Abstract
In this paper, we carry out a detailed mathematical study of two theoretical distinguishers based on the Kolmogorov-Smirnov (KS) distance. This includes a proof of soundness and the derivation of closed-form expressions, which can be split into two factors: one depending only on the noise and the other on the confusion coefficient of Fei, Luo and Ding. This allows one to have a deeper understanding of the relative influences of the signal-to-noise ratio and the confusion coefficient on the distinguisher’s performance. Moreover, one is able to directly compare distinguishers based on their closed-form expressions instead of using evaluation metric that might obscure the actual performance and favor one distinguisher over the other. Furthermore, we formalize the link between the confusion coefficient and differential cryptanalysis, which shows that the stronger an S-box is resistant to differential attacks the weaker it is against side-channel attacks, and vice versa.
Annelie Heuser is Google European fellow in the field of privacy and is partially founded by this fellowship.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
This visual interpretation agrees with several statistical unimodality tests.
- 2.
- 3.
This Boolean function \(S\) is typically one component of a substitution box with \(n\) output bits. Of course, an attacker could predict the \(n\) bits altogether. Still, a mono-bit model has the interest that it reduces the epistemic noise, meaning that an assumption on more than one bit certainly deviates from the actual leakage.
- 4.
More precisely, as will be made clear in the next Sect. 4.3, the key hypotheses that are the hardest to distinguish are those using a linear S-box. Indeed, they maximize both \(\varLambda _S\) (i.e. have \(nl(S)=0\)) and \(\varDelta _S\), which could wrongly indicate that the linearity is the relevant criteria.
References
Biham, E., Shamir, A.: Differential cryptanalysis of the full 16-round DES. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 487–496. Springer, Heidelberg (1993)
Blondeau, C., Canteaut, A., Charpin, P.: Differential properties of power functions. In: ISIT, pp. 2478–2482. IEEE (2010)
Carlet, C.: On highly nonlinear S-Boxes and their inability to thwart DPA attacks. In: Maitra, S., Veni Madhavan, C.E., Venkatesan, R. (eds.) INDOCRYPT 2005. LNCS, vol. 3797, pp. 49–62. Springer, Heidelberg (2005)
Carlet, C.: Boolean models and methods in mathematics, computer science, and engineering. In: Crama, Y., Hammer, P. (eds.) Vectorial Boolean Functions for Cryptography, pp. 398–469. Cambridge University Press, Cambridge (2010). (Preliminary version http://www.math.univ-paris13.fr/carlet/pubs.html)
Chabaud, F., Vaudenay, S.: Links between differential and linear cryptanalysis. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 356–365. Springer, Heidelberg (1995)
Doget, J., Prouff, E., Rivain, M., Standaert, F.-X.: Univariate side channel attacks and leakage modeling. J. Cryptogr. Eng. 1(2), 123–144 (2011)
Fei, Y., Luo, Q., Ding, A.A.: A statistical model for DPA with novel algorithmic confusion analysis. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 233–250. Springer, Heidelberg (2012)
Guilley, S., Hoogvorst, P., Pacalet, R.: Differential power analysis model and some results. In: Quisquater, J.-J., Paradinas, Y., Deswarte, Y., Kalam, A. (eds.) Smart Card Research and Advanced Applications VI. IFIP, vol. 153, pp. 127–142. Springer, Heidelberg (2004)
Kolmogorov, A.N.: Sulla determinazione empirica di una legge di distribuzione. Giorn. Ist. Ital. Attuari 4, 83–91 (1933)
Maghrebi, H., Rioul, O., Guilley, S., Danger, J.-L.: Comparison between side-channel analysis distinguishers. In: Chim, T.W., Yuen, T.H. (eds.) ICICS 2012. LNCS, vol. 7618, pp. 331–340. Springer, Heidelberg (2012)
Mangard, S., Oswald, E., Popp, T.: Power analysis attacks: revealing the secrets of smart cards. Springer, December 2006. ISBN: 0-387-30857-1 (2006). http://www.dpabook.org/
Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)
Mazumdar, B., Mukhopadhyay, D., Sengupta, I.: Constrained search for a class of good bijective S-boxes with improved DPA resistivity. IEEE Trans. Inf. Forensics Secur. 8(12), 2154–2163 (2013)
Moradi, A., Mousavi, N., Paar, C., Salmasizadeh, M.: A comparative study of mutual information analysis under a gaussian assumption. In: Youm, H.Y., Yung, M. (eds.) WISA 2009. LNCS, vol. 5932, pp. 193–205. Springer, Heidelberg (2009)
NIST/ITL/CSD: Advanced Encryption Standard (AES). FIPS PUB 197, Nov 2001. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
Picek, S., Ege, B., Batina, L., Jakobovic, D., Papagiannopoulos, K.: Optimality and beyond: the case of \(4\times 4\) S-boxes. In: HOST, Arlington, USA. IEEE Computer Society (2014)
Piret, G., Roche, T., Carlet, C.: PICARO – A block cipher allowing efficient higher-order side-channel resistance. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol. 7341, pp. 311–328. Springer, Heidelberg (2012)
Prouff, E.: DPA attacks and S-boxes. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 424–441. Springer, Heidelberg (2005)
Prouff, E., Matthieu, R.: Theoretical and practical aspects of mutual information-based side channel analysis. Int. J. Appl. Cryptogr. (IJACT) 2(2), 121–138 (2010)
Rivain, M.: On the exact success rate of side channel analysis in the gaussian model. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 165–183. Springer, Heidelberg (2009)
Smirnov, N.V.: Tables for estimating the goodness of fit of empirical distributions. Ann. Math. Stat. 19(2), 279–281 (1948)
Standaert, F.-X., Bulens, P., de Meulenaer, G., Veyrat-Charvillon, N.: Improving the rules of the DPA contest. Cryptology ePrint Archive, Report 2008/517, December 8 (2008). http://eprint.iacr.org/2008/517
Standaert, F.-X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009)
TELECOM ParisTech SEN research group. DPA Contest (1st edn.), 2008–2009. http://www.DPAcontest.org/
TELECOM ParisTech SEN research group. DPA Contest (4th edn.), 2013–2014. http://www.DPAcontest.org/v4/
Thillard, A., Prouff, E., Roche, T.: Success through confidence: evaluating the effectiveness of a side-channel attack. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 21–36. Springer, Heidelberg (2013)
Veyrat-Charvillon, N., Standaert, F.-X.: Mutual information analysis: how, when and why? In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 429–443. Springer, Heidelberg (2009)
Whitnall, C., Oswald, E.: A fair evaluation framework for comparing side-channel distinguishers. J. Cryptogr. Eng. 1(2), 145–160 (2011)
Whitnall, C., Oswald, E., Mather, L.: An exploration of the kolmogorov-smirnov test as a competitor to mutual information analysis. In: Prouff, E. (ed.) CARDIS 2011. LNCS, vol. 7079, pp. 234–251. Springer, Heidelberg (2011)
Whitnall, C., Oswald, E., Standaert, F.-X.: The myth of generic DPA..and the magic of learning. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol. 8366, pp. 183–205. Springer, Heidelberg (2014)
Zhao, H., Zhou, Y., Standaert, F.-X., Zhang, H.: Systematic construction and comprehensive evaluation of kolmogorov-smirnov test based side-channel distinguishers. In: Deng, R.H., Feng, T. (eds.) ISPEC 2013. LNCS, vol. 7863, pp. 336–352. Springer, Heidelberg (2013)
Acknowledgements
The authors thank Emmanuel Prouff and Claude Carlet for sharing insights about the criteria for SCA-aware S-Boxes.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Heuser, A., Rioul, O., Guilley, S. (2014). A Theoretical Study of Kolmogorov-Smirnov Distinguishers. In: Prouff, E. (eds) Constructive Side-Channel Analysis and Secure Design. COSADE 2014. Lecture Notes in Computer Science(), vol 8622. Springer, Cham. https://doi.org/10.1007/978-3-319-10175-0_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-10175-0_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-10174-3
Online ISBN: 978-3-319-10175-0
eBook Packages: Computer ScienceComputer Science (R0)