### Algebraic Side-Channel Attacks

Mathieu Renauld and Francois-Xavier Standaert

##### Abstract

In 2002, algebraic attacks using overdefined systems of equations have been proposed as a potentially very powerful cryptanalysis technique against block ciphers. However, although a number of convincing experiments have been performed against certain reduced algorithms, it is not clear wether these attacks can be successfully applied in general and to a large class of ciphers. In this paper, we show that algebraic techniques can be combined with side-channel attacks in a very effective and natural fashion. As an illustration, we apply them to the block cipher PRESENT that is a stimulating first target, due to its simple algebraic structure. The proposed attacks have a number of interesting features: (1) they exploit the information leakages of all the cipher rounds, (2) in common implementation contexts (e.g. assuming a Hamming weight leakage model), they recover the block cipher keys after the observation of a single encryption, (3) these attacks can succeed in an unknown-plaintext/ciphertext adversarial scenario and (4) they directly defeat countermeasures such as boolean masking. Eventually, we argue that algebraic side-channel attacks can take advantage of any kind of physical leakage, leading to a new tradeoff between the robustness and informativeness of the side-channel information extraction.

##### Metadata
Available format(s)
Publication info
Published elsewhere. Unknown where it was published
Keywords
cryptanalysisside-channel attacksblock ciphers
Contact author(s)
fstandae @ uclouvain be
History
2009-06-11: received
Short URL
https://ia.cr/2009/279
License

CC BY

BibTeX

@misc{cryptoeprint:2009/279,
author = {Mathieu Renauld and Francois-Xavier Standaert},
title = {Algebraic Side-Channel Attacks},
howpublished = {Cryptology ePrint Archive, Paper 2009/279},
year = {2009},
note = {\url{https://eprint.iacr.org/2009/279}},
url = {https://eprint.iacr.org/2009/279}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.