First-Order Differential Power Analysis on the Duplication Method

  • Guillaume Fumaroli
  • Emmanuel Mayer
  • Renaud Dubois
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4859)


Cryptographic embedded systems are vulnerable to Differential Power Analysis (DPA). In particular, the S-boxes of a block cipher are known to be the most sensitive parts with respect to this very kind of attack. While many sound countermeasures have been proposed to withstand this weakness, most of them are too costly to be adopted in real-life implementations of cryptographic algorithms. In this paper, we focus on a widely adopted lightweight variation on the well-known Duplication Method. While it is known that this design is vulnerable to higher-order DPA attacks, we show that it can also be efficiently broken by first-order DPA attacks. Finally, we point out ad hoc costless countermeasures that circumvent our attacks.


Side-channel analysis differential power analysis zero attack spectral analysis 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Akkar, M.L., Giraud, C.: An Implementation of DES and AES Secure Against Some Attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 309–318. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  2. 2.
    Celler, F., Leedham-Green, C.R., Murray, S.H., Niemeyer, A.C., O’Brien, E.A.: Generating random element of a finite group. Comm. Algebra 23(13), 4931–4948 (1995) zbMATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Chari, S., Jutla, C., Rao, J., Rohatgi, P.: Toward Sound Approaches to Counteract Power-Analysis Attacks. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999)Google Scholar
  4. 4.
    Cooperman, G.: Towards a practical, theoretically sound algorithm for random generation in finite groups (2002)Google Scholar
  5. 5.
    Golić, J.D., Tymen, C.: Multiplicative Masking and Power Analysis of AES. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 198–212. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    Goubin, L., Patarin, J.: DES and Differential Power Analysis – The “Duplication” Method. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 158–172. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  7. 7.
    Joye, M., Paillier, P., Schoenmakers, B.: On Second-Order Differential Power Analysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 291–308. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  8. 8.
    Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  9. 9.
    Messerges, T.S.: Using Second-Order Power Analysis to Attack DPA Resistant Software. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 71–77. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  10. 10.
    Oswald, E., Mangard, S., Pramstaller, N., Rijmen, V.: A Side-Channel Analysis Description of the AES S-Box. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 413–423. Springer, Heidelberg (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Guillaume Fumaroli
    • 1
  • Emmanuel Mayer
    • 2
  • Renaud Dubois
    • 1
  1. 1.Thales Communications, 160 Boulevard de Valmy – BP 82, 92704 Colombes cedexFrance
  2. 2.DGA/CELAR, BP 57419, 35174 Bruz cedexFrance

Personalised recommendations