Template attacks versus machine learning revisited and the curse of dimensionality in side-channel analysis: extended version

Lerman, Liran; Poussier, Romain; Markowitch, Olivier; Standaert, François‐Xavier

doi:10.1007/s13389-017-0162-9

Cited by 40 publications

(27 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In 2002, the first profiled attack was introduced by [CRR03], but their proposal was limited by the computational complexity. Very similar to profiled attacks, the application of machine learning algorithms was inevitably explored in the side-channel context [HGM + 11, BL12, HZ12, LBM14,LPMS18].…”

Section: Introductionmentioning

confidence: 99%

Methodology for Efficient CNN Architectures in Profiling Attacks

Zaid

Bossuet

Habrard

et al. 2019

TCHES

117

View full text Add to dashboard Cite

The side-channel community recently investigated a new approach, based on deep learning, to significantly improve profiled attacks against embedded systems. Previous works have shown the benefit of using convolutional neural networks (CNN) to limit the effect of some countermeasures such as desynchronization. Compared with template attacks, deep learning techniques can deal with trace misalignment and the high dimensionality of the data. Pre-processing is no longer mandatory. However, the performance of attacks depends to a great extent on the choice of each hyperparameter used to configure a CNN architecture. Hence, we cannot perfectly harness the potential of deep neural networks without a clear understanding of the network’s inner-workings. To reduce this gap, we propose to clearly explain the role of each hyperparameters during the feature selection phase using some specific visualization techniques including Weight Visualization, Gradient Visualization and Heatmaps. By highlighting which features are retained by filters, heatmaps come in handy when a security evaluator tries to interpret and understand the efficiency of CNN. We propose a methodology for building efficient CNN architectures in terms of attack efficiency and network complexity, even in the presence of desynchronization. We evaluate our methodology using public datasets with and without desynchronization. In each case, our methodology outperforms the previous state-of-the-art CNN models while significantly reducing network complexity. Our networks are up to 25 times more efficient than previous state-of-the-art while their complexity is up to 31810 times smaller. Our results show that CNN networks do not need to be very complex to perform well in the side-channel context.

show abstract

Section: Introductionmentioning

confidence: 99%

Methodology for Efficient CNN Architectures in Profiling Attacks

Zaid

Bossuet

Habrard

et al. 2019

TCHES

117

View full text Add to dashboard Cite

show abstract

“…Measurements are also noisy (due to interference and fading effects) and highly dimensional (in terms of samples per trace), which complicates the issue further. Although classic TAs consider multiple time units as well [CRR02], they are not suited for high-dimensional data [CDP17,LPMS17].…”

Section: Correlation Optimizationmentioning

confidence: 99%

Improving CEMA using Correlation Optimization

Robyns

Quax

Lamotte

2018

TCHES

View full text Add to dashboard Cite

Sensitive cryptographic information, e.g. AES secret keys, can be extracted from the electromagnetic (EM) leakages unintentionally emitted by a device using techniques such as Correlation Electromagnetic Analysis (CEMA). In this paper, we introduce Correlation Optimization (CO), a novel approach that improves CEMA attacks by formulating the selection of useful EM leakage samples in a trace as a machine learning optimization problem. To this end, we propose the correlation loss function, which aims to maximize the Pearson correlation between a set of EM traces and the true AES key during training. We show that CO works with high-dimensional and noisy traces, regardless of time-domain trace alignment and without requiring prior knowledge of the power consumption characteristics of the cryptographic hardware. We evaluate our approach using the ASCAD benchmark dataset and a custom dataset of EM leakages from an Arduino Duemilanove, captured with a USRP B200 SDR. Our results indicate that the masked AES implementation used in all three ASCAD datasets can be broken with a shallow Multilayer Perceptron model, whilst requiring only 1,000 test traces on average. A similar methodology was employed to break the unprotected AES implementation from our custom dataset, using 22,000 unaligned and unfiltered test traces.

show abstract

“…In traditional non-profiled attacks, such as differential and correlation power analysis (DPA [1]/CPA [9]) attacks, the attacker gathers power traces from a target device and uses statistical techniques, such as the difference of mean traces or Pearson Correlation Coefficient to break the secret key. On the other hand, profiling-based attacks [8], [10], [11] assume the worst-case scenario from the perspective of the target crypto engine, where the adversary is assumed to possess an identical device to profile the leakage patterns for all possible combinations for a keybyte (profiling or training phase), and use this prior knowledge to identify the secret key of the victim's crypto engine (online or test phase). Such an attack has been demonstrated on a commercially available contactless smart card in [12].…”

Section: Introduction a Motivationmentioning

confidence: 99%

“…The advantage of deep learning based attacks is that not only do they perform as good as the template-based attacks, they do not require extensive statistical analysis to identify POIs. Moreover, as the number of dimensions increase, machine learning based attacks start to gain interest, because increase in number of non-informative points in POIs degrades performance of template attacks [11]. But these ML-based approaches mentioned above rely on the assumption that the leakage profile from the profiling and the target devices are similar.…”

Section: Introduction a Motivationmentioning

confidence: 99%

Practical Approaches Toward Deep-Learning-Based Cross-Device Power Side-Channel Attack

Golder

Das

Danial

et al. 2019

IEEE Trans. VLSI Syst.

View full text Add to dashboard Cite

Power side-channel analysis (SCA) has been of immense interest to most embedded designers to evaluate the physical security of the system. This work presents profiling-based cross-device power SCA attacks using deep learning techniques on 8-bit AVR microcontroller devices running AES-128. Firstly, we show the practical issues that arise in these profiling-based cross-device attacks due to significant device-to-device variations. Secondly, we show that utilizing Principal Component Analysis (PCA) based pre-processing and multi-device training, a Multi-Layer Perceptron (MLP) based 256-class classifier can achieve an average accuracy of 99.43% in recovering the first key byte from all the 30 devices in our data set, even in the presence of significant inter-device variations. Results show that the designed MLP with PCA-based pre-processing outperforms a Convolutional Neural Network (CNN) with 4-device training by ∼ 20% in terms of the average test accuracy of cross-device attack for the aligned traces captured using the ChipWhisperer hardware. Finally, to extend the practicality of these cross-device attacks, another preprocessing step, namely, Dynamic Time Warping (DTW) has been utilized to remove any misalignment among the traces, before performing PCA. DTW along with PCA followed by the 256-class MLP classifier provides ≥10.97% higher accuracy than the CNN based approach for cross-device attack even in the presence of up to 50 time-sample misalignments between the traces.

show abstract

Template attacks versus machine learning revisited and the curse of dimensionality in side-channel analysis: extended version

Cited by 40 publications

References 32 publications

Methodology for Efficient CNN Architectures in Profiling Attacks

Methodology for Efficient CNN Architectures in Profiling Attacks

Improving CEMA using Correlation Optimization

Practical Approaches Toward Deep-Learning-Based Cross-Device Power Side-Channel Attack

Contact Info

Product

Resources

About