Springer, Lecture Notes in Computer Science, p. 221-234, 2010
DOI: 10.1007/978-3-642-11925-5_16
Full text: Download
Security devices are vulnerable to side-channel attacks that perform statistical analysis on data leaked from cryptographic computa- tions. Higher-order (HO) attacks are a powerful approach to break pro- tected implementations. They inherently demand multivariate statistics because multiple aspects of signals have to be analyzed jointly. However, all published works on HO attacks follow the approach to first apply a pre-processing function to map the multivariate problem to a univariate problem and then to apply established 1st order techniques. We propose a novel and different approach to HO attacks, Multivariate Mutual Infor- mation Analysis (MMIA), that allows to directly evaluate joint statistics without pre-processing. While this approach can benefit from a good power model, it also works without an assumption. A thorough empirical eval- uation of MMIA and established HO attacks confirms the overwhelming advantage of the new approach: MMIA is more efficient and less affected by noise. Most important and opposed to all published approaches, MMIA's measurement cost grows sub-exponentially with the attack order. As a con- sequence, the security provided by the masking countermeasure needs to be reconsidered as 3rd and higher order attacks become very practical.