I
nte
rna
t
io
na
l J
o
urna
l o
f
E
lect
rica
l a
nd
Co
m
p
ute
r
E
ng
in
ee
ring
(
I
J
E
CE
)
Vo
l.
5
,
No
.
4
,
A
u
g
u
s
t
201
5
,
p
p
.
7
5
9
~
7
6
4
I
SS
N:
2088
-
8708
ï²
759
J
o
ur
na
l ho
m
ep
a
g
e
:
h
ttp
:
//ia
e
s
jo
u
r
n
a
l.c
o
m/o
n
lin
e/in
d
ex
.
p
h
p
/I
JE
C
E
Security a
g
a
inst
Ti
m
ing
Ana
ly
sis
At
tac
k
Dee
v
i R
a
dh
a
Ra
ni
1
,
S.
Ven
ka
t
esw
a
rlu
2
1
De
p
a
rtme
n
t
o
f
Co
m
p
u
ter S
c
ien
c
e
a
n
d
E
n
g
in
e
e
rin
g
,
V
F
S
T
R
Un
iv
e
rsity
,
V
a
d
lam
u
d
i,
In
d
ia
2
De
p
a
rte
m
e
n
t
o
f
Co
m
p
u
ter S
c
ien
c
e
a
n
d
En
g
in
e
e
ri
n
g
,
KL
Un
iv
e
rsity
,
V
a
d
d
e
sw
a
r
a
m
,
In
d
ia
Art
icle
I
nfo
AB
ST
RAC
T
A
r
ticle
his
to
r
y:
R
ec
eiv
ed
Ma
r
1
8
,
2
0
1
5
R
ev
i
s
ed
A
p
r
2
8
,
2
0
1
5
A
cc
ep
ted
Ma
y
2
0
,
2
0
1
5
T
i
m
in
g
a
tt
a
c
k
is
th
e
t
y
p
e
o
f
sid
e
-
c
h
a
n
n
e
l
a
tt
a
c
k
in
v
o
lv
e
s
th
e
ti
m
e
ta
k
e
n
to
c
o
m
p
lete
c
rit
ica
l
o
p
e
ra
ti
o
n
s.
S
e
c
u
rin
g
c
ry
p
to
p
ro
c
e
ss
o
r
f
ro
m
ti
m
in
g
a
tt
a
c
k
is
c
rit
ica
l
issu
e
.
T
h
is
p
a
p
e
r
im
p
le
m
e
n
ts
th
e
Be
rn
ste
in
âs
T
i
m
in
g
A
tt
a
c
k
a
n
d
ti
m
in
g
a
tt
a
c
k
b
a
se
d
o
n
h
a
m
m
in
g
w
e
i
g
h
t.
T
h
e
c
o
u
n
term
e
a
su
re
s
o
f
Be
rn
ste
in
âs
T
i
m
in
g
a
tt
a
c
k
a
r
e
i
m
p
le
m
e
n
ted
in
o
u
r
e
x
p
e
rime
n
tal
tes
t
b
e
d
a
n
d
th
e
ir
p
e
rf
o
r
m
a
n
c
e
is
c
o
m
p
a
re
d
.
T
h
is
p
a
p
e
r
a
lso
p
ro
p
o
se
s
th
e
k
e
y
r
e
c
o
v
e
ry
m
e
th
o
d
b
a
se
d
o
n
ti
m
in
g
a
tt
a
c
k
u
sin
g
h
a
m
m
in
g
w
e
i
g
h
t
o
f
th
e
k
e
y
.
K
ey
w
o
r
d
:
Data
E
n
cr
y
p
tio
n
Stan
d
ar
d
Ha
m
m
i
n
g
W
ei
g
h
t
Sid
e
C
h
a
n
n
el
A
ttac
k
T
im
i
n
g
Attack
Co
p
y
rig
h
t
Âİ
2
0
1
5
In
stit
u
te o
f
A
d
v
a
n
c
e
d
E
n
g
i
n
e
e
rin
g
a
n
d
S
c
ien
c
e
.
Al
l
rig
h
ts
re
se
rv
e
d
.
C
o
r
r
e
s
p
o
nd
ing
A
uth
o
r
:
Dee
v
i Rad
h
a
R
a
n
i,
Dep
ar
te
m
en
t o
f
C
o
m
p
u
ter
Sci
en
ce
an
d
E
n
g
i
n
ee
r
in
g
,
VFST
R
Un
i
v
er
s
it
y
,
V
ad
la
m
u
d
i,
G
u
n
tu
r
Dt,
A
P
,
I
n
d
ia
.
E
m
ail:
d
r
ad
h
ar
an
i
29
@
g
m
ail.
c
o
m
1.
I
NT
RO
D
UCT
I
O
N
T
h
e
u
s
e
o
f
co
m
p
u
ter
s
an
d
co
m
m
u
n
icatio
n
s
y
s
te
m
s
in
cr
ea
s
es
th
e
n
ee
d
f
o
r
s
ec
u
r
i
n
g
th
e
i
n
f
o
r
m
atio
n
k
ep
t
in
d
ev
ices
o
r
s
en
t
b
et
w
ee
n
th
e
m
.
I
n
r
ea
l
w
o
r
ld
all
th
e
s
en
s
it
iv
e
i
n
f
o
r
m
atio
n
is
co
n
tr
o
l
led
an
d
d
is
tr
ib
u
ted
v
ia
co
m
p
u
ter
n
et
w
o
r
k
s
.
C
r
y
p
t
o
g
r
ap
h
ic
alg
o
r
it
h
m
s
p
r
o
tect
th
e
in
f
o
r
m
a
tio
n
b
y
p
r
o
tectin
g
cr
y
p
to
g
r
ap
h
ic
k
e
y
s
b
u
t
th
er
e
ar
e
s
till
m
a
n
y
is
s
u
e
s
f
o
r
s
y
s
te
m
s
i
n
w
h
ich
t
h
e
p
h
y
s
ical
i
m
p
le
m
e
n
tatio
n
s
ca
n
b
e
ac
ce
s
s
ed
.
T
o
d
ay
,
cr
y
p
to
g
r
ap
h
ic
al
g
o
r
ith
m
s
ar
e
in
cr
ea
s
in
g
l
y
ap
p
lied
o
r
e
m
b
ed
d
ed
in
d
ev
ice
s
s
u
c
h
a
s
s
m
ar
t
ca
r
d
s
a
n
d
ce
l
l
p
h
o
n
es.
A
ttac
k
er
s
ca
n
r
etr
iev
e
k
e
y
u
s
i
n
g
t
h
e
ti
m
in
g
m
ea
s
u
r
e
m
en
t
s
w
h
e
n
a
cr
y
p
to
g
r
ap
h
i
c
alg
o
r
ith
m
is
b
ein
g
i
m
p
le
m
en
ted
i
n
an
y
o
f
th
e
e
m
eb
ed
d
ed
s
y
s
te
m
s
.
T
h
is
p
ap
er
p
r
o
p
o
s
es
th
e
co
u
n
ter
m
ea
s
u
r
es
f
o
r
B
er
n
s
tei
n
â
s
T
im
i
n
g
A
ttac
k
a
n
d
p
r
o
p
o
s
es
th
e
e
f
f
icien
t
co
u
n
ter
m
ea
s
u
r
e
th
at
ca
n
b
e
i
m
p
le
m
en
ted
in
a
n
y
e
m
b
ed
d
ed
s
y
s
te
m
s
ag
ain
s
t
ti
m
i
n
g
a
n
al
y
s
i
s
attac
k
.
T
h
is
p
ap
er
also
g
iv
es
t
h
e
ti
m
i
n
g
a
n
al
y
s
i
s
attac
k
u
s
i
n
g
h
a
m
m
in
g
w
ei
g
h
t
an
d
p
r
o
p
o
s
es th
e
k
e
y
r
ec
o
v
er
y
al
g
o
r
ith
m
.
2.
B
ACK
G
RO
UND
AN
D
RE
L
E
VAN
T
T
O
P
I
CS
T
h
is
s
ec
tio
n
co
v
er
s
t
h
e
n
ec
ess
ar
y
to
p
ics
r
eq
u
ir
ed
to
d
ev
elo
p
an
d
ex
p
lain
th
e
p
r
o
p
o
s
ed
co
u
n
ter
m
ea
s
u
r
es a
n
d
al
g
o
r
ith
m
.
2
.
1
.
I
m
ple
m
ent
a
t
io
n At
t
a
ck
s
I
m
p
le
m
e
n
tatio
n
attac
k
s
ar
e
a
t
y
p
e
o
f
cr
y
p
ta
n
al
y
s
i
s
atta
ck
s
t
h
at
d
o
n
o
t
tar
g
et
cr
y
p
to
g
r
ap
h
ic
alg
o
r
ith
m
s
an
d
p
r
o
to
co
ls
d
ir
ec
tl
y
.
T
h
ese
a
ttack
s
r
at
h
er
ai
m
a
t
i
m
p
le
m
e
n
tatio
n
s
o
f
cr
y
p
to
g
r
ap
h
ic
s
y
s
te
m
s
(
e.
g
.
s
m
ar
t
ca
r
d
s
)
to
g
ain
k
n
o
w
led
g
e
ab
o
u
t
s
ec
r
et
in
f
o
r
m
atio
n
.
T
h
ese
attac
k
s
ca
n
b
e
A
cti
v
e
attac
k
s
,
w
h
ich
tar
g
et
th
e
p
h
y
s
ical
s
ec
u
r
it
y
o
f
t
h
e
d
ev
ice.
An
o
th
er
cla
s
s
o
f
atta
ck
s
ac
ts
in
a
p
as
s
i
v
e
w
a
y
,
j
u
s
t
b
y
o
b
s
er
v
i
n
g
t
h
e
in
h
er
e
n
t le
a
k
ag
e
o
f
th
e
cr
y
p
to
g
r
ap
h
ic
d
ev
ice.
Evaluation Warning : The document was created with Spire.PDF for Python.
ï²
I
SS
N
:
2
0
8
8
-
8708
I
J
E
C
E
Vo
l.
5
,
No
.
4
,
A
u
g
u
s
t
2
0
1
5
:
759
â
7
6
4
760
Fig
u
r
e
1
.
C
lass
if
ica
tio
n
o
f
I
m
p
le
m
en
ta
tio
n
A
ttac
k
s
.
P
a
s
s
ive
A
tta
ck
s
ar
e
e
v
en
m
o
r
e
d
an
g
er
o
u
s
a
s
t
h
e
y
d
o
n
o
t
leav
e
a
n
y
d
a
m
ag
e
to
t
h
e
cr
y
p
to
g
r
ap
h
ic
d
ev
ice
th
at
ca
n
b
e
r
ec
o
g
n
ize
d
later
o
n
.
P
ass
iv
e
A
ttac
k
s
j
u
s
t
u
s
e
t
h
e
cr
y
p
to
g
r
ap
h
ic
d
ev
ice
i
n
its
i
n
te
n
d
ed
en
v
ir
o
n
m
e
n
t
an
d
ca
n
o
b
tai
n
cr
y
p
to
g
r
ap
h
ic
k
e
y
s
b
y
lea
k
ed
i
n
f
o
r
m
atio
n
.
Sid
e
C
h
an
n
el
A
ttac
k
s
ca
n
r
etr
iev
e
th
e
s
ec
r
et
in
f
o
r
m
atio
n
(
k
e
y
)
in
s
id
e
th
o
s
e
d
ev
ices
b
y
co
llectin
g
an
d
an
al
y
zi
n
g
th
e
leak
a
g
e
in
f
o
r
m
at
io
n
f
r
o
m
s
id
e
ch
an
n
el
s
.
C
las
s
i
f
icatio
n
o
f
i
m
p
le
m
en
ta
tio
n
attac
k
s
ar
e
s
h
o
wn
in
Fig
u
r
e
1
.
2
.
2
.
Sid
e
Cha
nn
el
At
t
a
cks
Ko
ch
er
i
n
tr
o
d
u
ce
d
th
e
u
s
e
o
f
s
id
e
c
h
an
n
el
s
to
b
r
ea
k
a
c
r
y
p
to
s
y
s
te
m
[
1
]
,
[
2
]
.
A
ttac
k
s
in
v
o
lv
in
g
p
ass
iv
e
o
b
s
er
v
atio
n
o
f
e
x
ter
n
a
l
ch
ar
ac
ter
is
tics
o
f
a
d
ev
ice
ar
e
ter
m
ed
ea
ve
s
d
r
o
p
p
in
g
a
tta
ck
s
,
also
s
o
m
e
ti
m
e
s
ca
lled
s
id
e
-
ch
a
n
n
el
a
tta
ck
s
.
W
h
en
a
cr
y
p
to
g
r
ap
h
ic
d
e
v
ice
p
er
f
o
r
m
e
n
cr
y
p
tio
n
o
r
d
ec
r
y
p
tio
n
,
s
ec
r
e
t
p
ar
am
eter
s
co
r
r
elate
d
to
th
e
in
ter
m
ed
iate
d
ata
b
ein
g
p
r
o
ce
s
s
ed
ca
n
b
e
lea
k
ed
v
ia
o
p
er
atin
g
ti
m
es,
p
o
w
e
r
d
is
s
ip
atio
n
,
o
r
elec
tr
o
m
a
g
n
eti
c
r
ad
iatio
n
as
s
id
e
ch
an
n
el
in
f
o
r
m
atio
n
.
C
r
y
p
ta
n
al
y
s
is
b
ase
d
o
n
s
id
e
ch
an
n
e
l
in
f
o
r
m
atio
n
i
s
ca
lled
s
id
e
-
ch
a
n
n
el
at
tack
.
Fi
g
u
r
e
2
s
h
o
w
s
t
h
e
s
ce
n
ar
io
o
f
s
id
e
ch
a
n
n
el
atta
ck
.
Fig
u
r
e
2
.
Scen
ar
io
f
o
r
Sid
e
C
h
an
n
el
Attack
.
P
o
w
er
an
al
y
s
is
attac
k
s
[
2
]
ex
p
lo
it
th
e
d
ep
en
d
en
ce
b
et
w
ee
n
th
e
in
s
ta
n
tan
eo
u
s
p
o
w
er
co
n
s
u
m
p
tio
n
o
f
a
cr
y
p
to
g
r
ap
h
ic
d
ev
ice
an
d
th
e
d
ata
it
p
r
o
ce
s
s
e
s
a
n
d
/o
r
th
e
o
p
er
atio
n
it
p
er
f
o
r
m
s
.
T
h
e
o
v
er
all
p
o
w
er
co
n
s
u
m
p
tio
n
o
f
a
cr
y
p
to
g
r
ap
h
ic
d
ev
ice
ca
n
b
e
d
iv
id
ed
in
t
o
a
s
tatic
an
d
d
y
n
a
m
ic
p
ar
t.
Sin
ce
t
h
e
d
y
n
a
m
ic
p
o
w
er
co
n
s
u
m
p
tio
n
is
co
n
n
e
cted
d
ir
ec
tly
w
it
h
th
e
p
r
o
ce
s
s
ed
d
ata,
it
is
a
p
o
ten
tial
tar
g
et
to
d
etec
t
th
e
d
ep
en
d
en
c
y
b
et
w
ee
n
th
e
s
e
t
w
o
p
ar
a
m
eter
s
.
Fo
r
th
at
r
ea
s
o
n
,
p
o
w
er
tr
ac
es
ca
n
b
e
u
s
ed
to
o
b
tain
s
ec
r
et
in
f
o
r
m
a
tio
n
.
T
h
er
e
ar
e
m
ai
n
l
y
t
w
o
attac
k
s
u
s
i
n
g
th
is
ap
p
r
o
ac
h
,
th
e
s
i
m
p
le
p
o
w
er
an
al
y
s
i
s
an
d
th
e
d
i
f
f
er
e
n
tial
p
o
w
er
an
al
y
s
is
.
I
n
a
s
imp
le
p
o
w
er
-
a
n
a
lysi
s
,
th
e
attac
k
er
u
s
es
d
etailed
k
n
o
w
led
g
e
o
f
t
h
e
d
ev
ice
to
id
en
tify
w
h
ic
h
in
s
tr
u
ctio
n
s
ar
e
b
ein
g
ex
ec
u
ted
b
ased
o
n
th
eir
p
o
w
e
r
s
ig
n
at
u
r
es.
I
n
a
d
iffer
en
tia
l
p
o
w
er
a
n
a
lysi
s
,
th
e
Im
pl
e
m
e
nt
at
i
on
A
t
t
ack
s
A
ct
i
v
e
A
t
t
ack
s
Inv
asi
v
e
A
t
t
ack
s
S
e
m
i
-
Inv
asi
v
e
A
t
t
ack
s
Non
-
Inv
asi
v
e
A
t
t
ack
s
P
ass
i
v
e
A
t
t
ack
s
S
i
de
-
C
hanne
l
A
t
t
ack
s
P
owe
r
A
nal
y
s
i
s
E
M
A
nal
y
s
i
s
Ti
m
i
ng
A
nal
y
s
i
s
L
ogi
cal
A
t
t
ack
s
Evaluation Warning : The document was created with Spire.PDF for Python.
I
J
E
C
E
I
SS
N:
2088
-
8708
ï²
S
ec
u
r
ity
a
g
a
in
s
t Timin
g
A
n
a
lysi
s
A
tta
ck
(
Dee
vi
R
a
d
h
a
R
a
n
i
)
761
attac
k
er
u
s
e
s
a
h
y
p
o
t
h
etica
l
m
o
d
el
o
f
th
e
d
ev
ice,
an
d
r
ef
in
es
th
is
m
o
d
el
w
it
h
s
tati
s
tical
an
al
y
s
i
s
o
f
th
e
p
o
w
e
r
u
s
a
g
e
o
f
t
h
e
d
ev
ice
as s
h
o
w
n
i
n
th
e
Fig
u
r
e
3
.
Fig
u
r
e
3
.
Dif
f
er
en
tial P
o
w
er
A
n
al
y
s
i
s
A
ttac
k
.
E
lectr
o
m
a
g
n
etic
an
al
y
s
is
[
3
]
e
x
p
lo
its
in
f
o
r
m
at
io
n
th
at
lea
k
s
th
r
o
u
g
h
t
h
e
elec
tr
o
m
ag
n
etic
f
i
eld
th
at
is
p
r
o
d
u
ce
d
b
y
a
d
ev
ice.
E
M
e
m
an
a
tio
n
ca
n
also
e
x
p
lo
it
lo
ca
l
in
f
o
r
m
a
tio
n
an
d
,
alt
h
o
u
g
h
m
o
r
e
n
o
is
y
,
t
h
e
m
ea
s
u
r
e
m
e
n
t
s
ca
n
b
e
p
er
f
o
r
m
ed
f
r
o
m
a
d
is
ta
n
ce
.
T
h
er
e
ar
e
2
t
y
p
es
o
f
e
m
a
n
atio
n
s
:
i
n
ten
tio
n
al
a
n
d
u
n
i
n
te
n
tio
n
al.
T
h
e
f
ir
s
t
t
y
p
e
r
esu
l
ts
f
r
o
m
d
ir
ec
t
c
u
r
r
en
t
f
lo
w
s
.
T
h
e
s
ec
o
n
d
t
y
p
e
i
s
ca
u
s
ed
b
y
v
ar
io
u
s
co
u
p
lin
g
s
,
m
o
d
u
latio
n
s
etc.
T
im
i
n
g
attac
k
is
t
h
e
t
y
p
e
o
f
s
id
e
-
ch
a
n
n
el
attac
k
i
n
v
o
lv
es
th
e
ti
m
e
tak
e
n
to
co
m
p
l
ete
cr
itical
o
p
er
atio
n
s
.
Ko
ch
er
[
1
]
p
r
o
v
id
es
a
d
etailed
attac
k
s
tr
ate
g
y
f
o
r
ti
m
i
n
g
cr
y
p
to
-
a
n
al
y
s
i
s
o
f
s
ev
er
al
co
m
m
o
n
l
y
u
s
ed
alg
o
r
ith
m
s
.
He
n
o
tes
th
a
t
b
y
m
ea
s
u
r
i
n
g
th
e
ti
m
e
tak
e
n
to
p
e
r
f
o
r
m
p
r
iv
ate
k
e
y
o
p
er
atio
n
s
,
attac
k
er
s
ca
n
r
ec
o
v
er
th
e
i
n
p
u
t
to
t
h
o
s
e
o
p
er
atio
n
s
,
t
h
er
eb
y
d
eter
m
i
n
i
n
g
t
h
e
p
r
iv
ate
k
e
y
.
Fi
g
u
r
e
4
p
r
ese
n
t
t
h
e
ti
m
i
n
g
a
ttack
p
r
in
cip
le.
I
m
p
le
m
e
n
tatio
n
s
o
f
cr
y
p
to
g
r
a
p
h
ic
alg
o
r
it
h
m
s
o
f
ten
p
er
f
o
r
m
co
m
p
u
tatio
n
s
i
n
n
o
n
-
co
n
s
ta
n
t
ti
m
e,
d
u
e
to
p
er
f
o
r
m
an
ce
o
p
ti
m
izat
io
n
s
.
I
f
s
u
c
h
o
p
er
atio
n
s
i
n
v
o
lv
e
s
e
cr
et
p
ar
a
m
eter
s
,
t
h
ese
ti
m
i
n
g
v
ar
iatio
n
s
ca
n
lea
k
s
o
m
e
in
f
o
r
m
atio
n
a
n
d
,
p
r
o
v
i
d
ed
en
o
u
g
h
k
n
o
w
led
g
e
o
f
th
e
i
m
p
le
m
e
n
tatio
n
i
s
at
h
a
n
d
,
a
ca
r
ef
u
l
s
tat
is
tica
l
an
al
y
s
is
co
u
ld
ev
e
n
lead
to
th
e
to
tal
r
ec
o
v
er
y
o
f
th
e
s
e
s
ec
r
et
p
ar
am
eter
s
.
Fig
u
r
e
4
.
T
h
e
T
im
i
n
g
A
ttac
k
P
r
in
cip
le.
2
.
3
.
Adv
a
nced
E
ncry
ptio
n St
a
nd
a
rd
A
d
v
an
ce
d
E
n
cr
y
p
t
io
n
Sta
n
d
ar
d
(
A
E
S)
w
a
s
an
n
o
u
n
ce
d
b
y
Vin
ce
n
t
R
ij
m
e
n
an
d
J
o
an
Dae
m
en
u
n
d
er
FIP
S
1
9
7
b
y
th
e
NI
ST
[
4
]
.
T
o
d
ay
A
E
S
is
w
id
el
y
d
ep
lo
y
ed
i
n
b
o
th
s
o
f
t
w
ar
e
an
d
h
ar
d
w
ar
e
an
d
is
e
x
p
ec
ted
to
b
e
th
e
w
o
r
ld
's
p
r
ed
o
m
i
n
an
t
b
l
o
ck
cip
h
er
o
v
er
th
e
co
m
i
n
g
y
e
ar
s
.
A
E
S
is
an
iter
ated
b
lo
ck
cip
h
er
,
w
h
ich
u
s
es
a
Evaluation Warning : The document was created with Spire.PDF for Python.
ï²
I
SS
N
:
2
0
8
8
-
8708
I
J
E
C
E
Vo
l.
5
,
No
.
4
,
A
u
g
u
s
t
2
0
1
5
:
759
â
7
6
4
762
f
i
x
ed
b
lo
ck
s
ize
o
f
1
2
8
b
its
an
d
a
k
e
y
w
h
ic
h
i
s
1
2
8
,
1
9
2
o
r
2
5
6
b
its
in
le
n
g
t
h
.
Dif
f
er
en
t
tr
a
n
s
f
o
r
m
at
io
n
s
o
p
er
ate
o
n
th
e
in
ter
m
ed
iate
r
esu
lt
s
,
ca
ll
ed
s
tates.
Af
ter
an
in
it
ial
r
o
u
n
d
k
e
y
ad
d
itio
n
,
th
e
s
tate
ar
r
ay
i
s
tr
an
s
f
o
r
m
ed
b
y
i
m
p
le
m
e
n
ti
n
g
a
r
o
u
n
d
f
u
n
ctio
n
1
0
,
1
2
,
o
r
1
4
ti
m
es
d
ep
en
d
in
g
o
n
th
e
k
e
y
len
g
t
h
.
E
ac
h
r
o
u
n
d
ex
ce
p
t
th
e
la
s
t
co
n
s
is
t
s
o
f
f
o
u
r
s
tag
es
:
S
u
b
B
y
tes,
S
h
i
f
t
R
o
w
s
,
Mix
C
o
l
u
m
n
s
an
d
A
d
d
R
o
u
n
d
Ke
y
.
T
w
o
o
f
t
h
ese
s
tag
e
s
i
n
v
o
l
v
e
tr
a
n
s
f
o
r
m
atio
n
s
o
v
er
Galo
i
s
Fie
ld
(
GF
-
2
8
)
.
