Pragmatism vs. Elegance: Comparing Two Approaches to Simple Power Attacks on AES
Simple side-channel attacks trade off data complexity (i.e. the number of side-channel observations needed for a successful attack) with computational complexity (i.e. the number of operations applied to the side-channel traces). In the specific example of Simple Power Analysis (SPA) attacks on the Advanced Encryption Standard (AES), two approaches can be found in the literature, one which is a pragmatic approach that involves basic techniques such as efficient enumeration of key candidates, and one that is seemingly more elegant and uses algebraic techniques. Both of these different techniques have been used in complementary settings: the pragmatic attacks were solely applied to the key schedule whereas the more elegant methods were only applied to the encryption rounds. In this article, we investigate how these methods compare in what we consider to be a more practical setting in which adversaries gain access to erroneous information about both key schedule and encryption rounds. We conclude that the pragmatic enumeration technique better copes with erroneous information which makes it more interesting in practice.
Valentina Banciu has been supported by EPSRC via grant EP/H049606/1. Elisabeth Oswald has been supported in part by EPSRC via grant EP/I005226/1.
- 1.Bard, G.V., Courtois, N., Jefferson, C.: Efficient methods for conversion and solution of sparse systems of low-degree multivariate polynomials over GF(2) via SAT-solvers. IACR Cryptol. ePrint Arch. 2007, 24 (2007)Google Scholar
- 3.Courtois, N., Pieprzyk, J.: Cryptanalysis of block ciphers with overdefined systems of equations. IACR Cryptol. ePrint Arch. 2002, 44 (2002)Google Scholar
- 5.Daemen, J., Rijmen, V.: AES proposal: Rijndael. In: First Advanced Encryption Standard (AES) Conference (1998)Google Scholar
- 6.Gligoroski, D., Moe, M.E.: On deviations of the AES S-box when represented as vector valued Boolean function. Int. J. Comput. Sci. Netw. Secur. 7(4), 156–163 (2007)Google Scholar
- 10.Mohamed, M.S.E., Bulygin, S., Zohner, M., Heuser, A., Walter, M., Buchmann, J.: Improved algebraic side-channel attack on AES. In: HOST, pp. 146–151 (2012)Google Scholar
- 14.Renauld, M., Standaert, F.-X.: Combining algebraic and side-channel cryptanalysis against block ciphers. In: 30-th Symposium on Information Theory in the Benelux (2009)Google Scholar
- 15.Renauld, M., Standaert, F.-X.: Representation-, leakage- and cipher- dependencies in algebraic side-channel attacks. In: Industrial track of ACNS 2010 (2010)Google Scholar
- 17.Zhao, X., Zhang, F., Guo, S., Wang, T., Shi, Z., Liu, H., Ji, K.: MDASCA: an enhanced algebraic side-channel attack for error tolerance and new leakage model exploitation. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 231–248. Springer, Heidelberg (2012) CrossRefGoogle Scholar