Paper 2022/903

Cycle-Accurate Power Side-Channel Analysis Using the ChipWhisperer: a Case Study on Gaussian Sampling

Nils Wisiol, Technical University of Berlin
Patrick Gersch, Technical University of Berlin
Jean-Pierre Seifert, Technical University of Berlin

This paper presents an approach to uncover and analyze power side-channel leakages on a processor cycle level precision. By carefully designing and evaluating the measurement setup, accurate trace timing is enabled, which is used to overlay the trace with the corresponding assembly code. This methodology allows to expose the sources of leakage on a processor cycle scale, which allows for evaluating new implementations. It also exposes that the default ChipWhisperer configuration for STM32F4 targets used in prior work includes wait cycles that are rarely used in real-world applications, but affect power side-channel leakage. As an application for our setup, we target the widely used Sign-Flip function of Gaussian sampling code used in multiple Post-Quantum Key-Exchange Mechanisms and Signature schemes. We propose new implementations for the Sign-Flip function based on our analysis on the original implementation and further evaluate their leakage. Our findings allow the conclusion that unmasked cryptographic implementations of schemes based on Gaussian random numbers for STM32F4 cannot be secure against power side-channel, and that masking just the Gaussian sampler is not a viable option.

Available format(s)
Attacks and cryptanalysis
Publication info
Power side-channel ChipWhisperer Processor cycle level analysis Gaussian sampler Sign-Flip GALACTICS FALCON FrodoKEM
Contact author(s)
nwisiol @ gmail com
gersch patrick @ gmail com
2022-09-23: revised
2022-07-12: received
See all versions
Short URL
Creative Commons Attribution


      author = {Nils Wisiol and Patrick Gersch and Jean-Pierre Seifert},
      title = {Cycle-Accurate Power Side-Channel Analysis Using the ChipWhisperer: a Case Study on Gaussian Sampling},
      howpublished = {Cryptology ePrint Archive, Paper 2022/903},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.