Linear regression-based methods have been proposed as efficient means of characterising device leakage in the training phases of profiled side-channel attacks. Empirical comparisons between these and the 'classical' approach to template building have confirmed the reduction in profiling complexity to achieve the same attack-phase success, but have focused on a narrow range of leakage scenarios which are especially favourable to simple (i.e. efficiently estimated) model specifications. In this contribution we evaluate - from a theoretic perspective as much as possible - the performance of linear regression-based templating in a variety of realistic leakage scenarios as the complexity of the model specification varies. We are particularly interested in complexity trade-offs between the number of training samples needed for profiling and the number of attack samples needed for successful DPA: over-simplified models will be cheaper to estimate but DPA using such a degraded model will require more data to recover the key. However, they can still offer substantial improvements over non-profiling strategies relying on the Hamming weight power model, and so represent a meaningful middle-ground between 'no' prior information and 'full' prior information. © 2013 Springer-Verlag Berlin Heidelberg.
CITATION STYLE
Whitnall, C., & Oswald, E. (2013). Profiling DPA: Efficacy and efficiency trade-offs. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8086 LNCS, pp. 37–54). Springer Verlag. https://doi.org/10.1007/978-3-642-40349-1_3
Mendeley helps you to discover research relevant for your work.