A Statistical Model for DPA with Novel Algorithmic Confusion Analysis

Side-channel attacks (SCAs) exploit weakness in the physical implementation of cryptographic algorithms, and have emerged as a realistic threat to many critical embedded systems. However, no theoretical model for the widely used differential power analysis (DPA) has revealed exactly what the success rate of DPA depends on and how. This paper proposes a statistical model for DPA that takes characteristics of both the physical implementation and cryptographic algorithm into consideration. Our model establishes a quantitative relation between the success rate of DPA and a cryptographic system. The side-channel characteristic of the physical implementation is modeled as the ratio between the difference-of-means power and the standard deviation of power distribution. The side-channel property of the cryptographic algorithm is extracted by a novel algorithmic confusion analysis. Experimental results on DES and AES verify this model and demonstrate the effectiveness of algorithmic confusion analysis. We expect the model to be extendable to other SCAs, and provide valuable guidelines for truly SCA-resilient system design and implementation.