为了评估Piccolo密码算法的功耗分析安全性，该文提出一种针对Piccolo末轮的攻击模型，基于SASEBO (Side-channel Attack Standard Evaluation BOard)实测功耗数据对该算法进行了相关性功耗分析攻击。针对Piccolo末轮运算中包含白化密钥的特点，将末轮攻击密钥(包括轮密钥RK24L, RK24R, WK2, WK3)分成4段子密钥，逐个完成各个子密钥的攻击，使80位种子密钥的搜索空间从280降低到(2220+2212+216)，使种子密钥的恢复成为可能。攻击结果表明，在实测功耗数据情况下，3000条功耗曲线即可恢复80位种子密钥，证实了该攻击模型的有效性和Piccolo硬件面向功耗分析的脆弱性，研究并采取切实有效的防护措施势在必行。
To evaluate Piccolos security against Power Analysis Attack (PAA), a cipher text attack model is proposed and Correlation Power Analysis (CPA) is conducted on this cipher implementation with measured power traces based on Side-channel Attack Standard Evaluation BOard (SASEBO). Due to the whiten keys for the final round of Piccolo, attacked keys including RK24L, RK24R, WK2 and WK3 are divided into four sub-keys, which are disclosed one by one. This approach can reduce the 80-bit primary key search space from 280 to (2220+2212+216) and make it possible to recover the primary key. The attack results show that 3000 measured power traces are enough to recover Piccolos 80-bit primary key, which proves the attack models feasibility and Piccolos vulnerability to CPA against its hardware implementation. So, some countermeasures should be used for Piccolos hardware implementation.