A Comparative Study of Mutual Information Analysis under a Gaussian Assumption

Amir Moradi, Nima Mousavi, Chris­tof Paar, Mahmoud Salmasizadeh

10th International Workshop on Information Security Applications, WISA 2009, Busan, Korea. August 25-27, 2009.


In CHES 2008 a generic side-channel distinguisher, Mutual Information, has been introduced to be independent of the relation between measurements and leakages as well as between leakages and data processed. Assuming a Gaussian model for the side-channel leakages, correlation power analysis (CPA) is capable of revealing the secrets efficiently. The goal of this paper is to compare mutual information analysis (MIA) and CPA when leakage of the target device fits into a Gaussian assumption. We first theoretically examine why MIA can reveal the correct key guess amongst other hypotheses, and then compare it with CPA proofs. As our theoretical comparison confirms and shown recently in ACNS 2009 and CHES 2009, the MIA is less effective than the CPA when there is a linear relation between leakages and predictions. Later, we show detailed practical comparison results ofMIA and CPA, by means of several alternative parameters, under the same condition using leakage of a smart card as well as of an FPGA.