Cryptology ePrint Archive: Report 2018/1047

On the Key Leakage from Linear Transformations

Seungkwang Lee and Nam-su Jho and Myungchul Kim

Abstract: Linear transformations are often applied to the table-based cryptographic implementation including white-box cryptography in order to prevent key-dependent intermediate values from being analyzed. However, it has been shown that there still exists a correlation before and after the linear transformations, and thus this is not enough to protect the key against gray-box attacks such as power analysis. So far, the Hamming weight of rows in the invertible matrix has been considered the main cause of the key leakage from the linear transformation. In this study, we provide an in-depth analysis of the cause with the distribution of intermediate values and the characteristics of block invertible binary matrices. Our mathematical analysis and experimental results show that the balanced distribution of the key-dependent intermediate value is the main cause of the key leakage.

Category / Keywords: secret-key cryptography / linear transformation, key leakage, power analysis

Date: received 29 Oct 2018, last revised 1 Jan 2020

Contact author: skwang at etri re kr

Available format(s): PDF | BibTeX Citation

Version: 20200102:050132 (All versions of this report)

Short URL: ia.cr/2018/1047


[ Cryptology ePrint archive ]