文摘
This paper presents a new side channel attack to recover a block cipher key. No plaintext and no ciphertext are required, no templates are built. Only the leakage measurements collected in many different rounds of the algorithm are exploited. The leakage is considered as a Hamming weight with a Gaussian noise. The chosen target is the Advanced Encryption Standard (AES). Bayesian inference is used to score all guesses on several consecutive round-key bytes. From these scores a Belief Propagation algorithm is used, based on the relations of the KeyExpansion, to discriminate the unique correct guess. Theoretical results according to various noise models are obtained with simulations.