Changhai Ou

Enhanced Correlation Power Analysis by Biasing Power Traces

Biasing power traces with high Signal to Noise Ratio (SNR) proposed by K. Yongdae et al. can significantly improve the efficiency of the CPA. But it is still a problem to be solved that how to efficiently select power traces with high SNR. Through the analysis of the statistical characteristics of power traces, we propose three methods to better solve this problem in this paper. We bias power traces by using the Minkowski distance (i.e. Euclidean distance or Manhattan distance) between each power trace and mean power trace. Biasing power traces can also be carried out by using probability density function values of power consumption of interesting points, or even directly using power consumption of interesting points. Our schemes can blindly select power traces with high SNR in a high probability. The efficiency of the CPA by using the three of our methods is significantly improved. Thus, our schemes are more effective compared to the one proposed by K. Yongdae et al.

A new efficient interesting points enhanced electromagnetic attack on AT89S52

Electromagnetic attacks are non-invasive attacks and pose serious threats to the security of cryptographic devices. However, its environment is complex and the noise on electromagnetic traces is often large. Thus, traditional differential electromagnetic analysis (DEMA) and correlation electromagnetic analysis (CEMA) require a lot of electromagnetic traces to recover the key used in the cryptographic devices. In order to reduce the number of electromagnetic traces required in our attacks, two high efficiency side channel distinguishers named multiple interesting points combined differential electromagnetic analysis (MIP-DEMA) and multiple interesting points combined correlation electromagnetic analysis (MIP-CEMA) are proposed in this paper. Experimental results on AES algorithm targeting an AT89S52 microcontroller show that, to get success rates of 0.80 and 1.00, only 40% ~ 60% of electromagnetic traces are needed in our MIP-DEMA and MIP-CEMA.

Improved wavelet transform for noise reduction in power analysis attacks

In side channel attacks (SCA), noise has been a hot topic for affecting the quality of obtained observations. In this paper, we propose a kind of improved wavelet transform denoising method based on singular spectral analysis (SSA) and detrended fluctuation analysis (DFA). Principal signal component in SSA can be selected by DFA adaptively, and residual part can be denoised by wavelet transform to retrieve important information. The method of superposition between signal component and denoised residual part improves the denoising efficiency of original wavelet transform. In order to verify the usefulness of the proposed method, we choose the correlation power analysis (CPA) to attack hard implementation of AES by using wavelet transform and the proposed method for preprocessing. Results show that the proposed method improve the success rate whilst decrease the necessary number of power consumption traces significantly. And the proposed method outperforms wavelet transform in noise elimination.

Power Traces Clipping and Splicing Enhanced Correlation Collision Analysis

Correlation enhanced Collision Attacks (CCA) can be able to exploit any first-order leakage without knowing the precise hypothetical power model. However, the correlation between time samples of two S-boxes is relatively weak, which leads to the low efficiency of CCA. Actually, the efficiency of CCA is much lower than that of Correlation Power Analysis (CPA). In this paper, two methods named Invalid Power Traces Clipping based CCA (IPTC-CCA) and Power Traces Splicing based CCA (PTS-CCA) are proposed to improve the efficiency of CCA. IPTC+PTS-CCA, a combination of IPTC-CCA and PTSCCA, which is more efficient than both stand-alone IPTC-CCA and PTS-CCA, is also proposed in this paper. Experiments on the power trace set of Rotating S-boxes Masking (RSM) protected AES-256 algorithm implemented on the Side-channel Attack Standard Evaluation Board (SASEBO) from the website DPA contest v4 show that the 3 schemes proposed in this paper can significantly improve the efficiency of CCA.

Hirschman optimal transform based correlation frequency electromagnetic analysis

Correlation Electromagnetic analysis (CEMA) has been effective in revealing the cryptographic key on cryptosystems. Random delay insertion (RDI) causes misalignments to prevent the action of these attacks in the time domain to avoid information leakage. In this paper, we first use the newly proposed time-frequency transformation Hirschman Optimal Transform (HOT) to transform the signal from the time domain to the frequency domain for analysis. Experimental results show that this method conquers the weakness in the time domain analysis in which the samples have to be aligned accurately. So, our proposed method can be used to break cipher chips with random delay. We find that our method is more efficient than a similar approach based on the DFT.

