A Fast Implementation of MPC-KSA Side-Channel Distinguisher

Abstract

MPC-KSA, a generic side-channel distinguisher based on Kolmogorov-Smirnov Test, turns out to be a promising alternative to its original counterpart MIA. However, current implementations of MPC-KSA are undesirably slow in practice. In light of this, we present a fast implementation for MPC-KSA distinguisher. The main idea of the proposed method is based on an essential observation that one of the two samples used in Kolmogorov-Smirnov Test for MPC-KSA is always a true subset of the other. Using this inherent relationship between these two leakage samples, we reduce sorting times and accelerate the counting operations in Kolmogorov-Smirnov Test. In this way, the time complexity of Kolmogorov-Smirnov Test for MPC-KSA is reduced from O(n^2) to O(n), and that of MPC-KSA is reduced from O(n^2) to O(n log n). Besides this, we present another optimization technique that further improves the performance of MPC-KSA. In order to verify the efficiency of the proposed method, we have performed MPC-KSA against real power traces published in DPA Contest V2. The result shows that an attack against 15,000 traces takes only 3.4 ms per trace by our optimized method while 85.5 ms per trace by the naive method.