Mind the Portability: A Warriors Guide through Realistic Profiled Side-channel Analysis

Bhasin, Shivam; Chattopadhyay, Anupam; Heuser, Annelie; Jap, Dirmanto; Picek, Stjepan; Shrivastwa, Ritu Ranjan

doi:10.14722/ndss.2020.24390

Cited by 48 publications

(40 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Figure 5 shows the result (only two key bytes are shown for brevity) for attack in self and cross device setting. Indeed, there is degradation of 30-60% degradation in number of traces required, however this is much better than 2000% degradation reported for other devices [13]. 60% degradation correspond to few extra minutes of measurement time, making cross-device a serious threat to such hardware engines.…”

Section: Key Recovery Attack On Aes-256 With Device Intrinsic Keymentioning

confidence: 86%

“…only a few traces from victim device and leakage profile from the clone device, performs a key recovery attack on victim device. The use of deep neural networks (DNN) have made cross-device attacks effective [13], [14]. DNN are trained with SCA measurements from clone device with known leakage labels, while trained model is queried with unlabeled SCA traces from victim device.…”

Section: Key Recovery Attack On Aes-256 With Device Intrinsic Keymentioning

confidence: 99%

“…In cross-device setting, the clone device and victim device might differ due to process variations, making the learned model overfit for clone device. For example, [13] reported up to 20× degradation in attack performance in cross-device setting. We measured traces from two identical OKdo E1 development board: 100, 000 traces are measured from Device 1 for training the DNN while 20, 000 traces from Device 2 (victim).…”

Section: Key Recovery Attack On Aes-256 With Device Intrinsic Keymentioning

confidence: 99%

See 2 more Smart Citations

A Systematic Side-Channel Evaluation of Black Box AES in Secure MCU: Architecture Recovery and Retrieval of PUF Based Secret Key

Won

Bhasin

2021

2021 IEEE International Symposium on Circuits and Systems (ISCAS)

Self Cite

View full text Add to dashboard Cite

Modern microcontrollers (MCUs) come packed with features to support rising demand of security and privacy in different applications. Features like hardware support for cryptography, trusted execution environment, memory protection, etc are widely available. In this paper, we take a deeper look into ARM Cortex M33 microcontroller designed to support critical applications like point of sale, smart home, smart factory, etc. In particular, we demonstrate architecture recovery of black box AES engine using side-channel analysis. The architecture is then exploited through side-channels to recover device intrinsic keys based on physical unclonable functions. Finally, feasibility of cross-device attacks are investigated with deep learning based side-channel attacks. Our results give a better insight into embedded AES engine available off-the shelf and allow user to design secure applications knowing such vulnerabilities at design time.Index Terms-Hardware AES engine, Side-Channel Analysis, Deep Learning, Cross-device attack.1 The chip manufacturers do not claim side-channel security for embedded AES engine. We have notified our findings to NXP PSIRT team as part of responsible disclosure.

show abstract

Section: Key Recovery Attack On Aes-256 With Device Intrinsic Keymentioning

confidence: 86%

Section: Key Recovery Attack On Aes-256 With Device Intrinsic Keymentioning

confidence: 99%

Section: Key Recovery Attack On Aes-256 With Device Intrinsic Keymentioning

confidence: 99%

See 1 more Smart Citation

A Systematic Side-Channel Evaluation of Black Box AES in Secure MCU: Architecture Recovery and Retrieval of PUF Based Secret Key

Won

Bhasin

2021

2021 IEEE International Symposium on Circuits and Systems (ISCAS)

Self Cite

View full text Add to dashboard Cite

show abstract

“…The work of Choudary and Kuhn focuses on differences between devices when performing portable template attacks (considering mainly DC offset caused by temperature changes) [7]. Bhasin et al recently compared different machine learning techniques on the efficacy with respect to portability [3]. A common point in all those works is they identified the problem and try to amortize the penalty due to portability.…”

Section: Related Workmentioning

confidence: 99%

“…However, profiling traces obtained from a device different than the target device are not necessarily accurate due to variations between individual chips. This is the so-called issue of portability that has received wide coverage in many papers the last few years [3,6]. For dedicated security products such as smart cards it is often even infeasible to obtain an open device similar to the target device and profiling is simply out of the question.…”

Section: Introductionmentioning

confidence: 99%

Online Template Attack on ECDSA:

Roelofs

Samwel

Batina

et al. 2020

Progress in Cryptology - AFRICACRYPT 2020

View full text Add to dashboard Cite

We retrieve the ephemeral private key from the power trace of a single scalar multiplication in an ECDSA signature generation and from that the signing private key using an online template attack. The innovation is that we generate the profiling traces using ECDSA signature verification on the same device. The attack can be prevented by randomization of the (projective) coordinates of the base point.

show abstract

When Similarities Among Devices are Taken for Granted: Another Look at Portability

Rioja

Batina

Armendariz

2020

Progress in Cryptology - AFRICACRYPT 2020

View full text Add to dashboard Cite

The original idea of profiling implies attacking one device with a leakage model generated from an "identical copy", but this concept cannot be always enforced. The leakage model is commonly generated with traces from an "open device", assuming that a model which works for one device should work for another copy as well. In practice, applying a leakage model to a different copy of the same device (commonly called portability) is a hard problem to deal with, as intrinsic differences in the devices or the experimental setups used to obtain the traces cause behavioural variations which lead to an unsuccessful attack. In this paper we propose a novel similarity assessment technique that allows evaluators to quantify the differences among various copies of the same device. Moreover, we support this technique with actual experiments to show that this metric is directly related to the portability issue. Finally, we derive a method that improves the performance of template attacks.

show abstract

Mind the Portability: A Warriors Guide through Realistic Profiled Side-channel Analysis

Cited by 48 publications

References 24 publications

A Systematic Side-Channel Evaluation of Black Box AES in Secure MCU: Architecture Recovery and Retrieval of PUF Based Secret Key

A Systematic Side-Channel Evaluation of Black Box AES in Secure MCU: Architecture Recovery and Retrieval of PUF Based Secret Key

Online Template Attack on ECDSA:

When Similarities Among Devices are Taken for Granted: Another Look at Portability

Contact Info

Product

Resources

About