Revisiting Higher-Order DPA Attacks: Multivariate Mutual Information Analysis

Benedikt Gierlichs, Lejla Batina, Bart Preneel, and Ingrid Verbauwhede

Abstract

Security devices are vulnerable to side-channel attacks that perform statistical analysis on data leaked from cryptographic computations. Higher-order (HO) attacks are a powerful approach to break protected implementations. They inherently demand multivariate statistics because multiple aspects of signals have to be analyzed jointly. However, all published works on HO attacks follow the approach to first apply a pre-processing function to map the multivariate problem to a univariate problem and then to apply established $1^{st}$ order techniques. We propose a novel and different approach to HO attacks, Multivariate Mutual Information Analysis (MMIA), that allows to directly evaluate joint statistics without pre-processing. While this approach can benefit from a good power model, it also works without an assumption. A thorough empirical evaluation of MMIA and established HO attacks confirms the overwhelming advantage of the new approach: MMIA is more efficient and less affected by noise. Most important and opposed to all published approaches, MMIA's measurement cost grows sub-exponentially with the attack order. As a consequence, the security provided by the masking countermeasure needs to be reconsidered as $3^{rd}$ and higher order attacks become very practical.

Available format(s)
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
benedikt gierlichs @ esat kuleuven be
History
2009-05-30: revised
See all versions
Short URL
https://ia.cr/2009/228

CC BY

BibTeX

@misc{cryptoeprint:2009/228,
author = {Benedikt Gierlichs and Lejla Batina and Bart Preneel and Ingrid Verbauwhede},
title = {Revisiting Higher-Order DPA Attacks: Multivariate Mutual Information Analysis},
howpublished = {Cryptology ePrint Archive, Paper 2009/228},
year = {2009},
note = {\url{https://eprint.iacr.org/2009/228}},
url = {https://eprint.iacr.org/2009/228}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.