-
Chapter and Conference Paper
Consolidating Inner Product Masking
Masking schemes are a prominent countermeasure to defeat power analysis attacks. One of their core ingredients is the encoding function. Due to its simplicity and comparably low complexity overheads, many mask...
-
Chapter and Conference Paper
Consolidating Masking Schemes
In this paper we investigate relations between several masking schemes. We show that the Ishai–Sahai–Wagner private circuits construction is closely related to Threshold Implementations and the Trichina gate. ...
-
Chapter and Conference Paper
Inner Product Masking Revisited
Masking is a popular countermeasure against side channel attacks. Many practical works use Boolean masking because of its simplicity, ease of implementation and comparably low performance overhead. Some recent...
-
Chapter and Conference Paper
Higher-Order Threshold Implementations
Higher-order differential power analysis attacks are a serious threat for cryptographic hardware implementations. In particular, glitches in the circuit make it hard to protect the implementation with masking....
-
Chapter and Conference Paper
Selecting Time Samples for Multivariate DPA Attacks
Masking on the algorithm level, i.e. concealing all sensitive intermediate values with random data, is a popular countermeasure against DPA attacks. A properly implemented masking scheme forces an attacker to ...
-
Chapter and Conference Paper
Theory and Practice of a Leakage Resilient Masking Scheme
A recent trend in cryptography is to formally prove the leakage resilience of cryptographic implementations – that is, one formally shows that a scheme remains provably secure even in the presence of side channel...
-
Chapter and Conference Paper
To Infinity and Beyond: Combined Attack on ECC Using Points of Low Order
We present a novel combined attack against ECC implementations that exploits specially crafted, but valid input points. The core idea is that after fault injection, these points turn into points of very low or...
-
Chapter and Conference Paper
The World Is Not Enough: Another Look on Second-Order DPA
In a recent work, Mangard et al. showed that under certain assumptions, the (so-called) standard univariate side-channel attacks using a distance-of-means test, correlation analysis and Gaussian templates are ess...
-
Chapter and Conference Paper
Differential Cluster Analysis
We propose a new technique called Differential Cluster Analysis for side-channel key recovery attacks. This technique uses cluster analysis to detect internal collisions and it combines features from previousl...
-
Chapter and Conference Paper
Mutual Information Analysis
We propose a generic information-theoretic distinguisher for differential side-channel analysis. Our model of side-channel leakage is a refinement of the one given by Standaert et al. An embedded device containin...
-
Chapter and Conference Paper
Power and Fault Analysis Resistance in Hardware through Dynamic Reconfiguration
Dynamically reconfigurable systems are known to have many advantages such as area and power reduction. The drawbacks of these systems are the reconfiguration delay and the overhead needed to provide reconfigur...