Edoardo Diana
Differential Power Analysis (DPA)

Differential Power Analysis (DPA)

Cybersecurity
ENG
View Code on GitHub

Project Overview

This project explores Side-Channel Attacks, specifically Differential Power Analysis (DPA), to extract the secret key from an AES-128 encryption implementation by analyzing power consumption traces.

The core objective was to move beyond standard byte-level attacks and implement granular Bit-Level strategies, comparing different statistical distinguishers to optimize attack efficiency.

Methodologies & Experiments

I implemented and benchmarked three distinct attack vectors:

1. Bit-Level Leakage Model

Instead of attacking full bytes, I targeted individual bits of the S-Box output (Intermediate Value).

  • Result: Higher precision compared to byte-level guesses.

2. Correlation vs. Difference of Means (DoM)

I compared two statistical tools to distinguish the correct key guess:

  • Pearson Correlation: Slower computation but highly efficient in terms of data. [cite_start]It successfully recovered the full key with just ~105 traces[cite: 1184, 1240].
  • Difference of Means (DoM): Computed using the T-Statistic. [cite_start]It proved to be significantly faster (30 mins vs 4 hours) but “data-hungry”, requiring ~660-700 traces to reach stable key recovery[cite: 1077, 1181].

3. Linear vs. Non-Linear Targets

I attempted to attack the AddRoundKey (ARK) output directly (linear operation) versus the SubBytes output (non-linear).

  • [cite_start]Finding: The attack on the linear ARK stage failed to recover most bytes (only 4/16 correct)[cite: 1119, 1174]. [cite_start]This empirically confirmed that non-linear operations (S-Box) are the primary source of exploitable leakage in block ciphers[cite: 645, 1120].

Key Takeaways

MetricCorrelation DistinguisherDifference of Means (DoM)
Computation SpeedSlow (High Complexity)Fast (Statistical Binning)
Data EfficiencyHigh (~100 traces)Low (~700 traces)
Attack VectorBit-Wise S-Box OutputBit-Wise S-Box Output

Tech Stack

  • Language: Python 3.x
  • Analysis: NumPy (for vectorised statistical computations), Matplotlib
  • Target: TinyAES traces (Simulated/Captured power data)

Note

While this project focuses on Side-Channel attacks, the underlying cryptographic logic is based on my AES Implementation from Scratch.

Related Projects
AES Encryption from Scratch ENG

AES Encryption from Scratch
Cybersecurity

Full Python implementation of the Advanced Encryption Standard (FIPS 197), featuring custom Finite Field arithmetic, dynamic S-Box generation, and side-channel analysis.

ENG
Deep Learning for SCA Profiling ENG

Deep Learning for SCA Profiling
Cybersecurity

Advanced Side-Channel Profiling attack on the ASCAD dataset using Multi-Layer Perceptrons (MLP) and Convolutional Neural Networks (CNN).

ENG