TY - GEN
T1 - Algebraic side-channel analysis in the presence of errors
AU - Oren, Yossef
AU - Kirschbaum, Mario
AU - Popp, Thomas
AU - Wool, Avishai
PY - 2010/1/1
Y1 - 2010/1/1
N2 - Measurement errors make power analysis attacks difficult to mount when only a single power trace is available: the statistical methods that make DPA attacks so successful are not applicable since they require many (typically thousands) of traces. Recently it was suggested by [18] to use algebraic methods for the single-trace scenario, converting the key recovery problem into a Boolean satisfiability (SAT) problem, then using a SAT solver. However, this approach is extremely sensitive to noise (allowing an error rate of well under 1% at most), and the question of its practicality remained open. In this work we show how a single-trace side-channel analysis problem can be transformed into a pseudo-Boolean optimization (PBOPT) problem, which takes errors into consideration. The PBOPT instance can then be solved using a suitable optimization problem solver. The PBOPT syntax provides for a more expressive input specification which allows a very natural representation of measurement errors. Most importantly, we show that using our approach we are able to mount successful and efficient single-trace attacks even in the presence of realistic error rates of 10%-20%. We call our new attack methodology Tolerant Algebraic Side-Channel Analysis (TASCA). We show practical attacks on two real ciphers: Keeloq and AES.
AB - Measurement errors make power analysis attacks difficult to mount when only a single power trace is available: the statistical methods that make DPA attacks so successful are not applicable since they require many (typically thousands) of traces. Recently it was suggested by [18] to use algebraic methods for the single-trace scenario, converting the key recovery problem into a Boolean satisfiability (SAT) problem, then using a SAT solver. However, this approach is extremely sensitive to noise (allowing an error rate of well under 1% at most), and the question of its practicality remained open. In this work we show how a single-trace side-channel analysis problem can be transformed into a pseudo-Boolean optimization (PBOPT) problem, which takes errors into consideration. The PBOPT instance can then be solved using a suitable optimization problem solver. The PBOPT syntax provides for a more expressive input specification which allows a very natural representation of measurement errors. Most importantly, we show that using our approach we are able to mount successful and efficient single-trace attacks even in the presence of realistic error rates of 10%-20%. We call our new attack methodology Tolerant Algebraic Side-Channel Analysis (TASCA). We show practical attacks on two real ciphers: Keeloq and AES.
KW - Algebraic attacks
KW - Power analysis
KW - Pseudo-Boolean optimization
KW - Side-channel attacks
UR - http://www.scopus.com/inward/record.url?scp=78049331666&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-15031-9_29
DO - 10.1007/978-3-642-15031-9_29
M3 - Conference contribution
AN - SCOPUS:78049331666
SN - 3642150306
SN - 9783642150302
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 428
EP - 442
BT - Cryptographic Hardware and Embedded Systems, CHES 2010 - 12th International Workshop, Proceedings
PB - Springer Verlag
T2 - 12th International Workshop on Cryptographic Hardware and Embedded Systems, CHES 2010
Y2 - 17 August 2010 through 20 August 2010
ER -