Paper 2018/1047
On the Key Leakage from Linear Transformations
Seungkwang Lee and Nam-su Jho and Myungchul Kim
Abstract
Linear transformations are often applied to the table-based cryptographic implementation including white-box cryptography in order to prevent key-dependent intermediate values from being analyzed. However, it has been shown that there still exists a correlation before and after the linear transformations, and thus this is not enough to protect the key against gray-box attacks such as power analysis. So far, the Hamming weight of rows in the invertible matrix has been considered the main cause of the key leakage from the linear transformation. In this study, we provide an in-depth analysis of the cause with the distribution of intermediate values and the characteristics of block invertible binary matrices. Our mathematical analysis and experimental results show that the balanced distribution of the key-dependent intermediate value is the main cause of the key leakage.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Preprint. MINOR revision.
- Keywords
- linear transformationkey leakagepower analysis
- Contact author(s)
- skwang @ etri re kr
- History
- 2020-02-18: last of 10 revisions
- 2018-11-02: received
- See all versions
- Short URL
- https://ia.cr/2018/1047
- License
-
CC BY