公开(公告)号：US20170270307A1

公开(公告)日：2017-09-21

申请号：US15529048

申请日：2014-11-25

Applicant: INSTITUT MINES-TELECOM

Inventor： Sylvain GUILLEY ,  Annelie HEUSER ,  Olivier RIOUL

IPC: G06F21/60 ,  H04L9/06 ,  G06F21/72 ,  G06F21/55

CPC classification number: G06F21/602 ,  G06F21/556 ,  G06F21/72 ,  H04L9/002 ,  H04L9/0618 ,  H04L2209/12

Abstract: A method for recovering secret data of a cryptographic device comprises: a) determining stochastic models of leakages relating respective measurable quantities to internal states or operations of the cryptographic device, the number of greater than the number of masks used by the cryptographic device to conceal the secret data; b) sending command sequences to the device, where each command sequence causes the device to perform a cryptographic operation on at least one respective plaintext using the secret data and the masks; c) during processing of each cryptographic operation, recording a series of measurements of measurable quantities; and d) computing an estimator of secret data by maximizing the conditional joint probability of the recorded measurements given the corresponding plaintexts, averaged over all possible values of the masks. A method for evaluating the security of a cryptographic device is provided.