2014
DOI: 10.1007/978-3-319-14123-7_5
|View full text |Cite
|
Sign up to set email alerts
|

A Machine Learning Approach Against a Masked AES

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

1
36
0

Year Published

2014
2014
2021
2021

Publication Types

Select...
3
3

Relationship

1
5

Authors

Journals

citations
Cited by 32 publications
(37 citation statements)
references
References 19 publications
1
36
0
Order By: Relevance
“…An attacker that knows the exact implementation of the shuffling countermeasure that was used might try to recover random bits used to shuffle the bytes and then extract the key using this knowledge (by finding the positions of shuffled operations using known random numbers). This technique was used to attack a masking scheme of a DPA Contest [10,11]. Basically, the attacker targets the random number generator which allows to effectively remove the security mechanism that uses randomness.…”
Section: Targeting the Rngmentioning
confidence: 99%
“…An attacker that knows the exact implementation of the shuffling countermeasure that was used might try to recover random bits used to shuffle the bytes and then extract the key using this knowledge (by finding the positions of shuffled operations using known random numbers). This technique was used to attack a masking scheme of a DPA Contest [10,11]. Basically, the attacker targets the random number generator which allows to effectively remove the security mechanism that uses randomness.…”
Section: Targeting the Rngmentioning
confidence: 99%
“…This explains why the attacks of Ye and Eisenbarth require many more traces (around 10 000), where a first-order attack knowing the mask requires only about 12 traces. Lerman et al have developed a profiling attack that consists in recovering the masks [23]. They used supervised learning to recognize the mask offset, that leaks strongly.…”
Section: Comparison With Other Attacks On the Dpa Contest V4 Aes Tracesmentioning
confidence: 99%
“…As related works we should address three recently published articles [3,23,46] which made use of DPA Contest V4 measurements. Although all of these articles provide many useful discussions and analysis tools, none of them exploits the first-order leakage that we present here.…”
Section: Introductionmentioning
confidence: 99%
“…Practical aspects of template attacks have been discussed in . The profiling phase of TA was improved in ; in recent years, the cryptographic community has been exploring the potential of TA based on machine learning approaches . In this respect, the selection of interesting points is a crucial aspect of profiling attacks.…”
Section: Introductionmentioning
confidence: 99%
“…So far, participants of the contest have performed many attacks aimed at the original RSM implementation. Different techniques were used such as mutual information analysis , collision on the S‐box , or recovering the offset value based on TA . We refer to work that provides a deep analysis of attacks executed during the DPA Contest V4.…”
Section: Introductionmentioning
confidence: 99%