Side-channel analysis is a critical threat to cryptosystems on the Internet of Things and in relation to embedded devices, and appropriate side-channel countermeasure must be required for physical security. A combined countermeasure approach employing first-order masking and desynchronization simultaneously is a general and cost-efficient approach to counteracting side-channel analysis. With the development of side-channel countermeasures, there are plenty of advanced attacks introduced to defeat such countermeasures. At CARDIS 2013, Belgarric et al. first proposed time-frequency analysis, a promising attack regarding the complexity of computation and memory compared to other attacks, such as conventional second-order side-channel analysis after synchronization. Nevertheless, their time-frequency analysis seems to have lower performance than expected against some datasets protected by combined countermeasures. It is therefore required to study the factors that affect the performance of time-frequency analysis. In this paper, we investigate Belgarric et al.'s time-frequency analysis and conduct a mathematical analysis in regard to the preprocessing of frequency information for second-order side-channel analysis. Based on this analysis, we claim that zero-mean preprocessing enhances the performance of time-frequency analysis. We verify that our analysis is valid through experimental results from two datasets, which are different types of first-order masked Advanced Encryption Standard (AES) software implementations. The experimental results show that time-frequency analysis with zero-mean preprocessing seems to have an enhanced or complementary performance compared to the analysis without preprocessing.
Keywords: Fourier transform; desynchronization; hiding; masking; second-order side-channel analysis; time-frequency analysis.