Analysis of Nonparametric Estimation Methods for Mutual Information Analysis - Information Security and Cryptology-ICISC 2010

Cryptography Reference

In-Depth Information

4.5

B-Spline Estimator

In [6] Daub et al. introduce the use of B-spline functions as entropy estimators.

A B-spline curve is a generalized Bezier curve. It is specified by the parameters:

- the degree d ,ororder k = d + 1, so that each segment of the piecewise

polynomial curve has degree d or less,

- a sequence of m +1 numbers, t 0 ,...,t m , called knot vector, such that t i ≤

t i +1 ,

,

- control points, b 0 ,...,b n .

∀

i

∈{

1 ,...,m

−

1

}

A B-spline curve is defined in terms of B-spline basis functions. The i -th basis

function of degree d ,noted B i,d , defined by the knot vector t 0 ,...,t m is defined

by the Cox-de Boor recursion formula as follows:

B i, 0 ( z )= 1if t i ≤

z<t i +1

0

other ise.

t i

t i + d −

z

−

t i + d +1 −

z

B i,d ( z )=

B i,d− 1 ( z )+

t i +1 B i +1 ,d− 1 ( z ) ,

t i

t i + d +1 −

for i =0 ,...,n and d

≥

1. Finally, the property:

n

B i,d ( z )=1 ,

i =0

for any value of z , makes B-spline basis functions suitable as a pdf estimator.

This estimator is noted BSE. More details on the use and advantages of BSE in

the side-channel context are available in [28].

5 Experimental Analysis

We analyze in this section the practical eciency of nonparametric estimators

of mutual information in the context of side-channel attacks. We compare their

performances with state-of-the-art proposed side-channel distinguishers:

- classical parametric test, CPA (Sec. 3.3),

- nonparametric tests, SPE (Sec. 3.5), CVM (Sec. 3.5),

- cluster analysis, DCA with variance as criterion function (Sec. 3.4),

- mutual information with parametric estimation, Cumulant-based Estimator

(CE) [16] which is the most powerful parametric estimator,

- mutual information with nonparametric estimation, GMIA (Sec. 2.2), HE

(Sec. 4.2), KDE (Sec. 4.3), KNN (Sec. 4.4), BSE (Sec. 4.5).

In order to compare the eciency of side-channel attacks, we use common metrics

proposed in the literature [27]. Guessed Entropy (GE) is the average position of

the correct key hypothesis in the sorted vector of hypothesis at the end of the

attack. Results using another metric are presented in Appendix A.

Information Security and Cryptology-ICISC 2010

Search WWH ::

Custom Search

Home