Taylor Expansion of Maximum Likelihood Attacks for Masked and Shuffled Implementations

  • Nicolas Bruneau
  • Sylvain Guilley
  • Annelie Heuser
  • Olivier Rioul
  • François-Xavier Standaert
  • Yannick Teglia
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10031)


The maximum likelihood side-channel distinguisher of a template attack scenario is expanded into lower degree attacks according to the increasing powers of the signal-to-noise ratio (SNR). By exploiting this decomposition we show that it is possible to build highly multivariate attacks which remain efficient when the likelihood cannot be computed in practice due to its computational complexity. The shuffled table recomputation is used as an illustration to derive a new attack which outperforms the ones presented by Bruneau et al. at CHES 2015, and so across the full range of SNRs. This attack combines two attack degrees and is able to exploit high dimensional leakage which explains its efficiency.


Template attacks Taylor expansion Shuffled table recomputation 


  1. 1.
    Akkar, M.-L., Giraud, C.: An implementation of DES and AES, secure against some attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 309–318. Springer, Heidelberg (2001). doi: 10.1007/3-540-44709-1_26 CrossRefGoogle Scholar
  2. 2.
    Batina, L., Gierlichs, B., Prouff, E., Rivain, M., Standaert, F.X., Veyrat-Charvillon, N.: Mutual information analysis: a comprehensive study. J. Cryptol. 24(2), 269–291 (2011)MathSciNetCrossRefMATHGoogle Scholar
  3. 3.
    Blömer, J., Guajardo, J., Krummel, V.: Provably secure masking of AES. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 69–83. Springer, Heidelberg (2004). doi: 10.1007/978-3-540-30564-4_5 CrossRefGoogle Scholar
  4. 4.
    Bruneau, N., Danger, J.-L., Guilley, S., Heuser, A., Teglia, Y.: Boosting higher-order correlation attacks by dimensionality reduction. In: Chakraborty, R.S., Matyas, V., Schaumont, P. (eds.) SPACE 2014. LNCS, vol. 8804, pp. 183–200. Springer, Heidelberg (2014). doi: 10.1007/978-3-319-12060-7_13 Google Scholar
  5. 5.
    Bruneau, N., Guilley, S., Heuser, A., Marion, D., Rioul, O.: Less is more dimensionality reduction from a theoretical perspective. In: Handschuh and Güneysu [13]Google Scholar
  6. 6.
    Bruneau, N., Guilley, S., Heuser, A., Rioul, O.: Masks will fall off. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 344–365. Springer, Heidelberg (2014). doi: 10.1007/978-3-662-45608-8_19 Google Scholar
  7. 7.
    Bruneau, N., Guilley, S., Najm, Z., Teglia, Y.: Multivariate high-order attacks of shuffled tables recomputation. In: Handschuh and Güneysu [13]Google Scholar
  8. 8.
    Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999). doi: 10.1007/3-540-48405-1_26 Google Scholar
  9. 9.
    Clavier, C., Coron, J.-S., Dabbous, N.: Differential power analysis in the presence of hardware countermeasures. In: Koç, Ç.K., Paar, C. (eds.) CHES 2000. LNCS, vol. 1965, pp. 252–263. Springer, Heidelberg (2000). doi: 10.1007/3-540-44499-8_20 CrossRefGoogle Scholar
  10. 10.
    Coron, J.-S.: Higher order masking of look-up tables. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 441–458. Springer, Heidelberg (2014). doi: 10.1007/978-3-642-55220-5_25 CrossRefGoogle Scholar
  11. 11.
    Ding, A.A., Zhang, L., Fei, Y., Luo, P.: A statistical model for higher order DPA on masked devices. In: Batina, L., Robshaw, M. (eds.) CHES 2014. LNCS, vol. 8731, pp. 147–169. Springer, Heidelberg (2014). doi: 10.1007/978-3-662-44709-3_9 Google Scholar
  12. 12.
    Duc, A., Faust, S., Standaert, F.-X.: Making masking security proofs concrete. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 401–429. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-46800-5_16 Google Scholar
  13. 13.
    Güneysu, T., Handschuh, H. (eds.): CHES 2015. LNCS, vol. 9293. Springer, Heidelberg (2015)MATHGoogle Scholar
  14. 14.
    Herbst, C., Oswald, E., Mangard, S.: An AES smart card implementation resistant to power analysis attacks. In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol. 3989, pp. 239–252. Springer, Heidelberg (2006). doi: 10.1007/11767480_16 CrossRefGoogle Scholar
  15. 15.
    Ishai, Y., Sahai, A., Wagner, D.: Private circuits: securing hardware against probing attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463–481. Springer, Heidelberg (2003). doi: 10.1007/978-3-540-45146-4_27 CrossRefGoogle Scholar
  16. 16.
    Lemke-Rust, K., Paar, C.: Analyzing side channel leakage of masked implementations with stochastic methods. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 454–468. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-74835-9_30 CrossRefGoogle Scholar
  17. 17.
    Lemke-Rust, K., Paar, C.: Gaussian mixture models for higher-order side channel analysis. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 14–27. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-74735-2_2 CrossRefGoogle Scholar
  18. 18.
    Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks - Revealing the Secrets of Smart Cards. Springer, Heidelberg (2007)MATHGoogle Scholar
  19. 19.
    Messerges, T.S.: Securing the AES finalists against power analysis attacks. In: Goos, G., Hartmanis, J., Leeuwen, J., Schneier, B. (eds.) FSE 2000. LNCS, vol. 1978, pp. 150–164. Springer, Heidelberg (2001). doi: 10.1007/3-540-44706-7_11 CrossRefGoogle Scholar
  20. 20.
    Messerges, T.S.: Using second-order power analysis to attack DPA resistant software. In: Koç, Ç.K., Paar, C. (eds.) CHES 2000. LNCS, vol. 1965, pp. 238–251. Springer, Heidelberg (2000). doi: 10.1007/3-540-44499-8_19 CrossRefGoogle Scholar
  21. 21.
    Moradi, A.: Statistical tools flavor side-channel collision attacks. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 428–445. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-29011-4_26 CrossRefGoogle Scholar
  22. 22.
    Moradi, A., Standaert, F.X.: Moments-correlating DPA. IACR Cryptology ePrint Archive 2014, p. 409, 2 June 2014Google Scholar
  23. 23.
    Moradi, A., Wild, A.: Assessment of hiding the higher-order leakages in hardware. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 453–474. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-48324-4_23 CrossRefGoogle Scholar
  24. 24.
    Nikova, S., Rijmen, V., Schläffer, M.: Secure hardware implementation of nonlinear functions in the presence of glitches. J. Cryptol. 24(2), 292–321 (2011)MathSciNetCrossRefMATHGoogle Scholar
  25. 25.
    Oswald, E., Mangard, S.: Template attacks on masking—resistance is futile. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 243–256. Springer, Heidelberg (2006). doi: 10.1007/11967668_16 CrossRefGoogle Scholar
  26. 26.
    Pan, J., Hartog, J.I., Lu, J.: You cannot hide behind the mask: power analysis on a provably secure S-Box implementation. In: Youm, H.Y., Yung, M. (eds.) WISA 2009. LNCS, vol. 5932, pp. 178–192. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-10838-9_14 CrossRefGoogle Scholar
  27. 27.
    Peeters, E., Standaert, F.-X., Donckers, N., Quisquater, J.-J.: Improved higher-order side-channel attacks with FPGA experiments. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 309–323. Springer, Heidelberg (2005). doi: 10.1007/11545262_23 CrossRefGoogle Scholar
  28. 28.
    Prouff, E., Rivain, M.: A generic method for secure SBox implementation. In: Kim, S., Yung, M., Lee, H.-W. (eds.) WISA 2007. LNCS, vol. 4867, pp. 227–244. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-77535-5_17 CrossRefGoogle Scholar
  29. 29.
    Prouff, E., Rivain, M., Bevan, R.: Statistical analysis of second order differential power analysis. IEEE Trans. Comput. 58(6), 799–811 (2009)MathSciNetCrossRefGoogle Scholar
  30. 30.
    Rivain, M., Prouff, E.: Provably secure higher-order masking of AES. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 413–427. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-15031-9_28 CrossRefGoogle Scholar
  31. 31.
    Rivain, M., Prouff, E., Doget, J.: Higher-order masking and shuffling for software implementations of block ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 171–188. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-04138-9_13 CrossRefGoogle Scholar
  32. 32.
    Standaert, F.-X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-01001-9_26 CrossRefGoogle Scholar
  33. 33.
    Standaert, F.-X., Veyrat-Charvillon, N., Oswald, E., Gierlichs, B., Medwed, M., Kasper, M., Mangard, S.: The world is not enough: another look on second-order DPA. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 112–129. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-17373-8_7 CrossRefGoogle Scholar
  34. 34.
    Stuart, A., Ord, K.: Kendall’s Advanced Theory of Statistics: Distribution Theory, 6th edn. Wiley-Blackwell, New York (1994). ISBN-10: 0470665300; ISBN-13: 978-0470665305MATHGoogle Scholar
  35. 35.
    TELECOM ParisTech SEN research group. DPA Contest, 4th edn., 2013–2014.
  36. 36.
    Tunstall, M., Whitnall, C., Oswald, E.: Masking tables—an underestimated security risk. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 425–444. Springer, Heidelberg (2014). doi: 10.1007/978-3-662-43933-3_22 Google Scholar
  37. 37.
    Veyrat-Charvillon, N., Medwed, M., Kerckhof, S., Standaert, F.-X.: Shuffling against side-channel attacks: a comprehensive study with cautionary note. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 740–757. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-34961-4_44 CrossRefGoogle Scholar
  38. 38.
    Waddle, J., Wagner, D.: Towards efficient second-order power analysis. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 1–15. Springer, Heidelberg (2004). doi: 10.1007/978-3-540-28632-5_1 CrossRefGoogle Scholar
  39. 39.
    Weisstein, E.W.: Cumulant. From MathWorld A Wolfram Web Resource.

Copyright information

© International Association for Cryptologic Research 2016

Authors and Affiliations

  • Nicolas Bruneau
    • 1
    • 2
  • Sylvain Guilley
    • 1
    • 3
  • Annelie Heuser
    • 1
  • Olivier Rioul
    • 1
  • François-Xavier Standaert
    • 4
  • Yannick Teglia
    • 5
  1. 1.Institut Mines-Télécom, Télécom ParisTech, CNRS LTCI Department ComelecParisFrance
  2. 2.STMicroelectronics, AST DivisionRoussetFrance
  3. 3.Secure-IC S.A.S.RennesFrance
  4. 4.ICTEAM/ELEN/Crypto GroupUniversité catholique de LouvainLouvain-la-NeuveBelgium
  5. 5.Gemalto, Security LabsLa CiotatFrance

Personalised recommendations