International Association
for Cryptologic Research

A prominent strand within the side-channel literature is the quest for generic strategies: methods by which data-dependent leakage measurements may be fruitfully analysed with minimal a priori insight into the processes occasioning that leakage. In this paper, we introduce a well-reasoned formal definition for `a generic strategy\', enabling us, for the first time, to clarify precise conditions (on the target function) under which (asymptotic) success is possible. The range of vulnerable targets is shown to be limited---noninjectivity and nonlinearity being minimal requirements---and so the `myth\' is somewhat dispelled. However, we then explore the particular opportunities presented by linear regression-based methods, which are able to operate generically, but can in fact be leveraged by non-specific intuition about the leakage through the application of a model building technique called stepwise regression. Thus a minor relaxation of the strict generic assumptions `magically\' produces asymptotically successful outcomes even against injective targets.