Abstract
AbstractIn order to protect a cryptographic algorithm against Power Analysis attacks, a well-known method consists in hiding all the internal data with randomly chosen masks.Following this idea, an AES implementation can be protected against Differential Power Analysis (DPA) by the “Transformed Masking Method”, proposed by Akkar and Giraud at CHES’2001, requiring two distinct masks. At CHES’2002, Trichina, De Seta and Germani suggested the use of a single mask to improve the performances of the protected implementation. We show here that their countermeasure can still be defeated by usual first-order DPA techniques.In another direction, Akkar and Goubin introduced at FSE’2003 a new countermeasure for protecting secret-key cryptographic algorithms against high-order differential power analysis (HO-DPA). As particular case, the “Unique Masking Method” is particularly well suited to the protection of DES implementations. However, we prove in this paper that this method is not sufficient, by exhibiting a (first-order) enhanced differential power analysis attack. We also show how to avoid this new attack.KeywordsTamper-resistant devicesSide-Channel attacksPower AnalysisDPATransformed Masking MethodUnique Masking MethodDESAES
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
