Paper 2013/842
Detecting Hidden Leakages
Amir Moradi, Sylvain Guilley, and Annelie Heuser
Abstract
Reducing the entropy of the mask is a technique which has been proposed to mitigate the high performance overhead of masked software implementations of symmetric block ciphers. Rotating S-box Masking (RSM) is an example of such schemes applied to AES with the purpose of maintaining the security at least against univariate first-order side-channel attacks. This article examines the vulnerability of a realization of such technique using the side-channel measurements publicly available through DPA contest V4. Our analyses which focus on exploiting the first-order leakage of the implementation discover a couple of potential attacks which can recover the secret key. Indeed the leakage we exploit is due to a design mistake as well as the characteristics of the implementation platform, none of which has been considered during the design of the countermeasure (implemented in naive C code).
Metadata
- Available format(s)
- Publication info
- Published elsewhere. ACNS 2014
- Keywords
- side-channel analysisleakage detectionvariance testNICVcorrelation-collisionCPAhidden modelslinear regression.
- Contact author(s)
- amir moradi @ rub de
- History
- 2014-03-28: revised
- 2013-12-17: received
- See all versions
- Short URL
- https://ia.cr/2013/842
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2013/842, author = {Amir Moradi and Sylvain Guilley and Annelie Heuser}, title = {Detecting Hidden Leakages}, howpublished = {Cryptology {ePrint} Archive, Paper 2013/842}, year = {2013}, url = {https://eprint.iacr.org/2013/842} }