{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,5]],"date-time":"2026-06-05T04:34:15Z","timestamp":1780634055483,"version":"3.54.1"},"reference-count":32,"publisher":"MDPI AG","issue":"4","license":[{"start":{"date-parts":[[2023,11,29]],"date-time":"2023-11-29T00:00:00Z","timestamp":1701216000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["JCP"],"abstract":"<jats:p>Power-based Side-Channel Analysis (SCA) began with visual-based examinations and has progressed to utilize data-driven statistical analysis. Two distinct classifications of these methods have emerged over the years; those focused on leakage exploitation and those dedicated to leakage detection. This work primarily focuses on a leakage detection-based schema that utilizes Welch\u2019s t-test, known as Test Vector Leakage Assessment (TVLA). Both classes of methods process collected data using statistical frameworks that result in the successful exfiltration of information via SCA. Often, statistical testing used during analysis requires the assumption that collected power consumption data originates from a normal distribution. To date, this assumption has remained largely uncontested. This work seeks to demonstrate that while past studies have assumed the normality of collected power traces, this assumption should be properly evaluated. In order to evaluate this assumption, an implementation of Tiny-AES-c with nine unique substitution-box (s-box) configurations is conducted using TVLA to guide experimental design. By leveraging the complexity of the AES algorithm, a sufficiently diverse and complex dataset was developed. Under this dataset, statistical tests for normality such as the Shapiro-Wilk test and the Kolmogorov-Smirnov test provide significant evidence to reject the null hypothesis that the power consumption data is normally distributed. To address this observation, existing non-parametric equivalents such as the Wilcoxon Signed-Rank Test and the Kruskal-Wallis Test are discussed in relation to currently used parametric tests such as Welch\u2019s t-test.<\/jats:p>","DOI":"10.3390\/jcp3040038","type":"journal-article","created":{"date-parts":[[2023,11,29]],"date-time":"2023-11-29T03:53:52Z","timestamp":1701230032000},"page":"844-857","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["Challenging Assumptions of Normality in AES s-Box Configurations under Side-Channel Analysis"],"prefix":"10.3390","volume":"3","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7056-5785","authenticated-orcid":false,"given":"Clay","family":"Carper","sequence":"first","affiliation":[{"name":"Department of Electrical Engineering and Computer Science, University of Wyoming, Laramie, WY 82071, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-6463-9452","authenticated-orcid":false,"given":"Stone","family":"Olguin","sequence":"additional","affiliation":[{"name":"Department of Electrical Engineering and Computer Science, University of Wyoming, Laramie, WY 82071, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-3811-420X","authenticated-orcid":false,"given":"Jarek","family":"Brown","sequence":"additional","affiliation":[{"name":"Department of Electrical Engineering and Computer Science, University of Wyoming, Laramie, WY 82071, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-8483-6246","authenticated-orcid":false,"given":"Caylie","family":"Charlton","sequence":"additional","affiliation":[{"name":"Department of Electrical Engineering and Computer Science, University of Wyoming, Laramie, WY 82071, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9409-8245","authenticated-orcid":false,"given":"Mike","family":"Borowczak","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, University of Central Florida, Orlando, FL 32816, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2023,11,29]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Kocher, P., Jaffe, J., and Jun, B. (1999, January 15\u201319). Differential power analysis. Proceedings of the Annual International Cryptology Conference, Santa Barbara, CA, USA.","DOI":"10.1007\/3-540-48405-1_25"},{"key":"ref_2","first-page":"1","article-title":"Hardware Countermeasures against Power Analysis Attacks: A Survey from Past to Present","volume":"16","author":"Soares","year":"2021","journal-title":"J. Integr. Circuits Syst."},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Wang, X., Zheng, J., Wu, L., Zhu, J., and Hu, W. (2021, January 16\u201318). A Correlation Fault Attack on Rotating S-Box Masking AES. Proceedings of the 2021 Asian Hardware Oriented Security and Trust Symposium (AsianHOST), Shanghai, China.","DOI":"10.1109\/AsianHOST53231.2021.9699812"},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"1269","DOI":"10.1109\/TVLSI.2023.3297027","article-title":"TVLA*: Test Vector Leakage Assessment on Hardware Implementations of Asymmetric Cryptography Algorithms","volume":"31","author":"Jayasena","year":"2023","journal-title":"IEEE Trans. Very Large Scale Integr. (VLSI) Syst."},{"key":"ref_5","unstructured":"National Institute of Standards and Technology (2023, September 29). Advanced Encryption Standard. NIST FIPS PUB 197, Available online: https:\/\/nvlpubs.nist.gov\/nistpubs\/FIPS\/NIST.FIPS.197.pdf."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Daemen, J., and Rijmen, V. (2002). The Design of Rijndael, Springer. Information Security and Cryptography.","DOI":"10.1007\/978-3-662-04722-4"},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"16","DOI":"10.1007\/978-3-540-28632-5_2","article-title":"Correlation Power Analysis with a Leakage Model","volume":"Volume 3156","author":"Hutchison","year":"2004","journal-title":"Cryptographic Hardware and Embedded Systems-CHES 2004"},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Randolph, M., and Diehl, W. (2020). Power side-channel attack analysis: A review of 20 years of study for the layman. Cryptography, 4.","DOI":"10.3390\/cryptography4020015"},{"key":"ref_9","unstructured":"Mangard, S., Oswald, E., and Popp, T. (2007). Power Analysis Attacks, Springer."