In any side-channel attack, it is desirable to exploit all the available leakage data to compute the distinguisher’s values. The profiling phase is essential to obtain an accurate leakage model, yet it may not be exh...In any side-channel attack, it is desirable to exploit all the available leakage data to compute the distinguisher’s values. The profiling phase is essential to obtain an accurate leakage model, yet it may not be exhaustive. As a result, information theoretic distinguishers may come up on previously unseen data, a phenomenon yielding empty bins. A strict application of the maximum likelihood method yields a distinguisher that is not even sound. Ignoring empty bins reestablishes soundness, but seriously limits its performance in terms of success rate. The purpose of this paper is to remedy this situation. In this research, we propose six different techniques to improve the performance of information theoretic distinguishers. We study t</span></span><span style="font-family:Verdana;"><span style="font-family:Verdana;"><span style="font-family:Verdana;">hem thoroughly by applying them to timing attacks, both with synthetic and real leakages. Namely, we compare them in terms of success rate, and show that their performance depends on the amount of profiling, and can be explained by a bias-variance analysis. The result of our work is that there exist use-cases, especially when measurements are noisy, where our novel information theoretic distinguishers (typically the soft-drop distinguisher) perform the best compared to known side-channel distinguishers, despite the empty bin situation.展开更多
A new notion of bent sequence related to Hadamard matrices was introduced recently,motivated by a security application(Solé,et al.,2021).The authors study the self-dual class in length at most 196.The authors use...A new notion of bent sequence related to Hadamard matrices was introduced recently,motivated by a security application(Solé,et al.,2021).The authors study the self-dual class in length at most 196.The authors use three competing methods of generation:Exhaustion,Linear Algebra and Gr?bner bases.Regular Hadamard matrices and Bush-type Hadamard matrices provide many examples.The authors conjecture that if v is an even perfect square,a self-dual bent sequence of length v always exists.The authors introduce the strong automorphism group of Hadamard matrices,which acts on their associated self-dual bent sequences.The authors give an efficient algorithm to compute that group.展开更多
文摘In any side-channel attack, it is desirable to exploit all the available leakage data to compute the distinguisher’s values. The profiling phase is essential to obtain an accurate leakage model, yet it may not be exhaustive. As a result, information theoretic distinguishers may come up on previously unseen data, a phenomenon yielding empty bins. A strict application of the maximum likelihood method yields a distinguisher that is not even sound. Ignoring empty bins reestablishes soundness, but seriously limits its performance in terms of success rate. The purpose of this paper is to remedy this situation. In this research, we propose six different techniques to improve the performance of information theoretic distinguishers. We study t</span></span><span style="font-family:Verdana;"><span style="font-family:Verdana;"><span style="font-family:Verdana;">hem thoroughly by applying them to timing attacks, both with synthetic and real leakages. Namely, we compare them in terms of success rate, and show that their performance depends on the amount of profiling, and can be explained by a bias-variance analysis. The result of our work is that there exist use-cases, especially when measurements are noisy, where our novel information theoretic distinguishers (typically the soft-drop distinguisher) perform the best compared to known side-channel distinguishers, despite the empty bin situation.
基金supported in part by the National Natural Science Foundation of China under Grant No.12071001The work of Dean Crnkovi?is supported by Croatian Science Foundation under the project 6732。
文摘A new notion of bent sequence related to Hadamard matrices was introduced recently,motivated by a security application(Solé,et al.,2021).The authors study the self-dual class in length at most 196.The authors use three competing methods of generation:Exhaustion,Linear Algebra and Gr?bner bases.Regular Hadamard matrices and Bush-type Hadamard matrices provide many examples.The authors conjecture that if v is an even perfect square,a self-dual bent sequence of length v always exists.The authors introduce the strong automorphism group of Hadamard matrices,which acts on their associated self-dual bent sequences.The authors give an efficient algorithm to compute that group.