Abstract
The Correlation Power Analysis (CPA) attack is an attack on cryptographic devices, especially smart cards. The results of the attack are correlation traces. Based on the correlation traces, an evaluation is done to observe whether significant peaks appear in the traces or not. The evaluation is done manually, by experts. If significant peaks appear then the smart card is not considered secure since it is assumed that the secret key is revealed. We develop a method that objectively detects peaks and decides which peak is significant. We conclude that using the Gaussian curve fitting method, the subjective qualification of the peak significance can be objectified. Thus, better decisions can be taken by security experts. We also conclude that the Gaussian curve fitting method is able to show the influence of peak sizes, especially the width and height, to a significance of a particular peak.
Highlights
Cryptographic devices [1] are electronic devices that implement a cryptographic algorithm and that store keys
We develop a method based on the Gaussian curve fitting method to give a score to each peak found in a correlation trace
The operation used in the process is a 16 rounds of an XOR operation defined as c = p + k, with c a ciphertext, p an input plaintext, and k a secret key
Summary
Cryptographic devices [1] are electronic devices that implement a cryptographic algorithm and that store keys. In the CPA attack, the output of this leakage function is the power consumption of the cryptographic device sampled with a fixed sampling frequency while processing the input plaintext. We first develop a method to assign a score to each peak found in a correlation trace.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have