Paper 2018/959

Information Entropy Based Leakage Certification

Changhai Ou, Xinping Zhou, and Siew-Kei Lam


Side-channel attacks and evaluations typically utilize leakage models to extract sensitive information from measurements of cryptographic implementations. Efforts to establish a true leakage model is still an active area of research since Kocher proposed Differential Power Analysis (DPA) in 1999. Leakage certification plays an important role in this aspect to address the following question: "how good is my leakage model?". However, existing leakage certification methods still need to tolerate assumption error and estimation error of unknown leakage models. There are many probability density distributions satisfying given moment constraints. As such, finding the most unbiased and most reasonable model still remains an unresolved problem. In this paper, we address a more fundamental question: "what's the true leakage model of a chip?". In particular, we propose Maximum Entropy Distribution (MED) to estimate the leakage model as MED is the most unbiased, objective and theoretically the most reasonable probability density distribution conditioned upon the available information. MED can theoretically use information on arbitrary higher-order moments to infinitely approximate the true leakage model. It well compensates the theory vacancy of model profiling and evaluation. Experimental results demonstrate the superiority of our proposed method for approximating the leakage model using MED estimation.

Available format(s)
Publication info
Preprint. MINOR revision.
information theorymaximum entropymaximum entropy distributionleakage modelleakage certificationside channel attack
Contact author(s)
chou @ ntu edu sg
2018-10-13: last of 2 revisions
2018-10-13: received
See all versions
Short URL
Creative Commons Attribution


      author = {Changhai Ou and Xinping Zhou and Siew-Kei Lam},
      title = {Information Entropy Based Leakage Certification},
      howpublished = {Cryptology ePrint Archive, Paper 2018/959},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.