### Profiling DPA: Efficacy and efficiency trade-offs

Carolyn Whitnall and Elisabeth Oswald

##### Abstract

Linear regression-based methods have been proposed as efficient means of characterising device leakage in the training phases of profiled side-channel attacks. Empirical comparisons between these and the classical' approach to template building have confirmed the reduction in profiling complexity to achieve the same attack-phase success, but have focused on a narrow range of leakage scenarios which are especially favourable to simple (i.e.\ efficiently estimated) model specifications. In this contribution we evaluate---from a theoretic perspective as much as possible---the performance of linear regression-based templating in a variety of realistic leakage scenarios as the complexity of the model specification varies. We are particularly interested in complexity trade-offs between the number of training samples needed for profiling and the number of attack samples needed for successful DPA: over-simplified models will be cheaper to estimate but DPA using such a degraded model will require more data to recover the key. However, they can still offer substantial improvements over non-profiling strategies relying on the Hamming weight power model, and so represent a meaningful middle-ground between no' prior information and full' prior information.

Available format(s)
Category
Implementation
Publication info
Published elsewhere. IACR-CHES-2013
Keywords
side-channel analysistemplate attacks
Contact author(s)
carolyn whitnall @ bris ac uk
History
2016-02-04: last of 2 revisions
See all versions
Short URL
https://ia.cr/2013/353

CC BY

BibTeX

@misc{cryptoeprint:2013/353,
author = {Carolyn Whitnall and Elisabeth Oswald},
title = {Profiling DPA: Efficacy and efficiency trade-offs},
howpublished = {Cryptology ePrint Archive, Paper 2013/353},
year = {2013},
note = {\url{https://eprint.iacr.org/2013/353}},
url = {https://eprint.iacr.org/2013/353}
}
`
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.