A Stochastic Model for Differential Side Channel Cryptanalysis

This contribution presents a new approach to optimize the efficiency of differential side channel cryptanalysis against block ciphers by advanced stochastic methods. We approximate the real leakage function within a suitable vector subspace. Under appropriate conditions profiling requires only one t...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Hauptverfasser:	Schindler, Werner, Lemke, Kerstin, Paar, Christof
Format:	Tagungsbericht
Sprache:	eng
Schlagworte:	Applied sciences Computer science control theory systems Cryptography DEMA Differential Side Channel Cryptanalysis DPA Electromagnetic Analysis Electronics Exact sciences and technology Information, signal and communications theory Integrated circuits Integrated circuits by function (including memories and processors) Maximum Likelihood Principle Memory and file management (including protection and security) Memory organisation. Data processing Minimum Principle Power Analysis Semiconductor electronics. Microelectronics. Optoelectronics. Solid state devices Signal and communications theory Software Stochastic Model Telecommunications and information theory Template Attack
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	46
container_issue
container_start_page	30
container_title
container_volume
creator	Schindler, Werner Lemke, Kerstin Paar, Christof
description	This contribution presents a new approach to optimize the efficiency of differential side channel cryptanalysis against block ciphers by advanced stochastic methods. We approximate the real leakage function within a suitable vector subspace. Under appropriate conditions profiling requires only one test key. For the key extraction we present a ‘minimum principle’ that solely uses deterministic data dependencies and the ‘maximum likelihood principle’ that additionally incorporates the characterization of the noise revealed during profiling. The theoretical predictions are accompanied and confirmed by experiments. We demonstrate that the adaptation of probability densities is clearly advantageous regarding the correlation method, especially, if multiple leakage signals at different times can be jointly evaluated. Though our efficiency at key extraction is limited by template attacks profiling is much more efficient which is highly relevant if the designer of a cryptosystem is bounded by the number of measurements in the profiling step.
doi_str_mv	10.1007/11545262_3
format	Conference Proceeding
fullrecord	<record><control><sourceid>pascalfrancis_sprin</sourceid><recordid>TN_cdi_pascalfrancis_primary_17116110</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>17116110</sourcerecordid><originalsourceid>FETCH-LOGICAL-p218t-803a42e73ea9c37381e59e4ed8131190ff2f5c1b04ad6cb910ded8f384ce10f93</originalsourceid><addsrcrecordid>eNpFkD1PwzAYhM2XRFW68AuyILEE3tevE8cLEgqfUhFDYbZcx6aGkER2lv57UhXBLTc8p5PuGDtHuEIAeY1YiIKXXNMBWyhZUSGAUAkoDtkMS8ScSKijP8YrIQUesxkQ8FxJQadskdInTCKUUKoZu7nNVmNvNyaNwWYvfePazPcxuwveu-i6MZg2W4XGZfXGdN1E67gdRtOZdptCOmMn3rTJLX59zt4f7t_qp3z5-vhc3y7zgWM15hWQEdxJckZZklShK5QTrqmQEBV4z31hcQ3CNKVdK4RmYp4qYR2CVzRnF_vewSRrWh9NZ0PSQwzfJm41Stzthyl3uc-lCXUfLup1338ljaB3F-r_C-kHes1cYw</addsrcrecordid><sourcetype>Index Database</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>A Stochastic Model for Differential Side Channel Cryptanalysis</title><source>Springer Books</source><creator>Schindler, Werner ; Lemke, Kerstin ; Paar, Christof</creator><contributor>Rao, Josyula R. ; Sunar, Berk</contributor><creatorcontrib>Schindler, Werner ; Lemke, Kerstin ; Paar, Christof ; Rao, Josyula R. ; Sunar, Berk</creatorcontrib><description>This contribution presents a new approach to optimize the efficiency of differential side channel cryptanalysis against block ciphers by advanced stochastic methods. We approximate the real leakage function within a suitable vector subspace. Under appropriate conditions profiling requires only one test key. For the key extraction we present a ‘minimum principle’ that solely uses deterministic data dependencies and the ‘maximum likelihood principle’ that additionally incorporates the characterization of the noise revealed during profiling. The theoretical predictions are accompanied and confirmed by experiments. We demonstrate that the adaptation of probability densities is clearly advantageous regarding the correlation method, especially, if multiple leakage signals at different times can be jointly evaluated. Though our efficiency at key extraction is limited by template attacks profiling is much more efficient which is highly relevant if the designer of a cryptosystem is bounded by the number of measurements in the profiling step.