Information Theoretic Distinguishers for Timing Attacks with Partial Profiles: Solving the Empty Bin Issue

In any side-channel attack, it is desirable to exploit all the available\r\nleakage data to compute the distinguisher’s values. The profiling phase is\r\nessential to obtain an accurate leakage model, yet it may not be exhaustive. As\r\na result, information theoretic distinguishers may come up on previously unseen\r\ndata, a phenomenon yielding empty bins. A strict application of the maximum\r\nlikelihood method yields a distinguisher that is not even sound. Ignoring empty\r\nbins reestablishes soundness, but seriously limits its performance in terms of\r\nsuccess rate. The purpose of this paper is to remedy this situation. In this\r\nresearch, we propose six different techniques to improve the performance of information\r\ntheoretic distinguishers. We study them\r\nthoroughly by applying them to timing attacks, both with synthetic and real\r\nleakages. Namely, we compare them in terms of success rate, and show that their\r\nperformance depends on the amount of profiling, and can be explained by a\r\nbias-variance analysis. The result of our work is that there exist use-cases,\r\nespecially when measurements are noisy, where our novel information theoretic\r\ndistinguishers (typically the soft-drop distinguisher) perform the best compared\r\nto known side-channel distinguishers, despite the empty bin situation.