Journal of Cryptographic Engineering

, Volume 4, Issue 4, pp 259–274

Practical improvements of side-channel attacks on AES: feedback from the 2nd DPA contest

  • Christophe Clavier
  • Jean-Luc Danger
  • Guillaume Duc
  • M. Abdelaziz Elaabid
  • Benoît Gérard
  • Sylvain Guilley
  • Annelie Heuser
  • Michael Kasper
  • Yang Li
  • Victor Lomné
  • Daisuke Nakatsu
  • Kazuo Ohta
  • Kazuo Sakiyama
  • Laurent Sauvage
  • Werner Schindler
  • Marc Stöttinger
  • Nicolas Veyrat-Charvillon
  • Matthieu Walle
  • Antoine Wurcker
Regular Paper

DOI: 10.1007/s13389-014-0075-9

Cite this article as:
Clavier, C., Danger, JL., Duc, G. et al. J Cryptogr Eng (2014) 4: 259. doi:10.1007/s13389-014-0075-9

Abstract

Side-channel analyses constitute a major threat for embedded devices, because they allow an attacker to recover secret keys without the device being aware of the sensitive information theft. They have been proved to be efficient in practice on many deployed cryptosystems. Even during the standardization process for the AES, many scientists have raised the attention on the potential vulnerabilities against implementation-level attacks Chari et al. (A Cautionary Note Regarding Evaluation of AES Candidates on Smart-cards, 133–147, 1999). The evaluation of devices against side-channel attacks is now common practice, especially in ITSEFs. This procedure has even been formalized recently Standaert et al. (EUROCRYPT LNCS 5479:443–461, 2009). The framework suggests to estimate the leakage via an information theoretic metric, and the performance of real attacks thanks to either the success rates or the guessing entropy metrics. The DPA contests are a series of international challenges that allow researchers to improve existing side-channel attacks or develop new ones and compare their effectiveness on several reference sets of power consumption traces using a common methodology. In this article, we focus on the second edition of this contest, which targeted a FPGA-based implementation of AES. This article has been written jointly with several of the participants who describe their tactics used in their attacks and their improvements beyond the state of the art. In particular, this feedback puts to the fore some considerations seldom described in the scientific literature, yet relevant to increase the convergence rate of attacks. These considerations concern in particular the correction of acquisition defects such as the drifting side-channel leakage, the identification of the most leaking samples, the order in which subkeys are attacked, how to exploit subkeys that are revealed easily to help retrieve subkeys that leak less, and non-linear leakage models.

Keywords

SCA CPA Profiled attacks AES DPA contest Attacks metrics 

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Christophe Clavier
    • 3
  • Jean-Luc Danger
    • 1
  • Guillaume Duc
    • 1
  • M. Abdelaziz Elaabid
    • 1
  • Benoît Gérard
    • 9
  • Sylvain Guilley
    • 1
  • Annelie Heuser
    • 1
  • Michael Kasper
    • 5
  • Yang Li
    • 2
  • Victor Lomné
    • 8
  • Daisuke Nakatsu
    • 2
  • Kazuo Ohta
    • 2
  • Kazuo Sakiyama
    • 2
  • Laurent Sauvage
    • 1
  • Werner Schindler
    • 6
  • Marc Stöttinger
    • 7
  • Nicolas Veyrat-Charvillon
    • 9
  • Matthieu Walle
    • 4
  • Antoine Wurcker
    • 3
  1. 1.CNRS LTCI, COMELEC labInstitut Mines-Télécom/Télécom ParisTechParis Cedex 13France
  2. 2.The University of Electro-CommunicationsTokyoJapan
  3. 3.XLIMUniversité de LimogesLimogesFrance
  4. 4.Thales CommunicationsParisFrance
  5. 5.Fraunhofer Institute for Secure Information, Center for Advanced Research DarmstadtDarmstadtGermany
  6. 6.Bundesamt für Sicherheit in der Informationstechnik (BSI), Center for Advanced Research DarmstadtBonn, DarmstadtGermany
  7. 7.Division of Mathematical SciencesNanyang Technological University/PACE Temasek LaboratoriesSingaporeSingapore
  8. 8.Agence Nationale de la Sécurité des Systèmes d’Information (ANSSI)ParisFrance
  9. 9.Université Catholique de LouvainLouvainBelgium

Personalised recommendations