More precisely, the purpose of the method is to make the way in which a calculation is performed dependent on secret data, which data can be different depending on the computer system involved or the secret key used. The objective is to enable computer systems not to be vulnerable to a certain type of physical attack known as “Differential Key Differential Power Analysis,” abbreviated DKDPA, which seeks to obtain information on a secret key by studying the electric power consumption of the computer system or systems during several executions of the calculation performed with different secret keys, at least one of which is known by the attacker (for example if he has been able, for at least one of these calculations, to set the secret key himself).
The cryptographic algorithms considered herein use a secret key to calculate a piece of output information from a piece of input information; this can involve an encryption, decryption, signature, signature verification, authentication or non-repudiation operation. They are constructed so that an attacker who knows the inputs and the outputs cannot in practice deduce any information on the secret key itself.
The invention herein is therefore interested in a broader class than the one traditionally designated by the expression secret key photographic algorithms, or symmetric algorithms. In particular, all of what is described in the present patent application also applies to so-called public key or asymmetric algorithms, which actually include two keys, one public, the other secret, the latter being the one sought by the attacks described below.