Information Technology Reference
In-Depth Information
for the intermediate result chosen in
Step 1
for all random inputs and for all
key guesses. The calculation results in a matrix
V
(
n
+1)
×
(16)
with each element
calculated as:
v
i,j
=
S
0
(
b
i
⊕ k
j
)
,i
=0
,
1
,...,n
;
j
=0
,
1
,...,
15
.
(22)
The
j
th
column of
V
includes the intermediate results calculated with the key
guess
k
j
.As
contains all possible keys, the real key used in the cryptographic
circuit is one element of the key vector
K
K
. The aim of DPA is to find out which
column of the matrix
has actually been processed during the encryption or
decryption. Therefore, one column of
V
V
will be most highly correlated with the
correct key guess (i.e., the real key).
Step 4:
Map the hypothetical intermediate values in
H
(
n
)
×
(16)
of hypothetical power consumption values. The elements in the hypothetical
power consumption matrix
V
to a matrix
H
(
n
)
×
(16)
are usually the HD or HW of the hypo-
thetical intermediate values in matrix
. The HD is used in this work, as the
total power of QCA circuits heavily depends on the HD between two consecu-
tive inputs, which has been clearly shown in Sect.
2.3
. The HD model requires
both previous and current values of the target intermediate result. Therefore,
the calculation of the hypothetical power from hypothetical intermediate values
is as follows:
V
h
i,j
=
HW
(
v
i,j
⊕ v
i
+1
,j
)
,i
=0
,
1
,...,n−
1;
j
=0
,
1
,...,
15
.
(23)
A larger HD usually leads to higher power consumption.
Step 5:
The hypothetical power values are compared with the measured
power data. The attacker compares the hypothetical power values of each key
guess with the measured power data at every position by comparing each column
h
j
. Pearson's correlation function [
46
]
is applied to calculate the correlation coecient between the hypothesis and
the simulated power data. The comparison result is a vector
of matrix
H
with the measured power
P
R
of correlation
coecients with each element calculated as follows:
n−
1
i
h
j
)
=0
(
h
i,j
−
×
(
p
i
−
p
)
r
j
=
n−
1
i
=0
(
h
i,j
−
p
)
2
,j
=0
,
1
,...,
15
,
(24)
×
n−
1
h
j
)
2
i
=0
(
p
i
−
h
j
where
,
respectively. In a successful attack, the highest value of correlation coecient
corresponds to the correct key guess.
A diagram of the DPA procedure for QCA circuits is shown in Fig.
15
.For
more information on differential power analysis, please refer to [
32
].
and
p
denote the mean values of column
h
j
and the power vector
P
4.2 DPA Attack of the Serpent Sub-Module
The first power analysis attack results of a QCA cryptographic circuit using the
upper bound power model are presented here. The Serpent sub-module inputs
Search WWH ::
Custom Search