Theoretical and Practical Aspects of Mutual Information Based Side Channel Analysis

  • Emmanuel Prouff
  • Matthieu Rivain
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5536)


A large variety of side channel analyses performed on embedded devices involve the linear correlation coefficient as wrong-key distinguisher. This coefficient is actually a sound statistical tool to quantify linear dependencies between univariate variables. However, when those dependencies are non-linear, the correlation coefficient stops being pertinent so that another statistical tool must be investigated. Recent works showed that the Mutual Information measure is a promising candidate, since it detects any kind of statistical dependency. Substituting it for the correlation coefficient may therefore be considered as a natural extension of the existing attacks. Nevertheless, the first applications published at CHES 2008 have revealed several limitations of the approach and have raised several questions. In this paper, an in-depth analysis of side channel attacks involving the mutual information is conducted. We expose their theoretical foundations and we assess their limitations and assets. Also, we generalize them to higher orders where they seem to be an efficient alternative to the existing attacks. Eventually, we provide simulations and practical experiments that validate our theoretical analyses.


Mutual Information Conditional Entropy Parametric Estimation Method Noise Standard Deviation Histogram Method 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: [18], pp. 388–397Google Scholar
  2. 2.
    Brier, E., Clavier, C., Olivier, F.: Correlation Power Analysis with a Leakage Model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  3. 3.
    Chari, S., Rao, J., Rohatgi, P.: Template Attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–29. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  4. 4.
    Gierlichs, B., Batina, L., Tuyls, P., Preneel, B.: Mutual information analysis. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 426–442. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  5. 5.
    Aumonier, S.: Generalized Correlation Power Analysis. In: Proceedings of the Ecrypt Workshop Tools For Cryptanalysis 2007 (2007)Google Scholar
  6. 6.
    Carreira-Perpinan, M.: Mode-finding for mixtures of Gaussian distributions Carreira-Perpinan. IEEE Transactions on Pattern Analysis and Machine Intelligence 22(11), 1318–1323 (2000)CrossRefGoogle Scholar
  7. 7.
    Standaert, F.X., Malkin, T.G., Yung, M.: A Formal Practice-Oriented Model For The Analysis of Side-Channel Attacks. Cryptology ePrint Archive, Report 2006/139 (2006)Google Scholar
  8. 8.
    Chari, S., Jutla, C., Rao, J., Rohatgi, P.: Towards Sound Approaches to Counteract Power-Analysis Attacks. In: [18], pp. 398–412Google Scholar
  9. 9.
    Prouff, E., Rivain, M., Bévan, R.: Statistical Analysis of Second Order Differential Power Analysis. IEEE Transactions on Computers (to appear, 2009)Google Scholar
  10. 10.
    Canteaut, A., Trabbia, M.: Improved Fast Correlation Attacks Using Parity-Check Equations of Weight 4 and 5. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 573–588. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  11. 11.
    Turlach, B.A.: Bandwidth selection in kernel density estimation: A review. In: CORE and Institut de Statistique, pp. 23–493 (1993)Google Scholar
  12. 12.
    Wand, M.P.: Data-based choice of histogram bin width. The American Statistician 51, 59–64 (1997)Google Scholar
  13. 13.
    Silverman, B.: Density Estimation for Statistics and Data Analysis. Chapman and Hall, Boca Raton (1986)CrossRefzbMATHGoogle Scholar
  14. 14.
    Wasserman, L.: All of Statistics: A Concise Course in Statistical Inference. Springer Texts in Statistics (2005)Google Scholar
  15. 15.
    Beirlant, J., Dudewicz, E.J., Györfi, L., Meulen, E.C.: Nonparametric entropy estimation: An overview. International Journal of the Mathematical Statistics Sciences 6, 17–39 (1997)MathSciNetzbMATHGoogle Scholar
  16. 16.
    Gray, A.G., Moore, A.W.: Nonparametric density estimation: Toward computational tractability. In: Proceedings of the Third SIAM International Conference on Data Mining. SIAM, Philadelphia (2003)Google Scholar
  17. 17.
    Guilley, S., Sauvage, L., Hoogvorst, P., Pacalet, R., Bertoni, G.M., Chaudhuri, S.: Security evaluation of wddl and seclib countermeasures against power attacks. IEEE Transactions on Computers 57(11), 1482–1497 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  18. 18.
    Wiener, M. (ed.): CRYPTO 1999. LNCS, vol. 1666. Springer, Heidelberg (1999)zbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Emmanuel Prouff
    • 2
  • Matthieu Rivain
    • 1
    • 2
  1. 1.University of LuxembourgLuxembourg
  2. 2.Oberthur TechnologiesFrance

Personalised recommendations