https://hal.telecom-paris.fr/hal-03326381Rioul, OlivierOlivierRioulCOMELEC - Département Communications & Electronique - Télécom ParisTechCOMNUM - Communications Numériques - LTCI - Laboratoire Traitement et Communication de l'Information - IMT - Institut Mines-Télécom [Paris] - Télécom ParisIP Paris - Institut Polytechnique de ParisGuilley, SylvainSylvainGuilleySSH - Secure and Safe Hardware - LTCI - Laboratoire Traitement et Communication de l'Information - IMT - Institut Mines-Télécom [Paris] - Télécom ParisCOMELEC - Département Communications & Electronique - Télécom ParisTechIP Paris - Institut Polytechnique de ParisSECRET KEY ESTIMATION METHODS AND DEVICESHAL CCSD2020[INFO.INFO-CR] Computer Science [cs]/Cryptography and Security [cs.CR][INFO.INFO-IT] Computer Science [cs]/Information Theory [cs.IT]Rioul, Olivier2021-08-25 21:39:552021-11-03 06:20:482021-08-25 21:39:55enPatents1A secret key estimation device is provided for determining an estimate of at least one secret key used during a number of executions of a cryptographic function used by at least one cryptographic algorithm. The number of executions of the cryptographic function is at least equal to two. The secret key estimation device comprises an analysis unit for determining a plurality of sets of leakage traces from a side-channel information acquired during the number of executions of the cryptographic function. Each set of leakage traces corresponds to an execution of the cryptographic function and comprising at least one leakage trace. The secret key estimation device further comprises a processing unit configured to determine a statistical distribution of the acquired plurality of sets of leakage traces. The statistical distribution is dependent on a leakage function, the leakage function being represented in a basis of functions by a set of real values. The secret key estimation device is configured to determine the secret key from the statistical distribution of the plurality of sets of leakage traces using an estimation algorithm according to the maximization of a performance metric.