Issue No.06 - June (2009 vol.58)
Emmanuel Prouff , Oberthur Technologies, France
Régis Bévan , Nagra France, Paris
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TC.2009.15
Second order Differential Power Analysis (2O-DPA) is a powerful side-channel attack that allows an attacker to bypass the widely used masking countermeasure. To thwart 2O-DPA, higher order masking may be employed but it implies a nonnegligible overhead. In this context, there is a need to know how efficient a 2O-DPA can be, in order to evaluate the resistance of an implementation that uses first order masking and, possibly, some hardware countermeasures. Different methods of mounting a practical 2O-DPA attack have been proposed in the literature. However, it is not yet clear which of these methods is the most efficient. In this paper, we give a formal description of the higher order DPA that are mounted against software implementations. We then introduce a framework in which the attack efficiencies may be compared. The attacks we focus on involve the combining of several leakage signals and the computation of correlation coefficients to discriminate the wrong key hypotheses. In the second part of this paper, we pay particular attention to 2O-DPA that involves the product combining or the absolute difference combining. We study them under the assumption that the device leaks the Hamming weight of the processed data together with an independent Gaussian noise. After showing a way to improve the product combining, we argue that in this model, the product combining is more efficient not only than absolute difference combining, but also than all the other combining techniques proposed in the literature.
Embedded systems security, cryptographic implementations, side-channel analysis, higher order differential power analysis.
Emmanuel Prouff, Régis Bévan, "Statistical Analysis of Second Order Differential Power Analysis", IEEE Transactions on Computers, vol.58, no. 6, pp. 799-811, June 2009, doi:10.1109/TC.2009.15