A Comprehensive Evaluation of Mutual Information Analysis Using a Fair Evaluation Framework

  • Carolyn Whitnall
  • Elisabeth Oswald
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6841)

Abstract

The resistance of cryptographic implementations to side-channel analysis is a matter of considerable interest to those concerned with information security. It is particularly desirable to identify the attack methodology (e.g. differential power analysis using correlation or distance-of-means as the distinguisher) able to produce the best results. Such attempts are complicated by the many and varied factors contributing to attack success: the device power consumption characteristics, an attacker’s power model, the distinguisher by which measurements and model predictions are compared, the quality of the estimations, and so on. Previous work has delivered partial answers for certain restricted scenarios. In this paper we assess the effectiveness of mutual information-based differential power analysis within a generic and comprehensive evaluation framework. Complementary to existing work, we present several notions/characterisations of attack success with direct implications for the amount of data required. We are thus able to identify scenarios in which mutual information offers performance advantages over other distinguishers. Furthermore we observe an interesting feature—unique to the mutual information based distinguisher—resembling a type of stochastic resonance, which could potentially enhance the effectiveness of such attacks over other methods in certain noisy scenarios.

Keywords

side channel analysis mutual information 

References

  1. 1.
    Batina, L., Gierlichs, B., Prouff, E., Rivain, M., Standaert, F.X., Veyrat-Charvillon, N.: Mutual Information Analysis: a Comprehensive Study. Journal of Cryptology 24, 269–291 (2011)MathSciNetCrossRefGoogle Scholar
  2. 2.
    Benzi, R., Parisi, G., Sutera, A., Vulpiani, A.: Stochastic Resonance in Climatic Change. Tellus 34(1), 10–16 (1982)CrossRefGoogle Scholar
  3. 3.
    Bonachela, J., Hinrichsen, H., Munoz, M.: Entropy Estimates of Small Data Sets. Journal of Physics A – Mathematical and Theoretical 41(20) (2008)Google Scholar
  4. 4.
    Brier, E., Clavier, C., Olivier, F.: Correlation Power Analysis with a Leakage Model. In: Joye, M., Quisquater, J.J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 135–152. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  5. 5.
    Gierlichs, B., Batina, L., Tuyls, P., Preneel, B.: Mutual Information Analysis: a Generic Side-Channel Distinguisher. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 426–442. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  6. 6.
    Gierlichs, B., Batina, L., Tuyls, P., Preneel, B.: Mutual Information Analysis. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 426–442. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  7. 7.
    Guilley, S., Hoogvorst, P., Pacalet, R.: Differential Power Analysis Model and Some Results. In: Quisquater, J.J., Paradinas, P., Deswarte, Y., El Kalam, A. (eds.) Smart Card Research and Advanced Applications VI. IFIP, pp. 127–142. Springer, Boston (2004)CrossRefGoogle Scholar
  8. 8.
    Hutter, M.: Distribution of Mutual Information. Advances in Neural Information Processing Systems 14, 399–406 (2002)Google Scholar
  9. 9.
    Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  10. 10.
    Kreamer, H.C., Thiemann, S.: How many Subjects?: Statistical Power Analysis in Reasearch, 1st edn. Sage Publications Inc., Newbury Park (1987)Google Scholar
  11. 11.
    Madiman, M.: On the entropy of sums. In: 2008 IEEE Information Theory Workshop (2008)Google Scholar
  12. 12.
    Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer, Heidelberg (2007)MATHGoogle Scholar
  13. 13.
    Mangard, S., Oswald, E., Standaert, F.X.: One for all - all for one: Unifying standard DPA attacks. IET Information Security (to appear, 2011), preprint available from http://eprint.iacr.org/2009/449
  14. 14.
    Paninski, L.: Estimation of Entropy and Mutual Information. Neural Computation 15(6), 1191–1253 (2003)MATHCrossRefGoogle Scholar
  15. 15.
    Popp, T., Mangard, S.: Masked Dual-Rail Pre-charge Logic: DPA-Resistance Without Routing Constraints. In: Rao, J., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 172–186. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  16. 16.
    Prouff, E.: DPA attacks and S-boxes. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 424–441. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  17. 17.
    Prouff, E., Rivain, M.: Theoretical and Practical Aspects of Mutual Information Based Side Channel Analysis. In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS 2009. LNCS, vol. 5536, pp. 499–518. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  18. 18.
    Schindler, W., Lemke, K., Paar, C.: A Stochastic Model for Differential Side Channel Cryptanalysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 30–46. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  19. 19.
    Shiga, M., Yokota, Y.: An Optimal Entropy Estimator for Discrete Random Variables. In: Proceedings of the IJCNN, pp. 1280–1285. IEEE, New York (2005)Google Scholar
  20. 20.
    Standaert, F.X., Gierlichs, B., Verbauwhede, I.: Partition vs. Comparison Side-Channel Distinguishers: An Empirical Evaluation of Statistical Tests for Univariate Side-Channel Attacks against Two Unprotected CMOS Devices. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 253–267. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  21. 21.
    Standaert, F.X., Malkin, T.G., Yung, M.: A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  22. 22.
    Treves, A., Panzeri, S.: The Upward Bias in Measures on Information Derived From Limited Data Samples. Neural Computation 7(2), 399–407 (1995)CrossRefGoogle Scholar
  23. 23.
    Veyrat-Charvillon, N., Standaert, F.X.: Mutual Information Analysis: How, When and Why? In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 429–443. Springer, Heidelberg (2009)CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2011

Authors and Affiliations

  • Carolyn Whitnall
    • 1
  • Elisabeth Oswald
    • 1
  1. 1.Department of Computer ScienceUniversity of BristolBristolUK

Personalised recommendations