The Myth of Generic DPA…and the Magic of Learning
A generic DPA strategy is one which is able to recover secret information from physically observable device leakage without any a priori knowledge about the device’s leakage characteristics. Here we provide much-needed clarification on results emerging from the existing literature, demonstrating precisely that such methods (strictly defined) are inherently restricted to a very limited selection of target functions. Continuing to search related techniques for a ‘silver bullet’ generic attack appears a bootless errand. However, we find that a minor relaxation of the strict definition—the incorporation of some minimal non-device-specific intuition—produces scope for generic-emulating strategies, able to succeed against a far wider range of targets. We present stepwise regression as an example of such, and demonstrate its effectiveness in a variety of scenarios. We also give some evidence that its practical performance matches that of ‘best bit’ DoM attacks which we take as further indication for the necessity of performing profiled attacks in the context of device evaluations.
Keywordsside-channel analysis differential power analysis
Unable to display preview. Download preview PDF.
- 1.The DPA Contest, http://www.dpacontest.org/
- 5.Canovas, C., Clediere, J.: What Do S-boxes Say in Differential Side Channel Attacks? Cryptology ePrint Archive, Report 2005/311 (2005)Google Scholar
- 11.Gierlichs, B.: Statistical and Information-Theoretic Methods for Power Analysis on Embedded Cryptography. PhD thesis, Katholieke Universiteit Leuven, Faculty of Engineering (2011)Google Scholar
- 19.NIST. Security Requirements for Cryptographic Modules (Revised Draft). Technical Report FIPS PUB 140-3, US Department of Commerce (December 2009)Google Scholar
- 26.Standaert, F.-X., Gierlichs, B., Verbauwhede, I.: Partition vs. Comparison Side-Channel Distinguishers: An Empirical Evaluation of Statistical Tests for Univariate Side-Channel Attacks against Two Unprotected CMOS Devices. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 253–267. Springer, Heidelberg (2009)CrossRefGoogle Scholar
- 35.Whitnall, C., Oswald, E., Mather, L.: An Exploration of the Kolmogorov-Smirnov Test as Competitor to Mutual Information Analysis. Cryptology ePrint Archive, Report 2011/380 (2011), http://eprint.iacr.org/