US 12,244,685 B2
Carry-based differential power analysis and its application to testing for vulnerability of SHA-2 and HMAC-SHA-2 to side channel attack
Yaacov Belenky, Maale Adumim (IL); Ury Kreimer, Tekoa (IL); and Alexander Kesler, Newton, MA (US)
Assigned to FORTIFYIQ, INC., Newton, MA (US)
Filed by FortifyIQ, Inc., Newton, MA (US)
Filed on Feb. 23, 2023, as Appl. No. 18/173,569.
Claims priority of provisional application 63/268,482, filed on Feb. 24, 2022.
Prior Publication US 2023/0269065 A1, Aug. 24, 2023
Int. Cl. H04L 9/00 (2022.01); G06F 21/57 (2013.01)
CPC H04L 9/002 (2013.01) [G06F 21/577 (2013.01); G06F 2221/033 (2013.01)] 22 Claims
OG exemplary drawing
 
1. A method for testing for vulnerability of a cryptographic function to a side-channel attack, the method comprising:
providing a plurality of input values to the cryptographic function, wherein the cryptographic function, for each input value of the plurality of input values:
calculates a sum of the input value and a first value of the cryptographic function; and
replaces a second value of the cryptographic function with the sum;
measuring a set of samples including, for each input value of the plurality of input values, a respective side-channel leakage sample; and
iteratively performing a series of operations including:
splitting the set of samples into a plurality of subsets based on the plurality of input values;
for each subset of the plurality of subsets, calculating a respective value based on samples of the subset; and
comparing the respective values for different subsets to discover bit values of the first value and bit values of the second value,
the bit values of the first value and the bit values of the second value being discovered from respective least significant bits (LSBs) to respective most significant bits (MSBs).