Gen
er
all
y
i
n
s
o
f
t
w
ar
e
i
m
p
le
m
en
ta
tio
n
s
,
th
e
m
u
ltip
licati
v
e
in
v
er
s
e
o
v
er
G
F
(
2
8
)
is
p
r
e
-
co
m
p
u
ted
an
d
s
t
o
r
ed
in
m
e
m
o
r
y
i
n
a
tab
le
n
am
ed
SB
OX.
I
n
o
r
d
er
to
s
p
ee
d
u
p
ex
ec
u
tio
n
o
f
t
h
e
c
ip
h
er
,
s
o
f
t
w
ar
e
i
m
p
le
m
e
n
tatio
n
s
m
a
y
f
u
r
th
er
co
m
b
i
n
e
th
e
S
u
b
B
y
tes
a
n
d
Sh
i
f
t
R
o
w
s
w
it
h
Mi
x
C
o
lu
m
n
s
,
tr
an
s
f
o
r
m
in
g
th
e
m
in
to
a
s
e
q
u
en
ce
o
f
tab
le
lo
o
k
u
p
s
.
T
h
ese
tab
les
s
to
r
e
p
r
e
-
co
m
p
u
ted
v
al
u
es a
v
o
id
in
g
ti
m
e
co
n
s
u
m
i
n
g
co
m
p
u
ta
tio
n
s
.
AE
S a
lg
o
r
ith
m
o
f
k
e
y
len
g
t
h
1
2
8
/1
9
2
/2
5
6
w
as
w
e
ll
d
ev
elo
p
ed
in
FP
GA
[
5
]
an
d
th
r
o
u
g
h
p
u
t
an
d
ar
ea
co
m
p
ar
is
o
n
is
d
o
n
e
in
h
ar
d
w
ar
e
i
m
p
le
m
e
n
tatio
n
[
6
]
.
Du
r
in
g
th
e
A
E
S
s
elec
tio
n
p
r
o
ce
s
s
,
it
w
a
s
b
eliev
ed
t
h
at
ti
m
i
n
g
at
ta
ck
s
w
er
e
o
n
l
y
ap
p
licab
le
to
s
o
f
t
w
ar
e
w
it
h
a
d
ata
d
ep
en
d
en
t
ex
ec
u
tio
n
p
ath
(
i.e
.
,
b
r
an
ch
s
tate
m
e
n
t
s
,
d
ata
d
ep
e
n
d
en
t
s
h
i
f
ts
,
etc.
)
.
I
n
th
e
f
in
al
ev
alu
a
tio
n
o
f
A
E
S
ca
n
d
id
ates,
NI
ST
s
tated
th
at
tab
le
lo
o
k
u
p
o
p
e
r
atio
n
s
ar
e
n
o
t
v
u
l
n
er
ab
le
to
tim
in
g
att
ac
k
s
â
an
d
d
ec
lar
ed
R
ij
n
d
ae
l
as
ca
p
ab
le
o
f
a
v
er
ti
n
g
s
id
e
-
ch
a
n
n
el
a
ttack
s
.
De
s
p
ite
th
e
p
r
ev
io
u
s
o
p
ti
m
is
t
ic
c
lai
m
s
b
y
t
h
e
NI
ST
,
r
ec
en
t
r
esear
ch
h
a
s
p
r
o
v
en
s
o
m
e
i
m
p
le
m
e
n
tatio
n
s
o
f
A
E
S
t
o
b
e
v
u
ln
er
ab
le
to
s
ev
er
al
f
o
r
m
s
o
f
s
id
e
ch
an
n
e
l
attac
k
s
[
7
]
.
2
.
4
.
B
er
ns
t
einâ
s
T
i
m
ing
At
t
a
ck
T
w
o
s
er
v
er
s
ar
e
u
s
ed
to
i
m
p
le
m
en
t
B
er
n
s
tei
n
â
s
T
im
i
n
g
A
tta
ck
.
T
h
e
p
r
o
g
r
ess
io
n
o
f
i
m
p
le
m
en
tatio
n
:
C
lie
n
ts
s
en
d
p
ac
k
ets
to
s
er
v
er
s
f
o
r
e
n
cr
y
p
tio
n
,
s
er
v
er
ad
d
ti
m
e
s
ta
m
p
to
t
h
e
p
ac
k
et,
en
cr
y
p
ts
u
s
in
g
s
er
v
er
â
s
k
e
y
,
a
n
o
th
er
ti
m
e
s
ta
m
p
is
a
d
d
ed
,
cip
h
er
tex
t
an
d
th
e
ti
m
e
f
o
r
en
cr
y
p
ti
n
g
th
e
p
ac
k
et
s
ar
e
r
ec
o
r
d
ed
.
T
h
e
o
r
ig
in
al
p
ac
k
et
a
n
d
th
e
t
w
o
ti
m
e
s
ta
m
p
s
is
p
ad
d
ed
w
it
h
cip
h
er
tex
t
i
s
s
en
t
b
ac
k
to
th
e
cli
en
t.
T
h
e
n
u
m
b
er
o
f
c
y
cles
t
h
at
h
a
v
e
b
ee
n
ta
k
en
b
y
th
e
en
cr
y
p
tio
n
p
r
o
ce
s
s
is
ca
lc
u
lated
u
s
in
g
t
h
e
t
w
o
ti
m
e
s
ta
m
p
v
al
u
es.
O
n
l
y
t
h
e
p
ac
k
ets
t
h
at
h
a
v
e
co
n
s
u
m
ed
m
o
r
e
th
a
n
1
0
,
0
0
0
cy
cle
s
ar
e
co
n
s
id
er
ed
f
o
r
th
e
attac
k
to
r
ed
u
ce
th
e
ef
f
ec
t
o
f
n
o
is
e.
Fo
r
ea
ch
p
lain
te
x
t
b
y
te
,
th
e
a
v
er
ag
e
n
u
m
b
er
o
f
c
y
cl
es,
d
ev
iatio
n
an
d
t
h
e
es
ti
m
ate
d
d
ev
iatio
n
f
o
r
th
e
en
cr
y
p
tio
n
is
ca
lc
u
lated
.
A
f
te
r
co
llectin
g
s
u
f
f
icie
n
t
a
m
o
u
n
t
o
f
ti
m
in
g
d
ata
f
o
r
b
o
th
th
e
k
n
o
w
n
k
e
y
a
n
d
th
e
u
n
k
n
o
w
n
k
e
y
,
a
s
et
o
f
k
e
y
p
o
s
s
ib
ilit
ie
s
f
o
r
ea
ch
k
e
y
b
y
te
is
id
en
tif
ied
b
y
co
m
p
ar
in
g
t
h
e
tw
o
s
et
s
o
f
ti
m
in
g
d
ata.
Fin
all
y
a
p
ac
k
et
h
a
v
i
n
g
all
ze
r
o
s
is
en
cr
y
p
ted
w
it
h
th
e
d
if
f
er
en
t
k
e
y
co
m
b
i
n
atio
n
s
f
r
o
m
t
h
e
s
et
o
f
id
en
ti
f
ied
k
e
y
p
o
s
s
ib
ilit
ie
s
.
B
y
co
m
p
ar
in
g
t
h
e
r
es
u
lti
n
g
c
ip
h
er
tex
t
a
n
d
th
e
c
ip
h
er
tex
t
r
ec
eiv
ed
o
f
t
h
e
s
er
v
er
,
th
e
k
e
y
co
m
b
i
n
atio
n
th
a
t
w
o
u
ld
en
cr
y
p
t
th
e
ze
r
o
s
i
n
t
h
e
s
a
m
e
w
a
y
as
d
o
n
e
b
y
t
h
e
s
er
v
er
i
s
id
en
ti
f
ied
as
t
h
e
s
ec
r
et
k
e
y
.
3.
RE
SU
L
T
S
A
ND
AN
AL
Y
SI
S
3
.
1
.
P
r
o
po
s
ed
Co
un
t
er
m
ea
s
u
re
s
f
o
r
B
er
ns
t
einâ
s
At
t
a
ck
C
o
u
n
ter
m
ea
s
u
r
e
s
f
o
r
B
er
n
s
tei
n
â
s
attac
k
[
8
]
w
o
u
ld
b
e
E
lim
in
ati
n
g
T
tab
les,
Ma
s
k
i
n
g
ti
m
i
n
g
d
ata
f
r
o
m
t
h
e
ca
ch
e,
u
s
in
g
s
m
aller
tab
les
f
o
r
ca
lcu
latio
n
s
,
ad
d
in
g
r
an
d
o
m
d
ela
y
i
n
ex
ec
u
tio
n
o
f
alg
o
r
ith
m
,
p
lacin
g
lo
o
k
u
p
tab
les
in
r
eg
i
s
ter
f
i
le,
p
er
f
o
r
m
i
n
g
en
cr
y
p
t
io
n
u
s
i
n
g
h
ar
d
w
ar
e
an
d
O
S
s
u
p
p
o
r
t
f
o
r
p
ar
titi
o
n
i
n
g
lo
ck
i
n
g
an
d
d
is
ab
lin
g
ca
c
h
e.
T
h
ese
co
u
n
ter
m
ea
s
u
r
es
ar
e
i
m
p
le
m
en
ted
i
n
o
u
r
e
x
p
er
i
m
e
n
tal
te
s
t
b
ed
[
9
]
an
d
th
e
p
er
f
o
r
m
a
n
ce
o
f
t
h
e
co
u
n
te
r
m
ea
s
u
r
es
i
s
e
v
alu
ated
.
Ad
d
in
g
r
an
d
o
m
d
ela
y
w
o
u
l
d
ev
o
lv
e
a
s
b
es
t
co
u
n
ter
m
ea
s
u
r
e
to
B
er
n
s
tein
â
s
ti
m
i
n
g
at
tack
.
Fi
g
u
r
e
5
s
h
o
w
s
th
e
p
er
f
o
r
m
a
n
ce
o
f
co
u
n
ter
m
ea
s
u
r
es.
Fig
u
r
e
5
.
P
er
f
o
r
m
a
n
ce
o
f
C
o
u
n
ter
m
ea
s
u
r
e
s
Evaluation Warning : The document was created with Spire.PDF for Python.
I
J
E
C
E
I
SS
N:
2088
-
8708
ï²
S
ec
u
r
ity
a
g
a
in
s
t Timin
g
A
n
a
lysi
s
A
tta
ck
(
Dee
vi
R
a
d
h
a
R
a
n
i
)
763
3
.
2
.
P
r
o
po
s
ed
K
ey
Rec
o
v
er
y
Alg
o
rit
h
m
f
o
r
T
i
m
ing
At
t
a
ck
B
a
s
ed
o
n H
a
mm
i
ng
Weig
h
t
T
o
im
p
l
e
m
e
n
t
ti
m
in
g
attac
k
,
a
lar
g
e
n
u
m
b
er
o
f
ti
m
i
n
g
m
ea
s
u
r
e
m
e
n
ts
i
s
r
eq
u
ir
ed
.
I
n
th
is
m
et
h
o
d
w
e
f
i
n
d
th
at
t
i
m
in
g
attac
k
w
h
ic
h
co
u
ld
r
ev
ea
l
h
a
m
m
i
n
g
w
ei
g
h
t
o
f
t
h
e
k
e
y
.
T
h
e
esti
m
at
i
o
n
o
f
t
h
e
h
a
m
m
i
n
g
w
ei
g
h
t
o
f
k
e
y
ca
n
b
e
ac
h
ie
v
e
d
w
it
h
t
w
o
co
n
d
it
io
n
s
i)
ac
cu
r
ate
ti
m
i
n
g
m
ea
s
u
r
e
m
e
n
t
s
ca
n
b
e
o
b
tain
ed
ii)
th
e
ti
m
e
v
ar
iatio
n
b
y
k
e
y
s
w
it
h
o
n
e
m
o
r
e
o
r
o
n
e
less
s
e
t
b
it
is
l
ar
g
e
co
m
p
ar
ed
to
th
e
v
ar
iatio
n
s
i
n
th
e
e
n
cr
y
p
tio
n
an
d
k
e
y
s
c
h
ed
u
le
g
e
n
er
atio
n
ti
m
e
p
r
o
d
u
ce
d
b
y
d
i
f
f
er
en
t
k
e
y
s
w
it
h
id
en
tica
l
h
a
m
m
i
n
g
w
ei
g
h
t.
