Differential Cluster Analysis

Batina, Lejla; Gierlichs, Benedikt; Lemke‐Rust, Kerstin

doi:10.1007/978-3-642-04138-9_9

Cited by 51 publications

(40 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…And this feature has no effect on the conditional entropy and the corresponding mutual information. This is in contrast with correlation attacks, which may still be able to detect a (weak) linear dependence if it exists, but not specific to MIA: most attacks based on leakage partitions suffer from the same limitation [29,33,35]. We note that if an adversary aims to be perfectly generic and to use an identity leakage model, he can always target intermediate variables that do not bijectively depend on the key for a given plaintext.…”

Section: Discussionmentioning

confidence: 98%

See 1 more Smart Citation

Mutual Information Analysis: a Comprehensive Study

et al. 2010

Self Cite

View full text Add to dashboard Cite

Abstract. Mutual Information Analysis is a generic side-channel distinguisher that has been introduced at CHES 2008. It aims to allow successful attacks requiring minimum assumptions and knowledge of the target device by the adversary. In this paper, we compile recent contributions and applications of MIA in a comprehensive study. From a theoretical point of view, we carefully discuss its statistical properties and relationship with probability density estimation tools. From a practical point of view, we apply MIA in two of the most investigated contexts for side-channel attacks. Namely, we consider first order attacks against an unprotected implementation of the DES in a full custom IC and second order attacks against a masked implementation of the DES in an 8-bit microcontroller. These experiments allow to put forward the strengths and weaknesses of this new distinguisher and to compare it with standard power analysis attacks using the correlation coefficient.

show abstract

Section: Discussionmentioning

confidence: 98%

“…Several solutions exist, ranging from simple histograms to kernel density estimation, data clustering [35] and vector quantization [31]. The authors of [8] used histograms for density estimation as a proof of concept for MIA.…”

Section: Pdf Estimation Toolsmentioning

confidence: 99%

Mutual Information Analysis: a Comprehensive Study

et al. 2010

Self Cite

View full text Add to dashboard Cite

show abstract

“…Examining the First-Order Leakage Back to the original correlation-collision attack [29], which is shortly restated later, the authors proposed a variance test approach which can identify the time instances when a first-order leakage is exhibited by the traces. It is worth to mention that relatively-similar approaches were previously introduced in [1,42] as inter cluster separation and variance test. In order to follow this approach we first need to estimate the mean of the traces classified by the plaintext bytes.…”

Section: Discussionmentioning

confidence: 99%

Detecting Hidden Leakages

Moradi

Guilley

Heuser

2014

Applied Cryptography and Network Security

View full text Add to dashboard Cite

Abstract. Reducing the entropy of the mask is a technique which has been proposed to mitigate the high performance overhead of masked software implementations of symmetric block ciphers. Rotating S-box Masking (RSM) is an example of such schemes applied to AES with the purpose of maintaining the security at least against univariate first-order side-channel attacks. This article examines the vulnerability of a realization of such technique using the side-channel measurements publicly available through DPA contest V4. Our analyses which focus on exploiting the first-order leakage of the implementation discover a couple of potential attacks which can recover the secret key. Indeed the leakage we exploit is due to a design mistake as well as the characteristics of the implementation platform, none of which has been considered during the design of the countermeasure (implemented in naive C code).

show abstract

“…Batina et al [1] presented the Differential Cluster Analysis (DCA) against a cryptographic device using an unknown fixed subkey. This technique uses cluster analysis to detect internal collisions in their traces.…”

Section: Overview Of Related Workmentioning

confidence: 99%

Semi-Supervised Template Attack

Lerman

Medeiros

Veshchikov

et al. 2013

Constructive Side-Channel Analysis and Secure Design

View full text Add to dashboard Cite

Abstract. Side channel attacks take advantage of the information leakage in a cryptographic device. A template attack is a family of side channel attacks which is reputed to be extremely effective. This kind of attacks supposes that the attacker can fully control a cryptographic device before attacking a similar one. In this paper, we propose a method based on a semi-supervised learning strategy to relax this assumption. The effectiveness of our proposal is confirmed by software simulations as well as by experiments on a 8-bit microcontroller.

show abstract

Differential Cluster Analysis

Cited by 51 publications

References 20 publications

Mutual Information Analysis: a Comprehensive Study

Mutual Information Analysis: a Comprehensive Study

Detecting Hidden Leakages

Semi-Supervised Template Attack

Contact Info

Product

Resources

About