## Fast Software Encryption: 11th International Workshop, FSE 2004, Delhi, India, February 5-7, 2004, Revised Papers2.1 Di?erential Power Analysis Di?erential Power Analysis (DPA) was introduced by Kocher, Ja?e and Jun in 1998 [13] and published in 1999 [14]. The basic idea is to make use of potential correlations between the data handled by the micro-controller and the electric consumption measured values. Since these correlations are often very low, s- tistical methods must be applied to deduce su?cient information from them. Theprinciple ofDPAattacksconsistsincomparingconsumptionvalues m- suredonthe real physical device (for instance a GSM chip or a smart card)with values computed in an hypothetical model of this device (the hypotheses being made among others on the nature of the implementation, and chie?y on a part of the secret key). By comparing these two sets of values, the attacker tries to recover all or part of the secret key. The initial target of DPA attacks was limited to symmetric algorithms. V- nerability of DES – ?rst shown by Kocher, Ja?e and Jun [13, 14]–wasfurther studied by Goubin and Patarin [11, 12], Messerges, Dabbish, Sloan [16]and Akkar, Bī evan, Dischamp, Moyart [2]. Applications of these attacks were also largely taken into account during the AES selection process, notably by Biham, Shamir [4], Chari, Jutla, Rao, Rohatgi [5] and Daemen, Rijmen [8]. |

### What people are saying - Write a review

We haven't found any reviews in the usual places.

### Contents

New Cryptographic Primitives Based on Multiword TFunctions | 1 |

Towards a Unifying View of Block Cipher Cryptanalysis | 16 |

Algebraic Attacks on Summation Generators | 34 |

Algebraic Attacks on SOBERt32 and SOBERt16 without Stuttering | 49 |

Improving Fast Algebraic Attacks | 65 |

Resistance of SBoxes against Algebraic Attacks | 83 |

Differential Attacks against the Helix Stream Cipher | 94 |

Improved Linear Consistency Attack on Irregular Clocked Keystream Generators | 109 |

An Involutional Cipher Efficient for Block Encryption in Reconﬁgurable Hardware | 279 |

Related Key Differential Attacks on 27 Rounds of XTEA and FullRound GOST | 299 |

On the Additive Differential Probability of ExclusiveOr | 317 |

Two Power Analysis Attacks against OneMask Methods | 332 |

NonceBased Symmetric Encryption | 348 |

Ciphers Secure against RelatedKey Attacks | 359 |

Deﬁnitions Implications and Separations for Preimage Resistance SecondPreimage Resistance and Collision Resistance | 371 |

The EAX Mode of Operation | 389 |

Correlation Attacks Using a New Class of Weak Feedback Polynomials | 127 |

Minimum Distance between Bent and 1Resilient Boolean Functions | 143 |

Results on Rotation Symmetric Bent and Correlation Immune Boolean Functions | 161 |

A Weakness of the Linear Part of Stream Cipher MUGI | 178 |

Vulnerability of Nonlinear Filter Generators Based on Linear Finite State Machines | 193 |

VMPC OneWay Function and Stream Cipher | 210 |

A New Stream Cipher HC256 | 226 |

A New Weakness in the RC4 Keystream Generator and an Approach to Improve the Security of the Cipher | 245 |

Improving Immunity of Feistel Ciphers against Differential Cryptanalysis by Using Multiple MDS Matrices | 260 |

A HighPerformance Conventional Authenticated Encryption Mode | 408 |

New Security Proofs for the 3GPP Conﬁdentiality and Integrity Algorithms | 427 |

Cryptanalysis of a Message Authentication Code due to Cary and Venkatesan | 446 |

Fast SoftwareBased Attacks on SecurID | 454 |

A MAC Forgery Attack on SOBER128 | 472 |

On Linear Approximation of Modulo Sum | 483 |

485 | |

### Other editions - View all

Fast Software Encryption: 11th International Workshop, FSE 2004, Delhi ... Bimal Kumar Roy,Willi Meier No preview available - 2004 |

### Common terms and phrases

1-resilient active S-boxes adversary AEAD scheme algebraic attacks algorithm applied authentication bent function binary bits block cipher Boolean functions ciphertext coefficients collision Computer Science construction correlation attacks CRYPTO cryptographic Cryptology decryption defined degree denote difference differential attack Differential Cryptanalysis distinguishing attack elements encryption scheme equation Fast Software Encryption feedback Feistel ciphers filter ﬁrst function f given GOST hash function implementation initial input key schedule key stream keystream Lecture Notes Lemma length LFSM LFSR linear cryptanalysis LNCS matrix modulo monomials multiple nonce nonlinear Notes in Computer notion oracle queries output bytes pairs paper parameters permutation plaintext polynomial precomputation probability proof random RC4A related-key attacks result RSBFs S-boxes secret key Section sequence Springer-Verlag stream ciphers string T-function Table Theorem tion truncated differential vanishing differential variables vector VMPC words XTEA