POSTER: A Novel Wavelet Denoising Method Based on Robust Principal Component Analysis in Side Channel Attacks

In the context of side channel attacks (SCA), multiple preprocessing methods proposed are used to improve the quality of measurements and enhance the attack performance. Different from existing preprocessing methods which accord to the spectral distribution of noise or depend on some objective functions to search optimal linear transform, we treat noise as an ensemble and separate it by discrete wavelet transform and robust principal component analysis (RPCA) blindly. All experiments show that the proposed method has a great impact on the noise reduction of a typical hardware implementation of AES when comparing to some existing methods.

Group Verification Based Multiple-Differential Collision Attack

Bogdanov and Kizhvatov proposed the concept of test of chain, but they didn’t give a practical scheme. Wang et al. proposed fault tolerant chain to enhance test of chain and gave a practical scheme. However, the attack efficiency of Correlation enhanced Collision Attack (CCA) is much lower than that of Correlation Power Analysis (CPA). A combination of CCA and CPA in fault tolerant chain proposed by Wang et al. may be unreasonable. Most importantly, when the threshold \(Thr_{\varDelta }\) introduced in Sect. 2.3 is large, the key recovery becomes very complex. Fault tolerant chain is unapplicable to this situation. In order to solve these problems, we propose a kind of new chain named group verification chain in this paper. We combine our group verification chain with MDCA and propose Group Verification based Multiple-Differential Collision Attack (GV-MDCA). Experiments on power trace set downloaded from the website DPA contest v4 show that our group verification chain significantly improves the efficiency of fault tolerant chain.

Error Tolerance based Single Interesting Point Side Channel CPA Distinguisher

The efficiency can be significantly improved if the attacker uses interesting points to perform Correlation Power Analysis (CPA). The prerequisite for this is that the attacker knows the positions of interesting points. However, it is difficult for the attacker to accurately find the locations of interesting points if he only has a small number of power traces. In this paper, we propose a Frequency based Interesting Points Selection algorithm (FIPS) to select interesting points under the condition that the attacker only has a very small number of power traces. Moreover, an error tolerant Single Interesting Point based CPA (SIP-CPA) is proposed. Experiments on AES algorithm implemented on an AT89S52 single chip and power trace set of DPA contest v1 of DES algorithm implemented on the Side Channel Attack Standard Evaluation Board (SASEBO) show that, our SIP-CPA can significantly improve the efficiency of CPA.

Uncertain? No, It’s Very Certain!

It has always been the concern of side channel analysis that how to recover the key with a probability of about 1.00 under the condition that the number of power traces is very small and the success rates is very low. In order to recover the key, the attacker has to try to reduce the guessing entropy to decrease the uncertainty of the key. Unfortunately, guessing entropy is only a evaluation of attack ability in most cases. In this paper, we introduce the statistical characteristics of guessing entropy and propose guessing entropy enhanced CPA (GE-CPA). Its feasibility is verified in theory and experiment. Experiments on both AES algorithm implemented on an AT89S52 single chip and power trace set secmatv1 of DES encryption on the side channel attack standard evaluation board(SASEBO) from the website DPA contest v1. The experimental results show that, by only repeating the experiments less than 30 times, our GE-CPA can effectively recover the key even under the bad condition that success rate only ranges from \(5\,\%\) to \(8\,\%\). Thus, the problem is well solved.

POSTER: Using Improved Singular Value Decomposition to Enhance Correlation Power Analysis

Correlation Power Analysis (CPA) is one of effective means of power analysis in side channel analysis. The noisy power traces can affect the power of CPA. It is significant to select the helpful power traces to improve the efficiency of analysis. In this paper, we present a new pre-processing method that is based on Improved Singular Value Decomposition (ISVD) for selecting the traces when using CPA to attack. The ISVD is a combination of SVD and Z-score. Experimental results show that our method is effective to improve the efficiency when analyzing both the unprotected implementation and the masked implementation.