Leakage models, regarded as a bridge between the physical signal and the sensitive operation, have a great influence on the effectiveness of the side channel analysis. The existing leakage models are usually divided into two categories, the non-profiled leakage models which have been chosen before sampling and analyzing, such as Hamming weight and Hamming distance, while the profiled leakage models, whose parameters have to be trained in the profiling phase, such as the Stochastic model of which both coefficient vector and pooled covariance matrix are required to be estimated based on the acquired samples. In general, a profiled leakage model is more accurate than a non-profiled one. However, it may lead to an inefficient attack if the leakage function is inaccurate, e.g., the over-fitting and under-fitting in the profiling phase. In this paper, we mathematically prove the relationship among different stochastic models, and propose a new method named ECM to solve the problem that much time is required to solve matrix in the profiling phase. Replacing the observations in the matrix solution with the average signals, the new method accelerates the construction of any stochastic model significantly, as long as the data-dependent signal has the property equal images under different subkeys. On the basis of theoretical results, we analyze the reasons why over-fitting and under-fitting happen, and quantify the condition when some of them occur. Finally, comparing with the existing construction method (HSS2012), we verify the effectiveness and efficiency of ECM with different metrics. Under the same accuracy, the ECM obviously has lower time complexity than HSS2012.

• 出版日期2018-12
• 单位武汉大学; TELECOM ParisTech