Leakage Squeezing Countermeasure against High-Order Attacks

  • Houssem Maghrebi
  • Sylvain Guilley
  • Jean-Luc Danger
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6633)


In the recent years, side channel attacks have been widely investigated. In particular, second order attacks (2O-attacks) have been improved and successfully applied to break many masked implementations. In this context we propose a new concept to hinder attacks of all order: instead of injecting more entropy, we make the most of a single-mask entropy. With specially crafted bijections instantiated on the mask path, we manage to reduce the inter-class variance (method we call “leakage squeezing”) so that the leakage distributions become almost independent from the processed data. We present two options for this countermeasure. The first one is based on a recoded memory with a size squared w.r.t. the unprotected requirement, whilst the second one is an enhancement alleviating the requirement for a large memory. We theoretically prove the robustness of those implementations and practically evaluate their security improvements. This is attested by a robustness evaluation based on an information theoretic framework and by a 2O-DPA, an EPA and a multi-variate mutual information analysis (MMIA) attack metric. As opposed to software-oriented 3O-DPA-proof countermeasures that seriously impact the performances, our is hardware-oriented and keeps a complexity similar to that of a standard 2O-attack countermeasure with an almost untouched throughput, which is a predominant feature in computing-intensive applications.


Higher-Order Differential Power Analysis Variance-based Power Attack (VPA) Multi-variate Mutual Information Analysis (MMIA) Masking Countermeasure Leakage Squeezing FPGA 


  1. 1.
    Agrawal, D., Archambeault, B., Rao, J.R., Rohatgi, P.: The EM side-channel(s). In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 29–45. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  2. 2.
    Akkar, M.-L., Giraud, C.: An Implementation of DES and AES, Secure against Some Attacks (Paris, France). In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 309–318. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  3. 3.
    Akkar, M.-L., Goubin, L.: A Generic Protection against High-Order Differential Power Analysis. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 192–205. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  4. 4.
    Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards Sound Approaches to Counteract Power-Analysis Attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, p. 398. Springer, Heidelberg (1999) ISBN: 3-540-66347-9Google Scholar
  5. 5.
    Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    Chow, S., Eisen, P.A., Johnson, H., van Oorschot, P.C.: A White-Box DES Implementation for DRM Applications. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 1–15. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  7. 7.
    Fumaroli, G., Martinelli, A., Prouff, E., Rivain, M.: Affine masking against higher-order side channel analysis. Cryptology ePrint Archive, Report 2010/523, To be published at SAC 2010 (2010),
  8. 8.
    Gierlichs, B., Batina, L., Preneel, B., Verbauwhede, I.: Revisiting higher-order DPA attacks: In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 221–234. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  9. 9.
    Kim, C., Schläffer, M., Moon, S.: Differential Side Channel Analysis Attacks on FPGA Implementations of ARIA. ETRI Journal 30(2), 315–325 (2008), doi:10.4218/etrij.08.0107.0167Google Scholar
  10. 10.
    Kocher, P.C., Jaffe, J., Jun, B.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems ((PDF)). In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
  11. 11.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  12. 12.
    Goubin, L., Patarin, J.: DES and Differential Power Analysis - The ”Duplication” Method (1999)Google Scholar
  13. 13.
    Lv, J., Han, Y.: Enhanced DES implementation secure against high-order differential power analysis in smartcards. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 195–206. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  14. 14.
    Maghrebi, H., Danger, J.-L., Flament, F., Guilley, S.: Evaluation of Countermeasures Implementation Based on Boolean Masking to Thwart First and Second Order Side-Channel Attacks. In: SCS, Jerba, Tunisia, November 6-8, pp. 1–6. IEEE, Los Alamitos (2009),, doi:10.1109/ICSCS.2009.5412597Google Scholar
  15. 15.
    Maghrebi, H., Guilley, S., Danger, J.-L., Flament, F.: Entropy-based Power Attack. In: HOST, Anaheim Convention Center, Anaheim, CA, USA, June 13-14, pp. 1–6. IEEE Computer Society, Los Alamitos (2010), doi:10.1109/HST.2010.5513124Google Scholar
  16. 16.
    Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer, Heidelberg (December 2006), ISBN 0-387-30857-1Google Scholar
  17. 17.
    Mangard, S., Pramstaller, N., Oswald, E.: Successfully Attacking Masked AES Hardware Implementations. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 157–171. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  18. 18.
    Mangard, S., Schramm, K.: Pinpointing the Side-Channel Leakage of Masked AES Hardware Implementations. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 76–90. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  19. 19.
    Messerges, T.S.: Using Second-Order Power Analysis to Attack DPA Resistant Software. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 71–77. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  20. 20.
    Peeters, E., Standaert, F.-X., Donckers, N., Quisquater, J.-J.: Improved Higher-Order Side-Channel Attacks with FPGA Experiments. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 309–323. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  21. 21.
    Rivain, M., Prouff, E., Doget, J.: Higher-order masking and shuffling for software implementations of block ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 171–188. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  22. 22.
    Standaert, F.-X., Malkin, T., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  23. 23.
    Standaert, F.-X., Rouvroy, G., Quisquater, J.-J.: FPGA Implementations of the DES and Triple-DES Masked Against Power Analysis Attacks. In: Proceedings of FPL 2006. IEEE, Madrid (2006)Google Scholar
  24. 24.
    Waddle, J., Wagner, D.: Towards efficient second-order power analysis. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 1–15. Springer, Heidelberg (2004)CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2011

Authors and Affiliations

  • Houssem Maghrebi
    • 1
  • Sylvain Guilley
    • 1
  • Jean-Luc Danger
    • 1
  1. 1.TELECOM-ParisTech, Crypto GroupPARIS Cedex 13France

Personalised recommendations