By Topic

One for all ?? all for one: unifying standard differential power analysis attacks

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $31
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Mangard, S. ; Chipcard & Security, Infineon Technol. AG, Neubiberg, Germany ; Oswald, E. ; Standaert, F.-X.

In this study, the authors examine the relationship between and the efficiency of different approaches to standard (univariate) differential power analysis (DPA) attacks. The authors first show that, when fed with the same assumptions about the target device (i.e. with the same leakage model), the most popular approaches such as using a distance-of-means test, correlation analysis and Bayes attacks are essentially equivalent in this setting. Differences observed in practice are not because of differences in the statistical tests but because of statistical artefacts. Then, the authors establish a link between the correlation coefficient and the conditional entropy in side-channel attacks. In a first-order attack scenario, this relationship allows linking currently used metrics to evaluate standard DPA attacks (such as the number of power traces needed to perform a key recovery) with an information theoretic metric (the mutual information). The authors results show that in the practical scenario defined formally in this study, both measures are equally suitable to compare devices with respect to their susceptibility to DPA attacks. Together with observations regarding key and algorithm independence the authors consequently extend theoretical strategies for the sound evaluation of leaking devices towards the practice of side-channel attacks.

Published in:

Information Security, IET  (Volume:5 ,  Issue: 2 )