## CryptoDB

### Christophe Clavier

#### Publications

Year
Venue
Title
2017
CHES
Classical side-channel analysis include statistical attacks which require the knowledge of either the plaintext or the ciphertext to predict some internal value to be correlated to the observed leakages.In this paper we revisit a blind (i.e. leakage-only) attack from Linge et al. that exploits joint distributions of leakages. We show – both by simulations and concrete experiments on a real device – that the maximum likelihood (ML) approach is more efficient than Linge’s distance-based comparison of distributions, and demonstrate that this method can be easily adapted to deal with implementations protected by first-order Boolean masking. We give example applications of different variants of this approach, and propose countermeasures that could prevent them.Interestingly, we also observe that, when the inputs are known, the ML criterion is more efficient than correlation power analysis.
2015
EPRINT
2014
CHES
2012
PKC
2011
CHES
2010
EPRINT
Power Analysis has been widely studied since Kocher et al. presented in 1998 the initial Simple and Di fferential Power Analysis (SPA and DPA). Correlation Power Analysis (CPA) is nowadays one of the most powerful techniques which requires, as classical DPA, many execution curves for recovering secrets. We introduce in this paper a technique in which we apply correlation analysis using only one execution power curve during an exponentiation to recover the whole secret exponent manipulated by the chip. As in the Big Mac attack from Walter, longer keys may facilitate this analysis and success will depend on the chip arithmetic characteristics. We present the theory of the attack with some practical successful results on an embedded device and analyze the efficiency of classical countermeasures with respect to our attack. Our technique, which uses a single exponentiation curve, cannot be prevented by exponent blinding. Also, contrarily to the Big Mac attack, it applies even in the case of regular implementations such as the square and multiply always or the Montgomery ladder. We also point out that DSA and Diffe-Hellman schemes are no longer immune against CPA. Then we discuss the efficiency of known countermeasures, and we finally present some new ones.
2007
CHES
2007
CHES
2006
CHES
2004
CHES
2004
EPRINT
Side-channel analysis has been recognized for several years as a practical and powerful means to reveal secret keys of [publicly known] cryptographic algorithms. Only very recently this kind of cryptanalysis has been applied to reverse engineer a non-trivial part of the specification of a proprietary (i.e., secret) algorithm. The target here is no longer the value of secret key but the secret specifications of the cryptographic algorithm itself. In a recent paper, Roman Novak (2003) describes how to recover the value of one (out of two) substitution table of a secret instance of the A3/A8 algorithm, the GSM authentication and session-key generation algorithm. His attack presents however two drawbacks from a practical viewpoint. First, in order to retrieve one substitution table ($T_2$), the attacker must know the value of the other substitution table ($T_1$). Second, the attacker must also know the value of secret key $K$. In this paper, we improve Novak's attack and show how to retrieve \emph{both} substitution tables ($T_1$ and $T_2$) \emph{without any prior knowledge about the secret key}. Furthermore, as a side-effect, we also recover the value of the secret key. With this contribution, we intend to present a practical SCARE (Side Channel Analysis for Reverse Engineering) attack, anticipate a growing interest for this new area of side-channel signal exploitation, and remind, if needed, that security cannot be achieved through obscurity alone.
2003
EPRINT
A classical model is used for the power consumption of cryptographic devices. It is based on the Hamming distance of the data handled with regard to an unknown but constant reference state. Once validated experimentally it allows an optimal attack to be derived called Correlation Power Analysis. It also explains the defects of former approaches such as Differential Power Analysis.
2001
CHES
2001
CRYPTO
2000
CHES

#### Program Committees

CHES 2020
CHES 2018
CHES 2017
CHES 2014
CHES 2013
CHES 2010
CHES 2009 (Program chair)
CHES 2008
CHES 2007