected implementations. They inherently demand multivariate statistics because multiple aspects of signals have to be analyzed jointly. However, all published works on HO attacks follow the approach to first apply a pre-processing function to map the multivariate problem to a univariate problem and then to apply established 1^{st} order techniques. We propose a novel and different approach to HO attacks, Multivariate Mutual Information Analysis (MMIA), that allows to directly evaluate joint statistics without pre-processing. While this approach can benefit from a good power model, it also works without an assumption. A thorough empirical evaluation of MMIA and established HO attacks confirms the overwhelming advantage of the new approach: MMIA is more efficient and less affected by noise. Most important and opposed to all published approaches, MMIA’s measurement cost grows sub-exponentially with the attack order. As a consequence, the security provided by the masking countermeasure needs to be reconsidered as 3^{rd} and higher order attacks become very practical.

ePrint: https://eprint.iacr.org/2009/228

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .