More Web Proxy on the site http://driver.im/

Article

On second-order differential power analysis

Authors:

Pascal Paillier,

Berry SchoenmakersAuthors Info & Claims

CHES'05: Proceedings of the 7th international conference on Cryptographic hardware and embedded systems

Pages 293 - 308

https://doi.org/10.1007/11545262_22

Published: 29 August 2005 Publication History

Abstract

Differential Power Analysis (DPA) is a powerful cryptanalytic technique aiming at extracting secret data from a cryptographic device by collecting power consumption traces and averaging over a series of acquisitions. In order to prevent the leakage, hardware designers and software programmers make use of masking techniques (a.k.a. data whitening methods). However, the resulting implementations may still succumb to second-order DPA. Several recent papers studied second-order DPA but, although the conclusions that are drawn are correct, the analysis is not.

This paper fills the gap by providing an exact analysis of second-order DPA as introduced by Messerges. It also considers several generalizations, including an extended analysis in the more general Hamming-distance model.

References

[1]

〈http://www.research.att.com/projects/OEIS?Anum=A036970〉. Triangle of coefficients of Gandhi polynomials. In On-Line Encyclopedia of Integer Sequences.

[2]

〈http://www.research.att.com/projects/OEIS?Anum=A083061〉. Triangle of coefficients of a companion polynomial to the Gandhi polynomial. In On-Line Encyclopedia of Integer Sequences.

[3]

D. Agrawal, B. Archambeault, J. R. Rao, and P. Rohatgi. The EM Side-Channel(s). In Cryptographic Hardware and Embedded Systems - CHES 2002, vol. 2523 of Lecture Notes in Computer Science, pp. 29-45. Springer-Verlag, 2002.

Digital Library

[4]

G. Boros and V. Moll. Irresistible Integrals: Symbolics, Analysis and Experiments in the Evaluation of Integrals. Cambridge University Press, 2004.

[5]

É. Brier, C. Clavier, and F. Olivier. Correlation power analysis with a leakage model. In Cryptographic Hardware and Embedded Systems - CHES 2004, vol. 3156 of Lecture Notes in Computer Science, pp. 16-29. Springer-Verlag, 2004.

[6]

J.-S. Coron and L. Goubin. On Boolean and arithmetic masking against differential power analysis. In Cryptographic Hardware and Embedded Systems - CHES 2000, vol. 1965 of Lecture Notes in Computer Science, pp. 231-237. Springer-Verlag, 2000.

Digital Library

[7]

K. Gandolfi, C. Mourtel, and F. Olivier. Electromagnetic analysis: Concrete results. In Cryptographic Hardware and Embedded Systems - CHES 2001, vol. 2162 of Lecture Notes in Computer Science, pp. 251-261. Springer-Verlag, 2001.

Digital Library

[8]

P.C. Kocher, J. Jaffe, and B. Jun. Differential power analysis. In Advances in Cryptology - CRYPTO'99, vol. 1666 of Lecture Notes in Computer Science, pp. 388-397. Springer-Verlag, 1999.

Digital Library

[9]

M. Joye. Smart-card implementations of elliptic curve cryptography and DPAtype attacks. In Smart Card Research and Advanced Applications VI, pp. 115-125. Kluwer Academic Publishers, 2004.

[10]

D.E. Knuth. The Art of Computer Programming (Vol. 1: Fundamental Algorithms). Addison Wesley, 3rd edition, 1997.

Digital Library

[11]

P.C. Kocher. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In Advances in Cryptology - CRYPTO'96, vol. 1109 of Lecture Notes in Computer Science, pp. 104-113. Springer-Verlag, 1996.

Digital Library

[12]

T.S. Messerges. Using second-order power analysis to attack DPA resistant software. In Cryptographic Hardware and Embedded Systems - CHES 2000, vol. 1965 of Lecture Notes in Computer Science, pp. 238-251. Springer-Verlag, 2000.

Digital Library

[13]

T.S. Messerges, E.A. Dabbish, and R.H. Sloan. Examining smart-card security under the threat of power analysis attacks. IEEE Transactions on Computers, 51(5):541 552, 2002.

Digital Library

[14]

J.-J. Quisquater and D. Samyde. ElectroMagnetic Analysis (EMA): Measures and couter-measures for smard cards. In Smart Card Programming and Security (E-smart 2001), vol. 2140 of Lecture Notes in Computer Science, pp. 200-210. Springer-Verlag, 2001.

Digital Library

[15]

R.L Rivest, M.J.B. Robshaw, R. Sideney, and Y.L. Yin. The RC6 block cipher. RSA Laboratories, v1.1, August 20, 1998.

[16]

J. Waddle and D. Wagner. Towards efficient second-order power analysis. In Cryptographic Hardware and Embedded Systems - CHES 2004, vol. 3156 of Lecture Notes in Computer Science, pp. 1-15. Springer-Verlag, 2004.

Cited By

Nikova SRechberger CRijmen V(2022)Threshold Implementations Against Side-Channel Attacks and GlitchesInformation and Communications Security10.1007/11935308_38(529-545)Online publication date: 10-Mar-2022
https://dl.acm.org/doi/10.1007/11935308_38
Ouladj MGuilley SProuff E(2020)On the Implementation Efficiency of Linear Regression-Based Side-Channel AttacksConstructive Side-Channel Analysis and Secure Design10.1007/978-3-030-68773-1_8(147-172)Online publication date: 1-Apr-2020
https://dl.acm.org/doi/10.1007/978-3-030-68773-1_8
Wang YHa Y(2017)A DFA-Resistant and Masked PRESENT with Area Optimization for RFID ApplicationsACM Transactions on Embedded Computing Systems10.1145/303554316:4(1-22)Online publication date: 28-Jul-2017
https://dl.acm.org/doi/10.1145/3035543
Show More Cited By

On second-order differential power analysis
1. Theory of computation

Recommendations

First-order differential power analysis on the duplication method
INDOCRYPT'07: Proceedings of the cryptology 8th international conference on Progress in cryptology

Cryptographic embedded systems are vulnerable to Differential Power Analysis (DPA). In particular, the S-boxes of a block cipher are known to be the most sensitive parts with respect to this very kind of attack. While many sound countermeasures have ...
Principles on the security of AES against first and second-order differential power analysis
ACNS'10: Proceedings of the 8th international conference on Applied cryptography and network security

The Advanced Encryption Standard (AES) is a 128-bit block cipher that is currently being widely used in smartcards. Differential Power Analysis (DPA) is a powerful technique used to attack a cryptographic implementation in a resource-limited application ...
On power analysis attacks against hardware stream ciphers

Power analysis attacks are a type of attack which measures and analyses the power consumption of electronic circuits to extract secret information, particularly the secret encryption key. These attacks have become a huge threat for embedded systems, in ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Guide Proceedings

CHES'05: Proceedings of the 7th international conference on Cryptographic hardware and embedded systems

August 2005

457 pages

ISBN:3540284745

Editors:
Josyula R. Rao
IBM Watson Research Center, Yorktown Heights
,
Berk Sunar
Cryptography & Information Security Laboratory, WPI, Worcester, MA

Sponsors

IACR: International Association for Cryptologic Research

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 29 August 2005

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

37
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 17 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Nikova SRechberger CRijmen V(2022)Threshold Implementations Against Side-Channel Attacks and GlitchesInformation and Communications Security10.1007/11935308_38(529-545)Online publication date: 10-Mar-2022
https://dl.acm.org/doi/10.1007/11935308_38
Ouladj MGuilley SProuff E(2020)On the Implementation Efficiency of Linear Regression-Based Side-Channel AttacksConstructive Side-Channel Analysis and Secure Design10.1007/978-3-030-68773-1_8(147-172)Online publication date: 1-Apr-2020
https://dl.acm.org/doi/10.1007/978-3-030-68773-1_8
Wang YHa Y(2017)A DFA-Resistant and Masked PRESENT with Area Optimization for RFID ApplicationsACM Transactions on Embedded Computing Systems10.1145/303554316:4(1-22)Online publication date: 28-Jul-2017
https://dl.acm.org/doi/10.1145/3035543
Sonchack JDubey AAviv ASmith JKeller ESchwab SRobertson WBalzarotti D(2016)Timing-based reconnaissance and defense in software-defined networksProceedings of the 32nd Annual Conference on Computer Security Applications10.1145/2991079.2991081(89-100)Online publication date: 5-Dec-2016
https://dl.acm.org/doi/10.1145/2991079.2991081
Eldib HWang CSchaumont P(2014)Formal Verification of Software Countermeasures against Side-Channel AttacksACM Transactions on Software Engineering and Methodology10.1145/268561624:2(1-24)Online publication date: 23-Dec-2014
https://dl.acm.org/doi/10.1145/2685616
Wolf MMukhopodhyay SYu TYang S(2014)Information theoretic models for signatures in VLSI power delivery systemsProceedings of the 9th Workshop on Embedded Systems Security10.1145/2668322.2668324(1-5)Online publication date: 12-Oct-2014
https://dl.acm.org/doi/10.1145/2668322.2668324
Seibert JOkhravi HSöderström EAhn GYung MLi N(2014)Information Leaks Without Memory DisclosuresProceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security10.1145/2660267.2660309(54-65)Online publication date: 3-Nov-2014
https://dl.acm.org/doi/10.1145/2660267.2660309
Ding AZhang LFei YLuo P(2014)A Statistical Model for Higher Order DPA on Masked DevicesProceedings of the 16th International Workshop on Cryptographic Hardware and Embedded Systems --- CHES 2014 - Volume 873110.1007/978-3-662-44709-3_9(147-169)Online publication date: 23-Sep-2014
https://dl.acm.org/doi/10.1007/978-3-662-44709-3_9
Wang XYueh WRoy DNarasimhan SZheng YMukhopadhyay SMukhopadhyay DBhunia S(2013)Role of power grid in side channel attack and power-grid-aware secure designProceedings of the 50th Annual Design Automation Conference10.1145/2463209.2488830(1-9)Online publication date: 29-May-2013
https://dl.acm.org/doi/10.1145/2463209.2488830
Hernandez-Ardieta JGonzalez-Tablas ADe Fuentes JRamos B(2013)A taxonomy and survey of attacks on digital signaturesComputers and Security10.1016/j.cose.2012.11.00934(67-112)Online publication date: 1-May-2013
https://dl.acm.org/doi/10.1016/j.cose.2012.11.009
Show More Cited By

View Options

View options

Media

Figures

Other

Tables

View Table of Contents