### How to Estimate the Success Rate of Higher-Order Side-Channel Attacks

Victor Lomné, Emmanuel Prouff, Matthieu Rivain, Thomas Roche, and Adrian Thillard

##### Abstract

The resistance of a cryptographic implementation with regards to side-channel analysis is often quantified by measuring the success rate of a given attack. This approach cannot always be followed in practice, especially when the implementation includes some countermeasures that may render the attack too costly for an evaluation purpose, but not costly enough from a security point of view. An evaluator then faces the issue of estimating the success rate of an attack he cannot mount. The present paper adresses this issue by presenting a methodology to estimate the success rate of higher-order side-channel attacks targeting implementations protected by masking. Specifically, we generalize the approach initially proposed at SAC 2008 in the context of first-order side-channel attacks. The principle is to approximate the distribution of an attack's score vector by a multivariate Gaussian distribution, whose parameters are derived by profiling the leakage. One can then accurately compute the expected attack success rate with respect to the number of leakage measurements. We apply this methodology to higher-order side-channel attacks based on the widely used correlation and likelihood distinguishers. Moreover, we validate our approach with simulations and practical attack experiments against masked AES implemenations running on two different microcontrollers.

Available format(s)
Category
Secret-key cryptography
Publication info
A minor revision of an IACR publication in CHES 2014
Keywords
Side-channelssuccess rate
Contact author(s)
History
2014-09-11: revised
See all versions
Short URL
https://ia.cr/2014/673

CC BY

BibTeX

@misc{cryptoeprint:2014/673,
author = {Victor Lomné and Emmanuel Prouff and Matthieu Rivain and Thomas Roche and Adrian Thillard},
title = {How to Estimate the Success Rate of Higher-Order Side-Channel Attacks},
howpublished = {Cryptology ePrint Archive, Paper 2014/673},
year = {2014},
note = {\url{https://eprint.iacr.org/2014/673}},
url = {https://eprint.iacr.org/2014/673}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.