Abstract
Vertical side-channel attacks represent a major threat to the confidentiality of enclosed secrets in hardware devices. Fortunately, countermeasures such as blinding or masking are nowadays quasi-systematically used to protect implementations of asymmetric cryptographic algorithms (RSA, ECDSA). Horizontal attacks thus constitute an interesting alternative for adversaries. They aim at recovering the secret exponent or scalar using a single trace, thus bypassing the blinding countermeasure. Several attacks have been proposed, based for instance on statistical distinguisher or clustering techniques. However, the success of these attacks relies heavily on the selection of Points of Interest (PoI) carrying leakage, extracted from acquired signals.
In this context, this work aims at providing a framework for the selection of PoI in the context of noisy traces. It is based on statistical tests applied to the distribution of each point; these tests have been derived from the analysis of noise impact on distributions. Experiments performed with this framework emphasize a gap reduction in terms of attack success rates between unsupervised and supervised attacks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
MbedTLS library. https://github.com/Mbed-TLS/mbedtls/
Batina, L., Hogenboom, J., van Woudenberg, J.G.J.: Getting more from PCA: first results of using principal component analysis for extensive power analysis. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 383–397. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27954-6_24
Bauer, A., Jaulmes, E., Prouff, E., Wild, J.: Horizontal collision correlation attack on elliptic curves. In: Lange, T., Lauter, K., Lisoněk, P. (eds.) SAC 2013. LNCS, vol. 8282, pp. 553–570. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43414-7_28
Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28632-5_2
Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36400-5_3
Clavier, C., Feix, B., Gagnerot, G., Roussellet, M., Verneuil, V.: Horizontal correlation analysis on exponentiation. In: Soriano, M., Qing, S., López, J. (eds.) ICICS 2010. LNCS, vol. 6476, pp. 46–61. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17650-0_5
Clavier, C., Feix, B., Gagnerot, G., Roussellet, M., Verneuil, V.: Square always exponentiation. In: Bernstein, D.J., Chatterjee, S. (eds.) INDOCRYPT 2011. LNCS, vol. 7107, pp. 40–57. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25578-6_5
Coron, J.-S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48059-5_25
Diop, I., Linge, Y., Ordas, T., Liardet, P.-Y., Maurine, P.: From theory to practice: horizontal attacks on protected implementations of modular exponentiations. J. Cryptogr. Eng. 9(1), 37 (2019)
Heyszl, J., Ibing, A., Mangard, S., De Santis, F., Sigl, G.: Clustering algorithms for non-profiled single-execution attacks on exponentiations. In: Francillon, A., Rohatgi, P. (eds.) CARDIS 2013. LNCS, vol. 8419, pp. 79–93. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08302-5_6
Johnson, D., Menezes, A., Vanstone, S.: The elliptic curve digital signature algorithm (ECDSA). Int. J. Inf. Secur. 1(1), 36–63 (2001)
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25
Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-68697-5_9
Nascimento, E., Chmielewski, L.: Horizontal clustering side-channel attacks on embedded ECC implementations (extended version). Number 1204 (2017)
Perin, G., Chmielewski, Ł: A semi-parametric approach for side-channel attacks on protected RSA implementations. In: Homma, N., Medwed, M. (eds.) CARDIS 2015. LNCS, vol. 9514, pp. 34–53. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31271-2_3
Perin, G., Chmielewski, Ł., Batina, L., Picek, S.: Keep it unsupervised: horizontal attacks meet deep learning. IACR Trans. Cryptogr. Hardw. Embedded Syst., 343–372 (2021)
Perin, G., Imbert, L., Torres, L., Maurine, P.: Attacking randomized exponentiations using unsupervised learning. In: Prouff, E. (ed.) COSADE 2014. LNCS, vol. 8622, pp. 144–160. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10175-0_11
Benadjila, R., Prouff, E., Strullu, R., Cagli, E., Dumas, C.: Study of deep learning techniques for side-channel analysis and introduction to ASCAD database (2018). Report Number: 053
Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)
Schindler, W., Walter, C.D.: Optimal recovery of secret keys from weak side channel traces. In: Parker, M.G. (ed.) IMACC 2009. LNCS, vol. 5921, pp. 446–468. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10868-6_27
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Cler, G., Ordas, S., Maurine, P. (2024). Bernoulli at the Root of Horizontal Side Channel Attacks. In: Bhasin, S., Roche, T. (eds) Smart Card Research and Advanced Applications. CARDIS 2023. Lecture Notes in Computer Science, vol 14530. Springer, Cham. https://doi.org/10.1007/978-3-031-54409-5_6
Download citation
DOI: https://doi.org/10.1007/978-3-031-54409-5_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-54408-8
Online ISBN: 978-3-031-54409-5
eBook Packages: Computer ScienceComputer Science (R0)