Statistical Higher-Order Correlation Attacks Against Code-Based Masking

IF 3.6 2区计算机科学 Q2 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

IEEE Transactions on Computers Pub Date : 2024-07-05 DOI:10.1109/TC.2024.3424208

Wei Cheng;Jingdian Ming;Sylvain Guilley;Jean-Luc Danger

引用次数: 0

Abstract

Masking is one of the most well-established methods to thwart side-channel attacks. Many masking schemes have been proposed in the literature, and code-based masking emerges and unifies several masking schemes in a coding-theoretic framework. In this work, we investigate the side-channel resistance of code-based masking from a non-profiling perspective by utilizing correlation-based side-channel attacks. We present a systematic evaluation of correlation attacks with various higher-order (centered) moments and then present the form of optimal correlation attacks. Interestingly, the Pearson correlation coefficient between the hypothetical leakage and the measured traces is connected to the signal-to-noise ratio in higher-order moments, and it turns out to be easy to evaluate rather than launch repeated attacks. We also identify some ineffective higher-order correlation attacks at certain orders when the device leaks under the Hamming weight leakage model. Our theoretical findings are verified through both simulated and real-world measurements.

查看原文本刊更多论文

针对基于代码的掩码的统计高阶相关性攻击

掩码是挫败侧信道攻击最行之有效的方法之一。文献中提出了许多掩码方案，而基于编码的掩码是在编码理论框架下出现并统一了几种掩码方案。在这项工作中，我们利用基于相关性的侧信道攻击，从非伪装的角度研究了基于代码的掩蔽的抗侧信道能力。我们用各种高阶（居中）矩对相关性攻击进行了系统评估，然后提出了最优相关性攻击的形式。有趣的是，假设泄漏与测量迹线之间的皮尔逊相关系数与高阶时刻的信噪比有关，因此很容易评估而不是发起重复攻击。在汉明权重泄漏模型下，当设备发生泄漏时，我们还确定了某些阶次的无效高阶相关性攻击。我们的理论发现通过模拟和实际测量得到了验证。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Computers 工程技术-工程：电子与电气

CiteScore

6.60

自引率

5.40%

发文量

199

审稿时长

6.0 months

期刊介绍： The IEEE Transactions on Computers is a monthly publication with a wide distribution to researchers, developers, technical managers, and educators in the computer field. It publishes papers on research in areas of current interest to the readers. These areas include, but are not limited to, the following: a) computer organizations and architectures; b) operating systems, software systems, and communication protocols; c) real-time systems and embedded systems; d) digital devices, computer components, and interconnection networks; e) specification, design, prototyping, and testing methods and tools; f) performance, fault tolerance, reliability, security, and testability; g) case studies and experimental and theoretical evaluations; and h) new and important applications and trends.