</description><identifier>ISSN: 0302-9743</identifier><identifier>ISBN: 9783540284741</identifier><identifier>ISBN: 3540284745</identifier><identifier>EISSN: 1611-3349</identifier><identifier>EISBN: 9783540319405</identifier><identifier>EISBN: 3540319409</identifier><identifier>DOI: 10.1007/11545262_3</identifier><language>eng</language><publisher>Berlin, Heidelberg: Springer Berlin Heidelberg</publisher><subject>Applied sciences ; Computer science; control theory; systems ; Cryptography ; DEMA ; Differential Side Channel Cryptanalysis ; DPA ; Electromagnetic Analysis ; Electronics ; Exact sciences and technology ; Information, signal and communications theory ; Integrated circuits ; Integrated circuits by function (including memories and processors) ; Maximum Likelihood Principle ; Memory and file management (including protection and security) ; Memory organisation. Data processing ; Minimum Principle ; Power Analysis ; Semiconductor electronics. Microelectronics. Optoelectronics. Solid state devices ; Signal and communications theory ; Software ; Stochastic Model ; Telecommunications and information theory ; Template Attack</subject><ispartof>Cryptographic Hardware and Embedded Systems – CHES 2005, 2005, p.30-46</ispartof><rights>Springer-Verlag Berlin Heidelberg 2005</rights><rights>2005 INIST-CNRS</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/11545262_3$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.1007/11545262_3$$EHTML$$P50$$Gspringer$$H</linktohtml><link.rule.ids>309,310,779,780,784,789,790,793,4048,4049,27924,38254,41441,42510</link.rule.ids><backlink>$$Uhttp://pascal-francis.inist.fr/vibad/index.php?action=getRecordDetail&idt=17116110$$DView record in Pascal Francis$$Hfree_for_read</backlink></links><search><contributor>Rao, Josyula R.</contributor><contributor>Sunar, Berk</contributor><creatorcontrib>Schindler, Werner</creatorcontrib><creatorcontrib>Lemke, Kerstin</creatorcontrib><creatorcontrib>Paar, Christof</creatorcontrib><title>A Stochastic Model for Differential Side Channel Cryptanalysis</title><title>Cryptographic Hardware and Embedded Systems – CHES 2005</title><description>This contribution presents a new approach to optimize the efficiency of differential side channel cryptanalysis against block ciphers by advanced stochastic methods. We approximate the real leakage function within a suitable vector subspace. Under appropriate conditions profiling requires only one test key. For the key extraction we present a ‘minimum principle’ that solely uses deterministic data dependencies and the ‘maximum likelihood principle’ that additionally incorporates the characterization of the noise revealed during profiling. The theoretical predictions are accompanied and confirmed by experiments. We demonstrate that the adaptation of probability densities is clearly advantageous regarding the correlation method, especially, if multiple leakage signals at different times can be jointly evaluated. Though our efficiency at key extraction is limited by template attacks profiling is much more efficient which is highly relevant if the designer of a cryptosystem is bounded by the number of measurements in the profiling step.</description><subject>Applied sciences</subject><subject>Computer science; control theory; systems</subject><subject>Cryptography</subject><subject>DEMA</subject><subject>Differential Side Channel Cryptanalysis</subject><subject>DPA</subject><subject>Electromagnetic Analysis</subject><subject>Electronics</subject><subject>Exact sciences and technology</subject><subject>Information, signal and communications theory</subject><subject>Integrated circuits</subject><subject>Integrated circuits by function (including memories and processors)</subject><subject>Maximum Likelihood Principle</subject><subject>Memory and file management (including protection and security)</subject><subject>Memory organisation. Data processing</subject><subject>Minimum Principle</subject><subject>Power Analysis</subject><subject>Semiconductor electronics. Microelectronics. Optoelectronics. Solid state devices</subject><subject>Signal and communications theory</subject><subject>Software</subject><subject>Stochastic Model</subject><subject>Telecommunications and information theory</subject><subject>Template Attack</subject><issn>0302-9743</issn><issn>1611-3349</issn><isbn>9783540284741</isbn><isbn>3540284745</isbn><isbn>9783540319405</isbn><isbn>3540319409</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2005</creationdate><recordtype>conference_proceeding</recordtype><recordid>eNpFkD1PwzAYhM2XRFW68AuyILEE3tevE8cLEgqfUhFDYbZcx6aGkER2lv57UhXBLTc8p5PuGDtHuEIAeY1YiIKXXNMBWyhZUSGAUAkoDtkMS8ScSKijP8YrIQUesxkQ8FxJQadskdInTCKUUKoZu7nNVmNvNyaNwWYvfePazPcxuwveu-i6MZg2W4XGZfXGdN1E67gdRtOZdptCOmMn3rTJLX59zt4f7t_qp3z5-vhc3y7zgWM15hWQEdxJckZZklShK5QTrqmQEBV4z31hcQ3CNKVdK4RmYp4qYR2CVzRnF_vewSRrWh9NZ0PSQwzfJm41Stzthyl3uc-lCXUfLup1338ljaB3F-r_C-kHes1cYw</recordid><startdate>2005</startdate><enddate>2005</enddate><creator>Schindler, Werner</creator><creator>Lemke, Kerstin</creator><creator>Paar, Christof</creator><general>Springer Berlin Heidelberg</general><general>Springer</general><scope>IQODW</scope></search><sort><creationdate>2005</creationdate><title>A Stochastic Model for Differential Side Channel