Stochastic Collision Attack

Nicolas Bruneau 1, 2 Claude Carlet Sylvain Guilley 1, 2 Annelie Heuser 3, 2 Emmanuel Prouff Olivier Rioul 3, 2
1 SSH - Secure and Safe Hardware
LTCI - Laboratoire Traitement et Communication de l'Information
3 COMNUM - Communications Numériques
LTCI - Laboratoire Traitement et Communication de l'Information
Abstract :

On the one hand, collision attacks have been intro- duced in the context of side-channel analysis for attackers who exploit repeated code with the same data without having any knowledge of the leakage model. On the other hand, stochastic attacks have been introduced to recover leakage models of inter- nally processed intermediate secret variables. Both techniques have shown advantages and intrinsic limitations. Most collision attacks, for instance, fail in exploiting all the leakages (e.g., only a subset of matching samples are analyzed), whereas stochastic attacks cannot involve linear regression with the full basis (while the latter basis is the most informative one). In this paper, we present an innovative attacking approach, which combines the flavors of stochastic and collision attacks. Importantly, our attack is derived from the optimal distinguisher, which maximizes the success rate when the model is known. Notably, we develop an original closed-form expression, which shows many benefits by using the full algebraic description of the leakage model. Using simulated data, we show in the unprotected case that, for low noise, the stochastic collision attack is superior to the state of the art, whereas asymptotically and thus, for higher noise, it becomes equivalent to the correlation-enhanced collision attack. Our so-called stochastic collision attack is extended to the scenario where the implementation is protected by masking. In this case, our new stochastic collision attack is more efficient in all scenarios and, remarkably, tends to the optimal distinguisher. We confirm the practicability of the stochastic collision attack thanks to experiments against a public data set (DPA contest v4). Further- more, we derive the stochastic collision attack in case of zero- offset leakage that occurs in protected hardware implementations and use simulated data for comparison. Eventually, we underline the capability of the new distinguisher to improve its efficiency when the attack multiplicity increases.

Complete list of metadatas

https://hal.telecom-paristech.fr/hal-02287599
Contributor : Telecomparis Hal <>
Submitted on : Friday, September 13, 2019 - 5:08:05 PM
Last modification on : Sunday, September 15, 2019 - 1:12:47 AM

Identifiers

  • HAL Id : hal-02287599, version 1

Citation

Nicolas Bruneau, Claude Carlet, Sylvain Guilley, Annelie Heuser, Emmanuel Prouff, et al.. Stochastic Collision Attack. IEEE Transactions on Information Forensics & Security, 2017, 12 (9), pp.2090-2104. ⟨hal-02287599⟩

Share

Metrics

Record views

3