Abstract
The TVLA procedure using the t-test has become a popular leakage detection method. To protect against environmental fluctuation in laboratory measurements, we propose a paired t-test to improve the standard procedure. We take advantage of statistical matched-pairs design to remove the environmental noise effect in leakage detection. Higher order leakage detection is further improved with a moving average method. We compare the proposed test with standard t-test on synthetic data and physical measurements. Our results show that the proposed tests are robust to environmental noise.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
If D is not mean-free, a strong leakage exists. Hence, a small number of observations suffices for leakage detection, making numerical problems irrelevant.
References
Balasch, J., Gierlichs, B., Grosso, V., Reparaz, O., Standaert, F.-X.: On the cost of lazy engineering for masked software implementations. In: Joye, M., Moradi, A. (eds.) CARDIS 2014. LNCS, vol. 8968, pp. 64–81. Springer, Heidelberg (2015). http://dx.doi.org/10.1007/978-3-319-16763-3_5
Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The Simon and Speck families of lightweight block ciphers. IACR Cryptol. ePrint Arch. 2013, 404 (2013)
Bilgin, B., Gierlichs, B., Nikova, S., Nikov, V., Rijmen, V.: A more efficient AES threshold implementation. In: Pointcheval, D., Vergnaud, D. (eds.) AFRICACRYPT. LNCS, vol. 8469, pp. 267–284. Springer, Heidelberg (2014)
Bilgin, B., Gierlichs, B., Nikova, S., Nikov, V., Rijmen, V.: Higher-order threshold implementations. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014, Part II. LNCS, vol. 8874, pp. 326–343. Springer, Heidelberg (2014)
Chen, C., Eisenbarth, T., von Maurich, I., Steinwandt, R.: Masking large keys in hardware: a masked implementation of McEliece. In: Dunkelman, O., et al. (eds.) SAC 2015. LNCS, vol. 9566, pp. 293–309. Springer, Heidelberg (2016). doi:10.1007/978-3-319-31301-6_18
Cooper, J., DeMulder, E., Goodwill, G., Jaffe, J., Kenworthy, G., Rohatgi, P.: Test Vector Leakage Assessment (TVLA) methodology in practice. In: International Cryptographic Module Conference (2013). http://icmc-2013.org/wp/wp-content/uploads/2013/09/goodwillkenworthtestvector.pdf
Ding, A.A., Zhang, L., Fei, Y., Luo, P.: A statistical model for higher order DPA on masked devices. In: Batina, L., Robshaw, M. (eds.) CHES 2014. LNCS, vol. 8731, pp. 147–169. Springer, Heidelberg (2014). http://dx.doi.org/10.1007/978-3-662-44709-3_9
Durvaux, F., Standaert, F.-X.: From improved leakage detection to the detection of points of interests in leakage traces. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 240–262. Springer, Heidelberg (2016). doi:10.1007/978-3-662-49890-3_10
Fei, Y., Ding, A.A., Lao, J., Zhang, L.: A statistics-based success rate model for DPA and CPA. J. Crypt. Eng. 5(4), 227–243 (2015). doi:10.1007/s13389-015-0107-0
Goodwill, G., Jun, B., Jaffe, J., Rohatgi, P.: A testing methodology for side-channel resistance validation. In: NIST Non-Invasive Attack Testing Workshop, September 2011. http://csrc.nist.gov/news_events/non-invasive-attack-testing-workshop/papers/08_Goodwill.pdf
Heuser, A., Kasper, M., Schindler, W., Stöttinger, M.: A new difference method for side-channel analysis with high-dimensional leakage models. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 365–382. Springer, Heidelberg (2012). http://dx.doi.org/10.1007/978-3-642-27954-6_23
Kutner, M.H., Nachtsheim, C.J., Neter, J., Li, W.: Applied Linear Statistical Models. McGraw-Hill/Irwin, New York (2005)
Leiserson, A.J., Marson, M.E., Wachs, M.A.: Gate-level masking under a path-based leakage metric. In: Batina, L., Robshaw, M. (eds.) CHES 2014. LNCS, vol. 8731, pp. 580–597. Springer, Heidelberg (2014)
Mather, L., Oswald, E., Bandenburg, J., Wójcik, M.: Does my device leak information? an a priori statistical power analysis of leakage detection tests. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part I. LNCS, vol. 8269, pp. 486–505. Springer, Heidelberg (2013). http://dx.doi.org/10.1007/978-3-642-42033-7_25
Moradi, A., Hinterwälder, G.: Side-channel security analysis of ultra-low-power FRAM-based MCUs. In: Mangard, S., Poschmann, A.Y. (eds.) COSADE 2015. LNCS, vol. 9064, pp. 239–254. Springer, Heidelberg (2015). http://dx.doi.org/10.1007/978-3-319-21476-4_16
Nascimento, E., Lopez, J., Dahab, R.: Efficient and secure elliptic curve cryptography for 8-bit AVR microcontrollers. In: Chakraborty, R.S., et al. (eds.) SPACE 2015. LNCS, vol. 9354. Springer, Heidelberg (2015). http://dx.doi.org/10.1007/978-3-319-24126-5_17
Pébay, P.: Formulas for robust, one-pass parallel computation of covariances and arbitrary-order statistical moments. Sandia report SAND2008-6212, Sandia National Laboratories (2008)
Prouff, E., Rivain, M., Bevan, R.: Statistical analysis of second order differential power analysis. IEEE Trans. Comput. 58(6), 799–811 (2009)
Schneider, T., Moradi, A.: Leakage assessment methodology. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 495–513. Springer, Heidelberg (2015). http://dblp.uni-trier.de/db/conf/ches/ches2015.htmlSchneiderM15
Shahverdi, A., Taha, M., Eisenbarth, T.: Silent Simon: threshold implementation under 100 slices. In: 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp. 1–6, May 2015
Acknowledgments
This work is supported by the National Science Foundation under grant CNS-1314655, CNS-1314770 and CNS-1261399.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendices
Appendix
A Proof of Theorem 1
We are comparing the leakage detection statistic (9)
with the theoretical optimal leakage detection statistic \(\varDelta \) in Eq. (8).
Without loss of generality, let \(c^{(1)}=c^{(2)}=0\) in model (6), since these constants are cancelled in each of the differences \((L^{(j)}_A - \bar{L}^{(j)}_A)\) and \((L^{(j)}_B - \bar{L}^{(j)}_B)\) for \(j=1,2\). Then (8) is simplified as \(\varDelta = L^{(1)}_A L^{(2)}_A - L^{(1)}_B L^{(2)}_B\). Hence
We first reexpress \((L^{(1)}_A - \bar{L}^{(1)}_A)\) as the difference between two independent terms. We denote \(\tilde{L}^{(1)}_A = \frac{1}{n_w-1} \sum _{i=1}^{n_w-1} L^{(1)}_{A,i}\) as the average of \(n_w-1\) traces excluding the original trace, where \(L^{(1)}_{A,i}\) (\(i=1,...,n_w-1\)) are independent random variables coming from the same distribution as \(L^{(1)}_A\). Since \(\bar{L}^{(1)}_A\) is the average over \(n_w\) nearby traces including the original trace, \(\bar{L}^{(1)}_A = \frac{1}{n_w} [L^{(1)}_A + \sum _{i=1}^{n_w-1} L^{(1)}_{A,i}] = \frac{n_w-1}{n_w} ( L^{(1)}_A - \tilde{L}^{(1)}_A)\), with \(\tilde{L}^{(1)}_A\) independent of \(L^{(1)}_A\). \(E(\tilde{L}^{(1)}_A) = E(L^{(1)}_A)\) and \(Var(\tilde{L}^{(1)}_A)=\frac{1}{n_w-1} Var(L^{(1)}_A)\). Similarly, \(\tilde{L}^{(2)}_A\), \(\tilde{L}^{(1)}_B\) and \(\tilde{L}^{(2)}_B\) denotes the average of corresponding quantities over the \(n_w-1\) traces excluding the original trace. The we can rewrite the leakage detection statistic in (9) as
Therefore as \(n_w \rightarrow \infty \), \(D \rightarrow \varDelta \).
Next, we show that E(D) and Var(D) differ from their limits \(E(\varDelta )\) and \(Var(\varDelta )\) by a factor of \(O(1/n_w)\) only. Let \(D^* = \frac{n_w}{n_w-1} D\). Then we have
The proofs of these two equations are provided in the next two subsections.
Combining Eqs. (12), (14) and (15), we arrived at Eq. (10) and Theorem 1 is proved.
1.1 A.1 Proof of Eq. (14) on Mean of \(D^*\)
We now calculate the first term in E(D).
For \(i \ne j\), \(L^{(1)}_{A,i}\) is independence of \(L^{(2)}_{A,j}\) so that \(E(L^{(1)}_{A,i}L^{(2)}_{A,j})=E(L^{(1)}_{A,i})E(L^{(2)}_{A,j})=(0)(0)=0\) and drops from the summation. Hence
Also, since \(\tilde{L}^{(1)}_A\) is independent of \(L^{(2)}_A\), \(E(\tilde{L}^{(1)}_A L^{(2)}_A) = E(\tilde{L}^{(1)}_A) E( L^{(2)}_A) =0\). Similarly \(E(L^{(1)}_A\tilde{L}^{(2)}_A)=0\). Therefore,
Similarly, \( E[(L^{(1)}_B - \tilde{L}^{(1)}_B)(L^{(2)}_B - \tilde{L}^{(2)}_B)] = \frac{n_w}{n_w-1} E(L^{(1)}_{B}L^{(2)}_{B}). \) Combine these two expressions with Eq. (13) and \(D^* = \frac{n_w}{n_w-1} D\), we get Eq. (14)
1.2 A.2 Proof of Eq. (15) on Variance of \(D^*\)
For the first term, the variance of the sum \(L^{(1)}_A L^{(2)}_A - \tilde{L}^{(1)}_AL^{(2)}_A - L^{(1)}_A \tilde{L}^{(2)}_A + L^{(1)}_A L^{(2)}_A\) is the covariance of the sum with itself. For the four terms in \(L^{(1)}_A L^{(2)}_A - \tilde{L}^{(1)}_AL^{(2)}_A - L^{(1)}_A \tilde{L}^{(2)}_A + L^{(1)}_A L^{(2)}_A\), the covariance for most pairs of different terms are zero. For example,
and \(Cov(L^{(1)}_A L^{(2)}_A, \tilde{L}^{(1)}_A \tilde{L}^{(2)}_A) =0\) due to the independence between \(L^{(1)}_A L^{(2)}_A\) and \(\tilde{L}^{(1)}_A \tilde{L}^{(2)}_A\). The only non-zero cross-term covariance is
with the last step coming from Eq. (16). Therefore,
By independence, \(Var(\tilde{L}^{(1)}_AL^{(2)}_A)= Var(\tilde{L}^{(1)}_A) Var(L^{(2)}_A)= \frac{1}{n_w-1} Var(L^{(1)}_A) Var(L^{(2)}_A)\), and \(Var(L^{(1)}_A \tilde{L}^{(2)}_A) = \frac{1}{n_w-1} Var(L^{(1)}_A) Var(L^{(2)}_A)\).
For \(Var(\tilde{L}^{(1)}_A \tilde{L}^{(2)}_A)\), note that
The covariance between any two different terms in the sum is zero. Hence
Combine together, we have
Hence the first term in \(Var(D^*)\) becomes
For further simplification, let \(\sigma _1^2\) and \(\sigma _2^2\) denote the variances of noises \(r^{(1)}\) and \(r^{(2)}\) in the second-order leakage model (6). Then \(Var(L^{(1)}_A)=\sigma _1^2+Var(V^{(1)})\), \(Var(L^{(2)}_A)=\sigma _2^2+Var(V^{(2)})\), \(E(L^{(1)}_{A}L^{(2)}_{A}) = E (V^{(1)}V^{(2)})\),
Hence
Combine the above five expressions,
Combine this with (17) and (18) we have Eq. (15),
B Derivation of Eq. (11)
As in the previous section, we let \(c^{(1)}=c^{(2)}=0\) without loss of generality, so that \(E(L^{(1)}_A)=E(L^{(2)}_A)=0\). Then
Hence
Next,
Hence we get the variance
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Ding, A.A., Chen, C., Eisenbarth, T. (2016). Simpler, Faster, and More Robust T-Test Based Leakage Detection. In: Standaert, FX., Oswald, E. (eds) Constructive Side-Channel Analysis and Secure Design. COSADE 2016. Lecture Notes in Computer Science(), vol 9689. Springer, Cham. https://doi.org/10.1007/978-3-319-43283-0_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-43283-0_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-43282-3
Online ISBN: 978-3-319-43283-0
eBook Packages: Computer ScienceComputer Science (R0)