THE CPA QUALIFICATION METHOD BASED ON THE GAUSSIAN CURVE FITTING
Keywords:Cryptography, side channel attack, correlation power analysis, smart cards, significant peak detection, Gaussian curve fitting
AbstractThe Correlation Power Analysis (CPA) attack is an attack on cryptographic devices, especially smart cards. The results of the attack are correlation traces. Based on the correlation traces, an evaluation is done to observe whether significant peaks appear in the traces or not. The evaluation is done manually, by experts. If significant peaks appear then the smart card is not considered secure since it is assumed that the secret key is revealed. We develop a method that objectively detects peaks and decides which peak is significant. We conclude that using the Gaussian curve fitting method, the subjective qualification of the peak significance can be objectified. Thus, better decisions can be taken by security experts. We also conclude that the Gaussian curve fitting method is able to show the influence of peak sizes, especially the width and height, to a significance of a particular peak.
Mangard, S., Oswald, E., and Popp, T., Power analysis attack: Revealing the secrets of smart cards, Springer, 2007.
P.C. Kocher, J. Jaffe, and B. Jun, Differential power analysis, proceedings of Crypto 1999, Lecture notes in Computer Science, vol. 1666, pp. 398-412, 1999.
E. Brier, C. Clavier, F. Olivier, Correlation power analysis with a leakage model, proceedings of CHES 2004, Lecture notes in Computer Science, vo. 3156, pp. 16-29, 2004.
F.X. Standaert, T.G. Malkin, and M. Yung, A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks, Cryptology ePrint Archive, Report 2006/139.
F.X. Standaert, T.G. Malkin, and M. Yung, A Formal Practice-Oriented Model for the Analysis of Side-Channel Attacks, Cryptology ePrint Archive, Report 2006/139, http://eprint.iacr.org/.
F.X. Standaert, A Didactic Classification of some Illustrative Leakage Functions, in the proceedings of WISSEC 2006, Antwerp, Belgium, 2006.
S.Q. Zhang, et al., Peak detection with chemical noise removal using short-time FFT for kind of MALDI data, the First International Symposium on Optimization and Systems Biology, Beijing, China, 2007.
P. Du, W.A. Kibbe, and .S.M. Lin, Improved peak detection in mass spectrum by incorporating continuous wavelet transform-based pattern matching, Bioinformatics Advance Access, 2006.
E. Lange, et al., High-accuracy peak picking of proteomics data using wavelet techniques, Pacific Symposium on Biocomputing 11, pp. 243-254, 2006.
M. Dijkstra, et al., Peak quantification in surface-enhanced laser desorption/ionization by using mixture models, Proteomics, 2006.
Statgraphics Centurion, Multivariate Methods, http://www.statgraphics.com/multivariate_methods.htm
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).