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Clavier, C., Coron, J.S., and Dabbous, N. (2000, January 17\u201318). Differential power analysis in the presence of hardware countermeasures. Proceedings of the International Workshop on Cryptographic Hardware and Embedded Systems, Worcester, MA, USA.","DOI":"10.1007\/3-540-44499-8_20"},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Kirch, W. (2008). Encyclopedia of Public Health, Springer.","DOI":"10.1007\/978-1-4020-5614-7"},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"012055","DOI":"10.1088\/1742-6596\/1972\/1\/012055","article-title":"Correlation Power Analysis of Lightweight Block Cipher Algorithm LiCi","volume":"1972","author":"Xia","year":"2021","journal-title":"J. Phys. Conf. Ser."},{"key":"ref_13","unstructured":"Goodwill, G., Jun, B., Jaffe, J., and Rohatgi, P. (2011). A Testing Methodology for Side-Channel Resistance Validation, Cryptography Research Inc."},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"157","DOI":"10.1080\/14786440009463897","article-title":"On the criterion that a given system of deviations from the probable in the case of a correlated system of variables is such that it can be reasonably supposed to have arisen from random sampling","volume":"50","author":"Pearson","year":"1900","journal-title":"Lond. Edinb. Dublin Philos. Mag. J. Sci."},{"key":"ref_15","first-page":"28","article-title":"The Generalization of \u2018Student\u2019s\u2019 Problem When Several Different Population Variances are Involved","volume":"34","author":"Welch","year":"1947","journal-title":"Biometrika"},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"143","DOI":"10.11613\/BM.2013.018","article-title":"The Chi-square test of independence","volume":"23","author":"McHugh","year":"2013","journal-title":"Biochem. Medica"},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"79","DOI":"10.1214\/aoms\/1177729694","article-title":"On Information and Sufficiency","volume":"22","author":"Kullback","year":"1951","journal-title":"Ann. Math. Stat."},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"He, M., Park, J., Nahiyan, A., Vassilev, A., Jin, Y., and Tehranipoor, M. (2019, January 23\u201325). RTL-PSC: Automated power side-channel leakage assessment at register-transfer level. Proceedings of the 2019 IEEE 37th VLSI Test Symposium (VTS), Monterey, CA, USA.","DOI":"10.1109\/VTS.2019.8758600"},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"1207","DOI":"10.1109\/TVLSI.2022.3175067","article-title":"Power Side-Channel Leakage Assessment Framework at Register-Transfer Level","volume":"30","author":"Pundir","year":"2022","journal-title":"IEEE Trans. Very Large Scale Integr. (VLSI) Syst."},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Zhang, T., Park, J., Tehranipoor, M., and Farahmandi, F. (2021, January 5\u20139). PSC-TG: RTL Power Side-Channel Leakage Assessment with Test Pattern Generation. Proceedings of the 2021 58th ACM\/IEEE Design Automation Conference (DAC), San Francisco, CA, USA.","DOI":"10.1109\/DAC18074.2021.9586210"},{"key":"ref_21","unstructured":"NewAE Technology (2023, September 29). CW1173: Chipwhisperer-Lite. Available online: https:\/\/media.newae.com\/datasheets\/NAE-CW1173_datasheet.pdf."},{"key":"ref_22","unstructured":"kokke (2023, September 29). tiny-AES-c: A Small Portable AES128\/192\/256 in C. Available online: https:\/\/github.com\/kokke\/tiny-AES-c."},{"key":"ref_23","unstructured":"Inc., NewAE Technology (2023, September 29). DPA on Firmware Implementation of AES. Available online: https:\/\/github.com\/newaetech\/chipwhisperer-jupyter."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Siddiqui, N., Yousaf, F., Murtaza, F., Ehatisham-ul Haq, M., Ashraf, M.U., Alghamdi, A.M., and Alfakeeh, A.S. (2020). A highly nonlinear substitution-box (S-box) design using action of modular group on a projective line over a finite field. PLoS ONE, 15.","DOI":"10.1371\/journal.pone.0241890"},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"807","DOI":"10.1007\/s11071-021-06308-3","article-title":"Design and application of an S-box using complete Latin square","volume":"104","author":"Hua","year":"2021","journal-title":"Nonlinear Dyn."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"189","DOI":"10.1080\/0161-110291890885","article-title":"A tutorial on linear and differential cryptanalysis","volume":"26","author":"Heys","year":"2002","journal-title":"Cryptologia"},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"591","DOI":"10.1093\/biomet\/52.3-4.591","article-title":"An analysis of variance test for normality (complete samples)","volume":"52","author":"Shapiro","year":"1965","journal-title":"Biometrika"},{"key":"ref_28","unstructured":"R Core Team (2021). R: A Language and Environment for Statistical Computing, R Foundation for Statistical Computing."},{"key":"ref_29","unstructured":"Conover, W. (1971). Chapter 6: Statistics of the Kolmogorov-Smirnov Type. Practical Nonparametric Statistics, John Wiley & Sons."},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Wilcoxon, F. (1945). Individual Comparisons by Ranking Methods. Biom. Bull., 1.","DOI":"10.2307\/3001968"},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"583","DOI":"10.1080\/01621459.1952.10483441","article-title":"Use of Ranks in One-Criterion Variance Analysis","volume":"47","author":"Kruskal","year":"1952","journal-title":"J. Am. Stat. Assoc."},{"key":"ref_32","unstructured":"Forthofer, R.N., Lee, E.S., and Hernandez, M. (2007). Biostatistics, Academic Press. [2nd ed.]."}],"container-title":["Journal of Cybersecurity and Privacy"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2624-800X\/3\/4\/38\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T21:33:03Z","timestamp":1760131983000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2624-800X\/3\/4\/38"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,29]]},"references-count":32,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2023,12]]}},"alternative-id":["jcp3040038"],"URL":"https:\/\/doi.org\/10.3390\/jcp3040038","relation":{},"ISSN":["2624-800X"],"issn-type":[{"value":"2624-800X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,11,29]]}}}