Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Improving non-profiled attacks on exponentiations based on clustering and extracting leakage from multi-channel high-resolution EM measurements

 
: Specht, R.; Heyszl, J.; Kleinsteuber, M.; Sigl, G.

:

Mangard, S.:
Constructive side-channel analysis and secure design. 6th international workshop, COSADE 2015 : Berlin, Germany, April 13-14, 2015; Revised selected papers
Cham: Springer International Publishing, 2015 (Lecture Notes in Computer Science 9064)
ISBN: 978-3-319-21475-7 (Print)
ISBN: 978-3-319-21476-4 (Online)
S.3-19
International Workshop on Constructive Side-Channel Analysis and Secure Design (COSADE) <6, 2015, Berlin>
Englisch
Konferenzbeitrag
Fraunhofer AISEC ()

Abstract
The success probability of side-channel attacks depends on the used measurement techniques as well as the algorithmic processing to exploit available leakage. This is particularly critical in case of asymmetric cryptography, where attackers are only allowed single side-channel observations because secrets are either ephemeral or blinded by countermeasures. We focus on non-profiled attacks which require less attacker privileges and cannot be prevented easily. We significantly improve the algorithmic processing in non-profiled attacks based on clustering against exponentiation-based implementations compared to previous contributions. This improvement is mainly due to PCA and a strategy to select few mid-ranked components where exploitable, low-variance leakage is concentrated. As a result from a practical experiment using single-channel high-resolution magnetic field measurements, we report a significant improvement in the number of successful attacks. Further, we present the first practical results from using three such channels simultaneously. The combination of three channels leads to further improved results over the best individual channel when applying a profiled template attack. The clustering-based algorithmic approach for the non-profiled attack, however, does not show improvements from the combination.

: http://publica.fraunhofer.de/dokumente/N-383103.html