One for all – all for one: unifying standard differential power analysis attacks

One for all – all for one: unifying standard differential power analysis attacks

For access to this article, please select a purchase option:

Buy article PDF
(plus tax if applicable)
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Your details
Why are you recommending this title?
Select reason:
IET Information Security — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

In this study, the authors examine the relationship between and the efficiency of different approaches to standard (univariate) differential power analysis (DPA) attacks. The authors first show that, when fed with the same assumptions about the target device (i.e. with the same leakage model), the most popular approaches such as using a distance-of-means test, correlation analysis and Bayes attacks are essentially equivalent in this setting. Differences observed in practice are not because of differences in the statistical tests but because of statistical artefacts. Then, the authors establish a link between the correlation coefficient and the conditional entropy in side-channel attacks. In a first-order attack scenario, this relationship allows linking currently used metrics to evaluate standard DPA attacks (such as the number of power traces needed to perform a key recovery) with an information theoretic metric (the mutual information). The authors results show that in the practical scenario defined formally in this study, both measures are equally suitable to compare devices with respect to their susceptibility to DPA attacks. Together with observations regarding key and algorithm independence the authors consequently extend theoretical strategies for the sound evaluation of leaking devices towards the practice of side-channel attacks.


    1. 1)
      • Kocher, P.C., Jaffe, J., Jun, B.: `Differential power analysis', Proc. CHES 1999, August 1999, Santa Barbara, CA, USA, p. 388–397, (LNCS, 1666).
    2. 2)
      • Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: `Towards sound approaches to counteract power analysis attacks', Proc. CRYPTO 1999, August 1999, Santa Barbara, CA, USA, p. 398–412, (LNCS, 1666).
    3. 3)
    4. 4)
      • Micali, S., Reyzin, L.: `Physically observable cryptography', Proc. TCC 2004, February 2004, Cambridge, MA, USA, p. 278–296, (LNCS, 2951).
    5. 5)
      • Standaert, F.-X., Malkin, T.G., Yung, M.: `A unified framework for the analysis of side-channel key recovery attacks', Proc. Eurocrypt 2009, April 2009, Cologne, Germany, p. 443–461, (LNCS, 5479).
    6. 6)
      • Brier, E., Clavier, C., Olivier, F.: `Correlation power analysis with a leakage model', Proc. CHES 2004, August 2004, Boston, MA, USA, p. 16–29, (LNCS, 3156).
    7. 7)
      • Gierlichs, B., Batina, L., Tuyls, P., Preneel, B.: `Mutual information analysis', Proc. CHES 2008, August 2008, Washington DC, USA, p. 426–442, (LNCS, 5154).
    8. 8)
      • Standaert, F.X., Veyrat-Charvillon, N., Oswald, E.: `The world is not enough: another look on second-order DPA', Proc. Asiacrypt 2010, December 2010, Singapore, p. 112–129, (LNCS, 6477).
    9. 9)
      • Schindler, W., Lemke, K., Paar, C.: `A stochastic model for differential side-channel cryptanalysis', Proc. CHES 2005, September 2005, Edinburgh, Scotland, p. 30–46, (LNCS, 3659).
    10. 10)
      • S. Mangard , E. Oswald , T. Popp . (2007) Power analysis attacks.
    11. 11)
      • Chari, S., Rao, J.R., Rohatgi, P.: `Template attacks', Proc. CHES 2002, August 2002, Redwood Shores, CA, USA, p. 13–28, (LNCS, 2523).
    12. 12)
      • Akkar, M.-L., Bevan, R., Dischamp, P., Moyart, D.: `Power analysis, what is now possible  ', Proc. Asiacrypt 2000, December 2000, Kyoto, Japan, p. 489–502, (LNCS, 1976).
    13. 13)
      • Prouff, E.: `DPA attacks and S-boxes', Proc. FSE 2005, February 2005, Paris, France, p. 424–441, (LNCS, 3557).
    14. 14)
      • Standaert, F.-X., Peeters, E., Archambeau, C., Quisquater, J.-J.: `Towards security limits in side-channel attacks', Proc. CHES 2006, October 2006, Yokohama, Japan, p. 30–45, (LNCS, 4249).
    15. 15)
      • Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: `A note regarding evaluation of AES candidates on smart-cards', Proc. Second AES Candidate Conf., March 1999, Rome, Italy, p. 133–147.
    16. 16)
    17. 17)
      • Standaert, F.-X., Gierlichs, B., Verbauwhede, I.: `Partition vs. comparison side-channel distingsuishers: an empirical evaluation of statistical tests for univariate side-channel attacks', Proc. ICISC 2008, December 2008, Seoul, Korea, p. 253–267, (LNCS, 5461).
    18. 18)
      • Tiri, K., Verbauwhede, I.: `Securing encryption algorithms against DPA at the logic level: next generation smart card technology', Proc. CHES 2003, September 2003, Cologne, Germany, p. 125–136, (LNCS, 2779).
    19. 19)
      • Tiri, K., Verbauwhede, I.: `A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation', Proc. DATE 2004 (IEEE), February 2004, Paris, France, p. 246–251.
    20. 20)
      • Veyrat-Charvillon, N., Standaert, F.-X.: `Mutual information analysis: how, when and why?', Proc. CHES 2009, Spetember 2009, Lausanne, Switzerland, p. 429–443, (LNCS, 5747).
    21. 21)
      •, accessed December 2010.
    22. 22)
      • Mangard, S.: `Hardware countermeasures against DPA – a statistical analysis of their effectiveness', Proc. CT-RSA 2004, Feburary 2004, San Francisco, CA, USA, p. 222–235, (LNCS, 2964).
    23. 23)
      • T.M. Cover , J.A. Thomas . (2006) Elements of information theory.

Related content

This is a required field
Please enter a valid email address