Paper 2012/256

The myth of generic DPA...and the magic of learning

Carolyn Whitnall, Elisabeth Oswald, and François-Xavier Standaert

Abstract

A generic DPA strategy is one which is able to recover secret information from physically observable device leakage without any a priori knowledge about the device's leakage characteristics. Here we provide much-needed clarification on results emerging from the existing literature, demonstrating precisely that such methods (strictly defined) are inherently restricted to a very limited selection of target functions. Continuing to search related techniques for a `silver bullet' generic attack appears a bootless errand. However, we find that a minor relaxation of the strict definition---the incorporation of some minimal non-device-specific intuition---produces scope for generic-emulating strategies, able to succeed against a far wider range of targets. We present stepwise regression as an example of such, and demonstrate its effectiveness in a variety of scenarios. We also give some evidence that its practical performance matches that of `best bit' DoM attacks which we take as further indication for the necessity of performing profiled attacks in the context of device evaluations.

Note: Revised to match author version of the article as published in the proceedings of CT-RSA 2014.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Proceedings of CT-RSA 2014
DOI
10.1007/978-3-319-04852-9_10.
Keywords
side-channel analysisdifferential power analysisgeneric DPA
Contact author(s)
carolyn whitnall @ bris ac uk
History
2014-08-04: last of 2 revisions
2012-05-09: received
See all versions
Short URL
https://ia.cr/2012/256
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2012/256,
      author = {Carolyn Whitnall and Elisabeth Oswald and François-Xavier Standaert},
      title = {The myth of generic DPA...and the magic of learning},
      howpublished = {Cryptology ePrint Archive, Paper 2012/256},
      year = {2012},
      doi = {10.1007/978-3-319-04852-9_10.},
      note = {\url{https://eprint.iacr.org/2012/256}},
      url = {https://eprint.iacr.org/2012/256}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.