Mutual Information Analysis: How, When and Why?

  • Nicolas Veyrat-Charvillon
  • François-Xavier Standaert
Conference paper

DOI: 10.1007/978-3-642-04138-9_30

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5747)
Cite this paper as:
Veyrat-Charvillon N., Standaert FX. (2009) Mutual Information Analysis: How, When and Why?. In: Clavier C., Gaj K. (eds) Cryptographic Hardware and Embedded Systems - CHES 2009. Lecture Notes in Computer Science, vol 5747. Springer, Berlin, Heidelberg


The Mutual Information Analysis (MIA) is a generic side-channel distinguisher that has been introduced at CHES 2008. This paper brings three contributions with respect to its applicability to practice. First, we emphasize that the MIA principle can be seen as a toolbox in which different (more or less effective) statistical methods can be plugged in. Doing this, we introduce interesting alternatives to the original proposal. Second, we discuss the contexts in which the MIA can lead to successful key recoveries with lower data complexity than classical attacks such as, e.g. using Pearson’s correlation coefficient. We show that such contexts exist in practically meaningful situations and analyze them statistically. Finally, we study the connections and differences between the MIA and a framework for the analysis of side-channel key recovery published at Eurocrypt 2009. We show that the MIA can be used to compare two leaking devices only if the discrete models used by an adversary to mount an attack perfectly correspond to the physical leakages.

Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Nicolas Veyrat-Charvillon
    • 1
  • François-Xavier Standaert
    • 1
  1. 1.UCL Crypto GroupUniversité catholique de LouvainLouvain-la-NeuveBelgium

Personalised recommendations