In this paper we present a variation of the template attack classification process that can be applied to block ciphers when the plaintext and ciphertext used are unknown. In a na\"ive implementation this attack can be applied to any round of a block cipher. We also show that when a block cipher is implemented with the masking countermeasure a similar attack can be applied to the first round of the cipher. We demonstrate that the attack works in practice by applying it to implementations of AES on 8051 and ARM7 microprocessors. We also demonstrate that the attack can be applied to implementations of block ciphers that use the masking countermeasure when three points are selected from which templates are constructed, or two points if the plaintext can be guessed.
|Translated title of the contribution||Unknown Plaintext Template Attacks|
|Title of host publication||Workshop on Information Security Applications – WISA 2009|
|Publisher||Springer Berlin Heidelberg|
|Publication status||Published - 2009|
Bibliographical noteOther page information: 148-162
Conference Proceedings/Title of Journal: Workshop on Information Security Applications – WISA 2009
Other identifier: 2001132