Algebraic side-channel analysis in the presence of errors

Yossef Oren, Mario Kirschbaum, Thomas Popp, Avishai Wool

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

40 Scopus citations


Measurement errors make power analysis attacks difficult to mount when only a single power trace is available: the statistical methods that make DPA attacks so successful are not applicable since they require many (typically thousands) of traces. Recently it was suggested by [18] to use algebraic methods for the single-trace scenario, converting the key recovery problem into a Boolean satisfiability (SAT) problem, then using a SAT solver. However, this approach is extremely sensitive to noise (allowing an error rate of well under 1% at most), and the question of its practicality remained open. In this work we show how a single-trace side-channel analysis problem can be transformed into a pseudo-Boolean optimization (PBOPT) problem, which takes errors into consideration. The PBOPT instance can then be solved using a suitable optimization problem solver. The PBOPT syntax provides for a more expressive input specification which allows a very natural representation of measurement errors. Most importantly, we show that using our approach we are able to mount successful and efficient single-trace attacks even in the presence of realistic error rates of 10%-20%. We call our new attack methodology Tolerant Algebraic Side-Channel Analysis (TASCA). We show practical attacks on two real ciphers: Keeloq and AES.

Original languageEnglish
Title of host publicationCryptographic Hardware and Embedded Systems, CHES 2010 - 12th International Workshop, Proceedings
PublisherSpringer Verlag
Number of pages15
ISBN (Print)3642150306, 9783642150302
StatePublished - 1 Jan 2010
Externally publishedYes
Event12th International Workshop on Cryptographic Hardware and Embedded Systems, CHES 2010 - Santa Barbara, CA, United States
Duration: 17 Aug 201020 Aug 2010

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume6225 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference12th International Workshop on Cryptographic Hardware and Embedded Systems, CHES 2010
Country/TerritoryUnited States
CitySanta Barbara, CA


  • Algebraic attacks
  • Power analysis
  • Pseudo-Boolean optimization
  • Side-channel attacks

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science (all)


Dive into the research topics of 'Algebraic side-channel analysis in the presence of errors'. Together they form a unique fingerprint.

Cite this