Cryptology ePrint Archive: Report 2014/433

A Statistical Model for Higher Order DPA on Masked Devices

A. Adam Ding and Liwei Zhang and Yunsi Fei and Pei Luo

Abstract: A popular effective countermeasure to protect block cipher implementations against differential power analysis (DPA) attacks is to mask the internal operations of the cryptographic algorithm with random numbers. While the masking technique resists against first-order (univariate) DPA attacks, higher-order (multivariate) attacks were able to break masked devices. In this paper, we formulate a statistical model for higher-order DPA attack. We derive an analytic success rate formula that distinctively shows the effects of algorithmic confusion property, signal-noise-ratio (SNR), and masking on leakage of masked devices. It further provides a formal proof for the centered product combination function being optimal for higher-order attacks in very noisy scenarios. We believe that the statistical model fully reveals how the higher-order attack works around masking, and would offer good insights for embedded system designers to implement masking techniques.

Category / Keywords: Side-channel attack, differential power analysis, statistical model

Original Publication (in the same form): IACR-CHES-2014

Date: received 4 Jun 2014, last revised 13 Jun 2014

Contact author: a ding at neu edu

Available format(s): PDF | BibTeX Citation

Note: An extended version, over the page limit at CHES2014.

Version: 20140614:024845 (All versions of this report)

Short URL: ia.cr/2014/433

Discussion forum: Show discussion | Start new discussion