Exploiting the Incomplete Avalanche Effect:A New Profiled Side-Channel Attack on AES
Algebraic side-channel attack (ASCA) has to rely on a machine solver to solve the equations of the cipher and side channel leaks.Many existing ASCAs utilize the SAT-based solver or the optimizer-based solver.It is critical to improving ASCAs” error tolerant capability and to interpreting their differences.In this paper, we propose a new profiled side-channel attack named as incomplete avalanche exploiting side-channel analysis(IAESCA) and apply it to AES.IAESCA does not require any machine solver.Extensive physical attacks are performed on an 8-bit microcontroller.Experimental results show that: 1) IAESCA can exploit the leaks in all AES rounds using a single power trace; 2) It has less time complexity and more robustness than previous ASCAs; 3) It can accurately calculate the reduced search space of the master key.For the first time, our IAESCA can interpret the mechanism behind previous ASCAs from a quantitative perspective, such as, why ASCA can work under unknown plaintext/ciphertext scenario, what are the extreme cases in ASCA on AES, and more.
incomplete avalanche algebraic side-channel attack AES Hamming weight leakage model error tolerance
Xinjie Zhao Shize Guo Fan Zhang Tao Wang Zhijie Shi
Francois-Xavier Standaert, Chujiao Ma
国内会议
上海
英文
105-127
2013-09-05(万方平台首次上网日期,不代表论文的发表时间)