Cryptology ePrint Archive: Report 2007/443

Template Attacks with a Power Model

Moulay Abdelaziz EL AABID and Sylvain GUILLEY and Philippe HOOGVORST

Abstract: This article analyses some properties of the \emph{template attack}. Examples come from attacks against an unprotected ASIC implementation of DES. The principal components analysis (PCA) is used to represent the templates in two dimensions. We give a physical interpretation of the templates PCA eigenvalues and eigenvectors. We show that the S-boxes are \emph{not} the target of template attacks. We point out that the efficiency of template attacks on unprotected implementations can be unleashed by using a power model. The most suitable power-model happens to be linked to the key schedule. This casts a new light on key schedule requirements for SCA resistance against a ``template'' attacker. The results are tailored for DES, because this symmetric block cipher is emblematic and is still promised a long life. Its key schedule is also remarkably simple, with cryptanalytic weaknesses,that paradoxically turn out to be a strength against SCA.

Category / Keywords: secret-key cryptography / Template attacks, principal component analysis, side-channel attack

Date: received 27 Nov 2007, last revised 6 Dec 2007

Contact author: elaabid at enst fr

Available format(s): PDF | BibTeX Citation

Version: 20071206:142425 (All versions of this report)

Short URL: ia.cr/2007/443

Discussion forum: Show discussion | Start new discussion