Differential power analysis (DPA) is a strong attack upon cryptographic devices such as smartcards. Correlation power analysis (CPA) is a specific form of DPA where the Hamming-weight and the correlation coefficient are employed. In this paper we investigate the intrinsic vulnerability of the individual operations that are targeted in DPA attacks. We find that under the typical circumstances, there is a difference in resistance to the attack between the operations. We then provide a precise definition of CPA resistance and capture it in a simple yet effective metric to rank operations. The metric is validated with both simulations and experiments on actual hardware.
Jing Pan, J. I. den Hartog, Erik P. de Vink