Sciweavers

CHES
2008
Springer

Multiple-Differential Side-Channel Collision Attacks on AES

14 years 1 months ago
Multiple-Differential Side-Channel Collision Attacks on AES
In this paper, two efficient multiple-differential methods to detect collisions in the presence of strong noise are proposed - binary and ternary voting. After collisions have been detected, the cryptographic key can be recovered from these collisions using such recent cryptanalytic techniques as linear [1] and algebraic [2] collision attacks. We refer to this combination of the collision detection methods and cryptanalytic techniques as multiple-differential collision attacks (MDCA). When applied to AES, MDCA using binary voting without profiling requires about 2.7 to 13.2 times less traces than the Hamming-weight based CPA for the same implementation. MDCA on AES using ternary voting with profiling and linear key recovery clearly outperforms CPA by requiring only about 6 online measurements for the range of noise amplitudes where CPA requires from 163 to 6912 measurements. These attacks do not need the S-box to be known. Moreover, neither key nor plaintexts have to be known to the at...
Andrey Bogdanov
Added 12 Oct 2010
Updated 12 Oct 2010
Type Conference
Year 2008
Where CHES
Authors Andrey Bogdanov
Comments (0)