T
h
e
es
ti
m
atio
n
o
f
h
a
m
m
i
n
g
w
e
ig
h
t
o
f
th
e
k
e
y
ca
n
b
e
d
o
n
e
if
ti
m
i
n
g
m
ea
s
u
r
e
m
en
t
s
o
f
s
ev
er
al
e
n
cr
y
p
tio
n
s
o
f
th
e
s
a
m
e
p
lain
tex
t
is
o
b
tain
ed
.
R
an
d
o
m
p
lain
tex
t
is
g
i
v
en
a
s
a
in
p
u
t.
Sa
m
e
p
lai
n
te
x
t
is
e
n
cr
y
p
ted
f
o
r
1
0
0
0
tim
e
s
u
s
i
n
g
6
4
b
it
k
e
y
a
n
d
s
to
r
es
all
cip
h
er
tex
t
w
it
h
t
h
e
co
r
r
esp
o
n
d
in
g
ti
m
e
tak
e
n
to
e
n
cr
y
p
t.
T
h
e
m
et
h
o
d
co
llects
t
h
e
p
lain
tex
t,
cip
h
er
te
x
ts
w
it
h
it
s
ti
m
in
g
m
ea
s
u
r
e
m
en
t
s
.
T
h
e
i
n
p
u
t
m
e
s
s
a
g
e
i
s
n
o
t
f
i
x
ed
,
we
ch
o
o
s
e
m
es
s
ag
e
r
an
d
o
m
l
y
at
s
tar
t
o
f
ea
ch
en
cr
y
p
t
io
n
.
W
e
b
u
ild
a
tab
le
o
f
a
v
er
ag
e
en
cr
y
p
tio
n
ti
m
e
v
er
s
u
s
h
a
m
m
i
n
g
w
ei
g
h
t
o
f
th
e
k
e
y
.
I
t
allo
w
s
a
n
attac
k
er
t
o
d
eter
m
i
n
e
t
h
e
h
a
m
m
i
n
g
w
e
i
g
h
t
o
f
t
h
e
k
e
y
.
Usi
n
g
all
g
en
e
r
ated
tr
ac
es
an
d
its
ti
m
i
n
g
m
ea
s
u
r
e
m
e
n
ts
a
v
er
a
g
e
ti
m
i
n
g
m
ea
s
u
r
e
m
e
n
ts
ar
e
ca
lcu
lated
w
it
h
h
a
m
m
i
n
g
w
ei
g
h
t
o
f
th
e
k
e
y
.
Ou
r
i
m
p
le
m
en
ta
tio
n
is
m
o
r
e
ef
f
ici
en
t
in
r
e
v
ea
li
n
g
t
h
e
cr
y
p
to
g
r
a
p
h
ic
k
e
y
t
h
a
n
co
m
p
ar
ed
to
b
r
u
te
f
o
r
ce
k
e
y
s
ea
r
ch
.
T
h
e
p
s
eu
d
o
co
d
e
d
escr
ib
ed
b
e
lo
w
i
n
F
ig
u
r
e
6
s
h
o
w
s
t
h
e
k
e
y
r
ec
o
v
er
y
m
et
h
o
d
b
ased
o
n
t
i
m
i
n
g
attac
k
u
s
i
n
g
h
a
m
m
i
n
g
w
ei
g
h
t o
f
th
e
k
e
y
.
Input:
M: set of 64
-
bit plaintexts,
C: set of 6
4
-
bit ciphertexts,
t is time it takes AES to generated ciphertext C from Message M
Pseudocode:
for i=0 to 64
Let l be such that |{ j : |T
j
-
t| < |T
l
-
t|
}|
=
i
3
Let k
l
= { K ε {0,1}
64
: wt(K) = l}
Choose random m in {0,âĤ.,|K
l
|
-
1}
For j=0 to |K
l
|
-
1
Let K
be the (m+j) mod |K
l
|
If (AES encryption of M under key K yields C)
then return (K)
Fig
u
r
e
6
.
Ke
y
r
ec
o
v
er
y
m
eth
o
d
b
ased
o
n
tim
in
g
attac
k
u
s
in
g
h
a
m
m
i
n
g
w
eig
h
t o
f
th
e
k
e
y
4.
CO
NCLU
SI
O
N
W
e
s
tu
d
y
t
h
e
i
m
p
le
m
en
ta
tio
n
B
er
n
s
tei
n
â
s
T
i
m
i
n
g
A
ttac
k
ag
ain
s
t
A
E
S
cr
y
p
to
s
y
s
te
m
an
d
ti
m
in
g
attac
k
b
ased
o
n
h
a
m
m
in
g
w
e
i
g
h
t.
T
h
e
co
u
n
ter
m
ea
s
u
r
es
a
g
a
in
s
t
B
er
n
s
tei
n
â
s
T
i
m
i
n
g
A
ttac
k
ar
e
p
r
esen
ted
a
n
d
th
e
p
er
f
o
r
m
an
ce
o
f
t
h
e
co
u
n
ter
m
ea
s
u
r
es
is
co
m
p
ar
ed
.
A
d
d
in
g
r
an
d
o
m
d
ela
y
w
o
u
ld
ev
o
lv
e
as
b
es
t
co
u
n
ter
m
ea
s
u
r
e
to
B
er
n
s
te
in
â
s
ti
m
i
n
g
at
tac
k
.
T
h
e
p
r
o
p
o
s
ed
k
e
y
r
ec
o
v
er
y
m
e
th
o
d
i
n
t
h
is
p
a
p
er
ca
n
r
ec
o
v
er
th
e
k
e
y
m
o
r
e
ef
f
icie
n
tl
y
u
s
in
g
t
h
e
h
a
m
m
i
n
g
w
ei
g
h
t.
ACK
NO
WL
E
D
G
E
M
E
NT
S
I
w
o
u
ld
lik
e
to
t
h
a
n
k
DST
W
OS
-
A
f
o
r
s
p
o
n
s
o
r
in
g
m
e
to
d
o
th
is
r
esear
ch
w
o
r
k
an
d
p
u
b
li
s
h
.
I
w
o
u
ld
also
th
a
n
k
V
F
ST
R
Un
i
v
er
s
it
y
an
d
K
L
Un
iv
er
s
it
y
f
o
r
t
h
ei
r
s
u
p
p
o
r
t
an
d
f
ac
i
liti
es
to
ca
r
r
y
o
u
t
m
y
r
esear
c
h
w
o
r
k
.
