-
Chapter and Conference Paper
Templates vs. Stochastic Methods
Template Attacks and the Stochastic Model provide advanced methods for side channel cryptanalysis that make use of ‘a-priori’ knowledge gained from a profiling step. For a systematic comparison of Template Att...
-
Chapter and Conference Paper
DPA-Resistance Without Routing Constraints?
MDPL is a logic style claiming to provide resistance against Differential Side Channel Analysis on power consumption measurements. In this paper we show that the power consumption of a non-linear MDPL gate can...
-
Chapter and Conference Paper
Fault Analysis Study of IDEA
We present a study of several fault attacks against the block cipher IDEA. Such a study is particularly interesting because of the target cipher’s specific property to employ operations on three different algebra...
-
Chapter and Conference Paper
Comparative Evaluation of Rank Correlation Based DPA on an AES Prototype Chip
We propose a new class of distinguishers for differential side-channel analysis based on nonparametric statistics. As an example we use Spearman’s rank correlation coefficient. We present a comparative study o...
-
Chapter and Conference Paper
Perfect Matching Disclosure Attacks
Traffic analysis is the best known approach to uncover relationships amongst users of anonymous communication systems, such as mix networks. Surprisingly, all previously published techniques require very speci...
-
Chapter and Conference Paper
Mutual Information Analysis
We propose a generic information-theoretic distinguisher for differential side-channel analysis. Our model of side-channel leakage is a refinement of the one given by Standaert et al. An embedded device containin...
-
Chapter and Conference Paper
Power and Fault Analysis Resistance in Hardware through Dynamic Reconfiguration
Dynamically reconfigurable systems are known to have many advantages such as area and power reduction. The drawbacks of these systems are the reconfiguration delay and the overhead needed to provide reconfigur...
-
Chapter and Conference Paper
Partition vs. Comparison Side-Channel Distinguishers: An Empirical Evaluation of Statistical Tests for Univariate Side-Channel Attacks against Two Unprotected CMOS Devices
Given a cryptographic device leaking side-channel information, different distinguishers can be considered to turn this information into a successful key recovery. Such proposals include e.g. Kocher’s original DPA...
-
Chapter and Conference Paper
Differential Cluster Analysis
We propose a new technique called Differential Cluster Analysis for side-channel key recovery attacks. This technique uses cluster analysis to detect internal collisions and it combines features from previousl...
-
Chapter and Conference Paper
The World Is Not Enough: Another Look on Second-Order DPA
In a recent work, Mangard et al. showed that under certain assumptions, the (so-called) standard univariate side-channel attacks using a distance-of-means test, correlation analysis and Gaussian templates are ess...
-
Chapter and Conference Paper
Revisiting Higher-Order DPA Attacks:
Security devices are vulnerable to side-channel attacks that perform statistical analysis on data leaked from cryptographic computations. Higher-order (HO) attacks are a powerful approach to break protected im...
-
Chapter and Conference Paper
To Infinity and Beyond: Combined Attack on ECC Using Points of Low Order
We present a novel combined attack against ECC implementations that exploits specially crafted, but valid input points. The core idea is that after fault injection, these points turn into points of very low or...
-
Chapter and Conference Paper
Power Analysis of Atmel CryptoMemory – Recovering Keys from Secure EEPROMs
Atmel CryptoMemory devices offer non-volatile memory with access control and authenticated encryption. They are used in commercial and military applications e.g. to prevent counterfeiting, to store secrets suc...
-
Chapter and Conference Paper
Selecting Time Samples for Multivariate DPA Attacks
Masking on the algorithm level, i.e. concealing all sensitive intermediate values with random data, is a popular countermeasure against DPA attacks. A properly implemented masking scheme forces an attacker to ...
-
Chapter and Conference Paper
Infective Computation and Dummy Rounds: Fault Protection for Block Ciphers without Check-before-Output
Implementation attacks pose a serious threat for the security of cryptographic devices and there are a multitude of countermeasures that are used to prevent them. Two countermeasures used in implementations of...
-
Chapter and Conference Paper
Theory and Practice of a Leakage Resilient Masking Scheme
A recent trend in cryptography is to formally prove the leakage resilience of cryptographic implementations – that is, one formally shows that a scheme remains provably secure even in the presence of side channel...
-
Chapter and Conference Paper
A Note on the Use of Margins to Compare Distinguishers
Relative distinguishing margins are becoming a popular measure for comparing distinguishers. This paper presents some examples that show that this measure, although informative and intuitively sound, should no...
-
Chapter and Conference Paper
Generic DPA Attacks: Curse or Blessing?
Generic DPA attacks, such as MIA, have been recently proposed as a method to mount DPA attacks without the need for possibly restrictive assumptions on the leakage behaviour. Previous work identified some shor...
-
Chapter and Conference Paper
Higher-Order Threshold Implementations
Higher-order differential power analysis attacks are a serious threat for cryptographic hardware implementations. In particular, glitches in the circuit make it hard to protect the implementation with masking....
-
Chapter and Conference Paper
A More Efficient AES Threshold Implementation
Threshold Implementations provide provable security against first-order power analysis attacks for hardware and software implementations. Like masking, the approach relies on secret sharing but it differs in t...