Abstract:In the past few decades, DPA-based side-channel attack strategies, such as DPA and CPA, have shown strong ability to analyze the security of the cryptographic implementations. However, the unpredictability of the leakage model and the correspondence between leakage behavior of the target device and the hypothetical leakage value make it less-effective without prior knowledge. Therefore, in this paper, we present a novel generic side-channel analysis method called Gini-impurity Index Analysis (GIA), utilizing Gini-impurity Index as the distinguisher, which can perform well even without any leakage model and is not sensitive to the existing methods' restrictions about the leakage behavior. Firstly, we introduce the basic idea of GIA. According to the proposed GIA attack strategy, the Gini-impurity index for each key hypothesis should be calculated, determined by the clustered power consumption and the classified subsets based on the key dependent target function. Secondly, we verify the feasibility and evaluate the efficiency of GIA with different target functions by the practical experimental results against AES-128 implemented on an AT89S52 microcontroller. We present one possible multivariate extension of GIA and find the advantage of GIA on leakage information utilization. Thirdly, we present the results of comparisons. On the one hand, we compare GIA with three widely-used distinguishers under simulated traces in various leakage scenarios and practical traces with Hamming-weight-related leakage. Results confirm that GIA can always perform well with different leakage models in most situations. On the other hand, we analyze the relationship between GIA and Mutual Information Analysis (MIA). Theoretical and experimental results confirm that these two methods can obtain similar attack results. However, the guessing entropy of GIA is lower than MIA by up to 21%, and the averaged computational time overhead of GIA is lower than MI- by up to 13.3%, indicating that GIA is more efficient than MIA. Compared to traditional MIA, GIA is easier to operate and more flexible with noise. Therefore, GIA is an efficient and useful alternative to these existed strategies.

What problem does this paper attempt to address?

### What problem does this paper attempt to solve? This paper aims to solve the limitations of traditional methods relying on leakage models in side - channel attacks (SCA). Specifically: 1. **The problem of lack of prior knowledge**: Traditional side - channel attack methods such as differential power analysis (DPA) and correlation power analysis (CPA) do not work well without prior knowledge, especially when the leakage model is uncertain or inaccurate. 2. **The problem of being sensitive to leakage behavior**: Existing attack methods are very sensitive to the leakage behavior of the target device. That is, if the leakage behavior of the device does not match the assumed leakage model, these methods may not work effectively. 3. **The problem of computational efficiency and flexibility**: Some existing methods such as mutual information analysis (MIA) have good performance but high computational complexity and are sensitive to noise. For this reason, the author proposes a new general - purpose side - channel analysis method - Gini - impurity Index Analysis (GIA), which uses the Gini - impurity index as a discriminator. The main advantages of GIA include: - **No need for a leakage model**: GIA can work effectively without any leakage model. - **Not sensitive to leakage behavior**: GIA has no strict requirements on the leakage behavior of the target device and has higher robustness. - **High computational efficiency**: Compared with methods such as MIA, GIA performs better in terms of guessing entropy and computational time cost. - **Strong flexibility**: GIA combines the k - means clustering algorithm, can make full use of measurement information, and can further improve performance through multivariate expansion. Through experimental verification, GIA shows good performance in different leakage scenarios. In particular, when other methods fail due to the lack of a suitable leakage model, GIA can still successfully recover the key value. Therefore, GIA provides an efficient and flexible new strategy for side - channel attacks. ### Summary This paper mainly solves the problems of relying on leakage models and being sensitive to leakage behavior in side - channel attacks, and proposes a new attack method GIA based on the Gini - impurity index. This method can work effectively without a leakage model, and has higher computational efficiency and stronger flexibility.

Gini-Impurity Index Analysis

Exploiting the Incomplete Diffusion Feature: A Specialized Analytical Side-Channel Attack Against the Aes and Its Application to Microcontroller Implementations

Ridge-Based DPA: Improvement of Differential Power Analysis For Nanoscale Chips

An Improved Empirical Mode Decomposition for Power Analysis Attack

MDASCA: an enhanced algebraic side-channel attack for error tolerance and new leakage model exploitation

In-depth Correlation Power Analysis Attacks on a Hardware Implementation of CRYSTALS-Dilithium

Impedance vs. Power Side-channel Vulnerabilities: A Comparative Study

DPMLBench: Holistic Evaluation of Differentially Private Machine Learning

Side-Channel Information Leakage Analysis And Countermeasures In An Embedded Cpu Microarchitecture

A Power Analysis Attack Countermeasure Based on Random Data Path Execution for CGRA.

A Power Analysis System for Cryptographic Devices

LeakyOhm: Secret Bits Extraction using Impedance Analysis

Efficient Framework for Genetic Algorithm-Based Correlation Power Analysis

Identifying Cache-Based Side Channels through Secret-Augmented Abstract Interpretation

Design and implementation of a Differential Power Analysis System for cryptographic devices

A Hardware Implementation Of Des With Combined Countermeasure Against Dpa

Improving Second-Order Dpa Attacks with New Modeled Power Leakages

Information Hiding for Aes Core Based on Randomness

Be My Guesses: The interplay between side-channel leakage metrics

MicroWalk: A Framework for Finding Side Channels in Binaries

Energy Efficient Obfuscation of Side-Channel Leakage for Preventing Side-Channel Attacks