摘要:Precomputation look-up table based masking countermeasure is low-cost and secure against first-order DPA, therefore is more suitable for lightweight ciphers in resource- constrained devices. In this paper, we investigate the resistance of this masking countermeasure against second-order power analysis attack under the attack context of the Hamming weight leakage and the precomputation masked S-box. We improve the Adapted CPA technique [1] to make a better use of this attack context. Our attack successfully reveals the secret key with and without electronic noise and algorithmic noise. The number of power traces required to reveal the secret key rises from 600(unprotected implementation) to 16,000.
关键词:Second-order SCA; Precomputation based masking; Adapted CPA; ; Lightweight cipher
