How to Effectively Decrease the Resource Requirement in Template Attack?
- 663 Downloads
Under the assumption that one has a reference device identical to the target device and thus be well capable of characterizing the power leakages of the target device, Template Attack (TA) is widely accepted to be the strongest power analysis attack. However, a disadvantage of TA is that, its resource requirement is usually large, i.e. in order to accurately characterize the power leakages of the target device, one usually needs to use a large number of power traces in profiling. In practice, the large resource requirement of TA hinders its application. Therefore, it is utmost important to effectively decrease the resource requirement of TA, and make it applicable in practice. In light of this, we propose Bivariate Template Attack (BTA) in this paper. The central idea of BTA is to consider the joint leakages of all interesting points in a pairwise manner. We note that, when the same interesting points are used, BTA and TA can characterize and exploit the same amount of power leakages. However, compared with TA, the resource requirement of BTA is usually small. In fact, both simulated and real experiments will verify that, compared with TA, BTA requires less power traces in profiling to reach the same key-recovery efficiency.
KeywordsSide Channel Attacks Power Analysis Attacks Template Attack Resource Requirement Key-Recovery Efficiency
Unable to display preview. Download preview PDF.
- 4.Bär, M., Drexler, H., Pulkus, J.: Improved Template Attacks. In: COSADE 2010 (2010)Google Scholar
- 12.Kocher, P.C.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar