Categorising and comparing cluster-based DPA distinguishers

Xinping Zhou*, Carolyn Whitnall, Elisabeth Oswald, Degang Sun, Zhu Wang

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Side-channel distinguishers play an important role in differential power analysis, where real world leakage information is compared against hypothetical predictions in order to guess at the underlying secret key. A class of distinguishers which can be described as ‘cluster-based’ have the advantage that they are able to exploit multi-dimensional leakage samples in scenarios where only loose, ‘semi-profiled’ approximations of the true leakage forms are available. This is by contrast with univariate distinguishers exploiting only single points (e.g. correlation), and Template Attacks requiring concise fitted models which can be overly sensitive to mismatch between the profiling and attack acquisitions. This paper collects together—to our knowledge, for the first time—the various different proposals for cluster-based DPA (concretely, Differential Cluster Analysis, First Principal Components Analysis, and Linear Discriminant Analysis), and shows how they fit within the robust ‘semi-profiling’ attack procedure proposed by Whitnall et al. at CHES 2015. We provide discussion of the theoretical similarities and differences of the separately proposed distinguishers as well as an empirical comparison of their performance in a range of (real and simulated) leakage scenarios and with varying parameters. Our findings have application for practitioners constrained to rely on ‘semi-profiled’ models who wish to make informed choices about the best known procedures to exploit such information.

Original languageEnglish
Title of host publicationSelected Areas in Cryptography – SAC 2017 - 24th International Conference, Revised Selected Papers
PublisherSpringer Verlag
Pages442-458
Number of pages17
ISBN (Print)9783319725642
DOIs
Publication statusPublished - 2018
Event24th International Conference on Selected Areas in Cryptography, SAC 2017 - Ottawa, Canada
Duration: 16 Aug 201718 Aug 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10719 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference24th International Conference on Selected Areas in Cryptography, SAC 2017
Country/TerritoryCanada
CityOttawa
Period16/08/1718/08/17

Bibliographical note

Funding Information:
Korak, Thomas Plos and Michael Hutter at TU Graz for supplying us with data from the TAMPRES project [1,7]. This work was supported by the National Natural Science Foundation of China (No. 61372062), and the European Union’s H2020 Programme under grant agreement number ICT-731591 (REASSURE). No research data was created for this paper.

Funding Information:
Institute of Information Engineering, Chinese Academy of Sciences, Beijing, People’s Republic of China {zhouxinping,sundegang,wangzhu}@iie.ac.cn School of Cyber Security, University of Chinese Academy of Sciences, Beijing, People’s Republic of China 3 Department of Computer Science, University of Bristol, Merchant Venturers Building, Woodland Road, Bristol BS8 1UB, UK {Carolyn.Whitnall,Elisabeth.Oswald}@bristol.ac.uk Abstract. Side-channel distinguishers play an important role in differential power analysis, where real world leakage information is compared against hypothetical predictions in order to guess at the underlying secret key. A class of distinguishers which can be described as ‘cluster-based’ have the advantage that they are able to exploit multi-dimensional leakage samples in scenarios where only loose, ‘semi-profiled’ approximations of the true leakage forms are available. This is by contrast with univariate distinguishers exploiting only single points (e.g. correlation), and Template Attacks requiring concise fitted models which can be overly sensitive to mismatch between the profiling and attack acquisitions. This paper collects together—to our knowledge, for the first time—the various different proposals for cluster-based DPA (concretely, Differential Cluster Analysis, First Principal Components Analysis, and Linear Discriminant Analysis), and shows how they fit within the robust ‘semi-profiling’ attack procedure proposed by Whitnall et al. at CHES 2015. We provide discussion of the theoretical similarities and differences of the separately proposed distinguishers as well as an empirical comparison of their performance in a range of (real and simulated) leakage scenarios and with varying parameters. Our findings have application for practitioners constrained to rely on ‘semi-profiled’ models who wish to make informed choices about the best known procedures to exploit such information.

Publisher Copyright:
© Springer International Publishing AG 2018.

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Categorising and comparing cluster-based DPA distinguishers'. Together they form a unique fingerprint.

Cite this