Simulating Algebraic Side-Channel Attacks (ASCA)
- Author: Mathieu Renauld
- Download: ASCAtoCNF.jar
ASCAtoCNF is a tool that provides the user with a quick way to simulate an ASCA with a data complexity of 1 to 9. The user specifies the target block cipher (PRESENT or the AES), the plaintext and secret key used. To simulate the side-channel recovery phase, the user chooses which operations of the block cipher are leaking information (for example: all the substitution operations from round 5 to 9). The side-channel recovery phase is assumed to be perfect (all recovered side-channel information is correct), but the user can make the attack harder by reducing the quantity of available side- channel information. The leakage model is the Hamming weight model on 8 bits: the adversary is assumed to recover the Hamming weight values of the data processed by the device during the specified leaking operations. The generated SAT problem can then be solved by a SAT solver like MiniSAT. With this tool, one can easily try various configurations of known leakages and study the impact of these configurations on the time complexity of the ASCA.