The Myth of Generic DPA... and the Magic of Learning
A prominent strand within the side-channel literature is the quest for generic attack strategies: methods by which data-dependent leakage measurements can be successfully analyzed with 'No' a priori knowledge about the leakage characteristics. In this paper, the authors introduce a well-reasoned definition for what it means to have 'No' a priori insight (that is, to use a power model which approximates the device-up to nominality-by the equivalence classes associated with the target function), and use this to define generic DPA attacks. With these definitions they are able to clarify precise conditions (on the target function) under which generic attacks succeed. Doing so, they expose a rather limited range of vulnerable target functions, so that the 'Myth' of the potential power of generic DPA is somewhat dispelled.