Attacking Masked Cryptographic Implementations: Information-Theoretic Bounds

Measuring the information leakage is critical for evaluating practical security of cryptographic devices against side-channel analysis. More straightforwardly, it is interesting to have an upper bound on success rate of any attack given a (fixed) number of side-channel measurements. Or conversely, we wish to derive a lower bound on the number of queries for a given success rate of optimal attacks. In this paper, we derive several bounds in both directions by using information-theoretic tools, particularly for cryptographic implementations protected by masking schemes. We show that a generic upper bound on the probability of success, irrespective to specific attacks, is linked to mutual information between side-channel measurements and the secret. Moreover, our numerical evaluation confirms that, the success rate of optimal maximum likelihood distinguishers is tightly bounded given a fixed number of measurements.