Correlation template matching CPA method

Kuzu E. A., Tangel A.

ELECTRONICS LETTERS, vol.52, pp.1306-1307, 2016 (SCI-Expanded) identifier identifier

  • Publication Type: Article / Article
  • Volume: 52
  • Publication Date: 2016
  • Doi Number: 10.1049/el.2016.0415
  • Journal Indexes: Science Citation Index Expanded (SCI-EXPANDED), Scopus
  • Page Numbers: pp.1306-1307
  • Kocaeli University Affiliated: Yes


An improved decision mechanism to the previously advertised correlation power analysis (CPA) type of attack which is applied on the Montgomery ladder exponentiation steps of the Application-Specific Integrated Circuit (ASIC) RSA implementation is proposed. As the nature of this previous attack, for each m-bit sized windows of the key bits, ratios of the correlation values of the correct type vector with all the other candidate vectors must also exist between the peak value of the correlation curve of the correct type vector and of the other candidate vectors. As a novelty, proposed method uses this property; namely, it searches the closest matching between these ratios to decide the correct bit type vector. It is experimentally and theoretically shown that this decision mechanism requires lesser number of traces to extract the correct key bit types compared with the previous CPA type attack. Also this decision methodology can be used to improve the effectiveness of other possible CPA type of attacks which construct power leakage models for more than one bit.