Cryptanalysis</title><author>Schindler, Werner ; Lemke, Kerstin ; Paar, Christof</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-p218t-803a42e73ea9c37381e59e4ed8131190ff2f5c1b04ad6cb910ded8f384ce10f93</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2005</creationdate><topic>Applied sciences</topic><topic>Computer science; control theory; systems</topic><topic>Cryptography</topic><topic>DEMA</topic><topic>Differential Side Channel Cryptanalysis</topic><topic>DPA</topic><topic>Electromagnetic Analysis</topic><topic>Electronics</topic><topic>Exact sciences and technology</topic><topic>Information, signal and communications theory</topic><topic>Integrated circuits</topic><topic>Integrated circuits by function (including memories and processors)</topic><topic>Maximum Likelihood Principle</topic><topic>Memory and file management (including protection and security)</topic><topic>Memory organisation. Data processing</topic><topic>Minimum Principle</topic><topic>Power Analysis</topic><topic>Semiconductor electronics. Microelectronics. Optoelectronics. Solid state devices</topic><topic>Signal and communications theory</topic><topic>Software</topic><topic>Stochastic Model</topic><topic>Telecommunications and information theory</topic><topic>Template Attack</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Schindler, Werner</creatorcontrib><creatorcontrib>Lemke, Kerstin</creatorcontrib><creatorcontrib>Paar, Christof</creatorcontrib><collection>Pascal-Francis</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Schindler, Werner</au><au>Lemke, Kerstin</au><au>Paar, Christof</au><au>Rao, Josyula R.</au><au>Sunar, Berk</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>A Stochastic Model for Differential Side Channel Cryptanalysis</atitle><btitle>Cryptographic Hardware and Embedded Systems – CHES 2005</btitle><date>2005</date><risdate>2005</risdate><spage>30</spage><epage>46</epage><pages>30-46</pages><issn>0302-9743</issn><eissn>1611-3349</eissn><isbn>9783540284741</isbn><isbn>3540284745</isbn><eisbn>9783540319405</eisbn><eisbn>3540319409</eisbn><abstract>This contribution presents a new approach to optimize the efficiency of differential side channel cryptanalysis against block ciphers by advanced stochastic methods. We approximate the real leakage function within a suitable vector subspace. Under appropriate conditions profiling requires only one test key. For the key extraction we present a ‘minimum principle’ that solely uses deterministic data dependencies and the ‘maximum likelihood principle’ that additionally incorporates the characterization of the noise revealed during profiling. The theoretical predictions are accompanied and confirmed by experiments. We demonstrate that the adaptation of probability densities is clearly advantageous regarding the correlation method, especially, if multiple leakage signals at different times can be jointly evaluated. Though our efficiency at key extraction is limited by template attacks profiling is much more efficient which is highly relevant if the designer of a cryptosystem is bounded by the number of measurements in the profiling step.</abstract><cop>Berlin, Heidelberg</cop><pub>Springer Berlin Heidelberg</pub><doi>10.1007/11545262_3</doi><tpages>17</tpages></addata></record>
fulltext	fulltext
identifier	ISSN: 0302-9743
ispartof	Cryptographic Hardware and Embedded Systems – CHES 2005, 2005, p.30-46
issn	0302-9743 1611-3349
language	eng
recordid	cdi_pascalfrancis_primary_17116110
source	Springer Books
subjects	Applied sciences Computer science control theory systems Cryptography DEMA Differential Side Channel Cryptanalysis DPA Electromagnetic Analysis Electronics Exact sciences and technology Information, signal and communications theory Integrated circuits Integrated circuits by function (including memories and processors) Maximum Likelihood Principle Memory and file management (including protection and security) Memory organisation. Data processing Minimum Principle Power Analysis Semiconductor electronics. Microelectronics. Optoelectronics. Solid state devices Signal and communications theory Software Stochastic Model Telecommunications and information theory Template Attack
title	A Stochastic Model for Differential Side Channel Cryptanalysis
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-10T16%3A32%3A02IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-pascalfrancis_sprin&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=A%20Stochastic%20Model%20for%20Differential%20Side%20Channel%20Cryptanalysis&rft.btitle=Cryptographic%20Hardware%20and%20Embedded%20Systems%20%E2%80%93%20CHES%202005&rft.au=Schindler,%20Werner&rft.date=2005&rft.spage=30&rft.epage=46&rft.pages=30-46&rft.issn=0302-9743&rft.eissn=1611-3349&rft.isbn=9783540284741&rft.isbn_list=3540284745&rft_id=info:doi/10.1007/11545262_3&rft_dat=%3Cpascalfrancis_sprin%3E17116110%3C/pascalfrancis_sprin%3E%3Curl%3E%3C/url%3E&rft.eisbn=9783540319405&rft.eisbn_list=3540319409&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true