RE
F
E
R
E
NC
E
S
[1
]
P
.
Ko
c
h
e
r,
T
imin
g
At
ta
c
k
s
o
n
Im
p
lem
e
n
ta
ti
o
n
s
o
f
Diff
ie
-
He
ll
ma
n
,
RS
A,
DS
S
a
n
d
Oth
e
r
S
y
ste
ms
,
in
th
e
P
r
o
c
e
e
d
in
g
s
o
f
Cr
y
p
to
1
9
9
6
,
L
NCS,
v
o
l
1
1
0
9
,
p
p
1
0
4
â
1
1
3
,
S
a
n
ta Ba
rb
a
ra
,
CA
,
USA
,
A
u
g
u
st 1
9
9
6
.
[2
]
P
.
Ko
c
h
e
r,
J.
Ja
ff
e
,
B.
Ju
n
,
Diff
e
re
n
ti
a
l
P
o
we
r
An
a
lys
is
,
in
th
e
P
r
o
c
e
e
d
in
g
s
o
f
Cr
y
p
to
1
9
9
9
,
L
NCS,
v
o
l
1
6
6
6
,
p
p
398
â
4
1
2
,
S
a
n
ta
-
Ba
rb
a
ra
,
CA
,
USA
,
A
u
g
u
st 1
9
9
9
.
[3
]
D.
Ag
ra
wa
l,
B.
A
r
c
h
a
m
b
e
a
u
lt
,
J.
Ra
o
,
P
.
Ro
h
a
tg
i,
T
h
e
EM
S
id
e
-
Ch
a
n
n
e
l(
s)
,
in
th
e
p
ro
c
e
e
d
i
n
g
s
o
f
CHES
2
0
0
2
,
L
NCS,
v
o
l
2
5
2
3
,
p
p
2
9
â
4
5
,
Re
d
w
o
o
d
Cit
y
,
CA
,
US
A
,
A
u
g
u
st 2
0
0
2
.
[4
]
A
d
v
a
n
c
e
d
En
c
ry
p
ti
o
n
S
tan
d
a
r
d
,
F
e
d
e
ra
l
In
f
o
rm
a
ti
o
n
P
r
o
c
e
ss
in
g
S
tan
d
a
rd
s
P
u
b
li
c
a
ti
o
n
s 1
9
7
,
2
6
No
v
e
m
b
e
r
2
0
0
1
.
[5
]
Kin
g
e
,
P
ra
v
in
V
.
,
S
.
J.
H
o
n
a
le,
a
n
d
C.
M
.
Bo
b
a
d
e
,
â
De
sig
n
o
f
A
ES
A
lg
o
rit
h
m
f
o
r
1
2
8
/
1
9
2
/2
5
6
Ke
y
L
e
n
g
th
in
F
P
GA
â
,
In
tern
a
ti
o
n
a
l
J
o
u
r
n
a
l
o
f
REco
n
v
ig
u
ra
b
le an
d
Em
b
e
d
d
e
d
S
y
ste
m
s,
V
o
l.
3
,
No
.
2
,
2
0
1
4
.
Evaluation Warning : The document was created with Spire.PDF for Python.
ï²
I
SS
N
:
2
0
8
8
-
8708
I
J
E
C
E
Vo
l.
5
,
No
.
4
,
A
u
g
u
s
t
2
0
1
5
:
759
â
7
6
4
764
[6
]
EI
A
d
ib
,
S
a
m
ir,
Na
o
u
f
a
l
Ra
isso
u
n
i,
â
A
ES
En
c
ry
p
ti
o
n
A
lg
o
rit
h
m
Ha
rd
w
a
r
e
I
m
p
le
m
e
n
tatio
n
:
T
h
ro
u
g
h
p
u
t
a
n
d
A
re
a
Co
m
p
a
riso
n
o
f
1
2
8
,
1
9
2
,
a
n
d
2
5
6
-
b
it
s
Ke
y
â
,
In
tern
a
ti
o
n
a
l
Jo
u
rn
a
l
o
f
Re
c
o
n
f
ig
u
ra
b
le
a
n
d
Em
b
e
d
d
e
d
S
y
ste
m
s,
V
o
l.
1
,
No
.
2
,
p
p
.
6
7
-
7
4
,
2
0
1
2
.
[7
]
F
.
Ko
e
u
n
e
a
n
d
J.
Qu
isq
u
a
ter.
A
ti
m
in
g
a
tt
a
c
k
a
g
a
in
st Ri
jn
d
a
e
l.
T
e
c
h
n
ica
l
Re
p
o
rt
CG
-
1
9
9
9
/
1
,
Ju
n
e
1
9
9
9
.
[8
]
Ja
y
a
sin
g
h
e
,
D.;
F
e
rn
a
n
d
o
,
J.;
H
e
ra
th
,
R.
;
Ra
g
e
l,
R.
,
â
Re
m
o
te
Ca
c
h
e
T
i
m
in
g
A
tt
a
c
k
o
n
A
d
v
a
n
c
e
d
En
c
ry
p
ti
o
n
S
tan
d
a
rd
a
n
d
c
o
u
n
term
e
a
su
re
s
â
,
In
fo
rm
a
t
io
n
a
n
d
A
u
to
m
a
ti
o
n
f
o
r
S
u
sta
in
a
b
il
it
y
(
ICIAF
s),
2
0
1
0
5
th
In
ter
n
a
ti
o
n
a
l
Co
n
fer
e
n
c
e
o
n
,
v
o
l.
,
n
o
.
,
p
p
.
1
7
7
,
1
8
2
,
1
7
-
1
9
De
c
.
2
0
1
0
.
[9
]
De
e
v
i
Ra
d
h
a
Ra
n
i,
S
.
V
e
n
k
a
tes
w
a
rlu
,
â
T
i
m
in
g
A
n
a
l
y
sis
A
tt
a
c
k
b
a
se
d
o
n
Ha
m
m
in
g
W
e
ig
h
tâ
,
in
In
tern
a
ti
o
n
a
l
Jo
u
rn
a
l
o
f
A
p
p
li
e
d
En
g
i
n
e
e
rin
g
Re
se
a
rc
h
,
V
o
l.
9
,
No
.
1
8
(2
0
1
4
)
p
p
.
5
1
6
1
-
5
1
6
9
.
Evaluation Warning : The document was created with Spire.PDF for Python.