Template attacks versus machine learning revisited and the curse of dimensionality in side-channel analysis: extended version

Template attacks and machine learning are two popular approaches to profiled side-channel analysis. In this paper, we aim to contribute to the understanding of their respective strengths and weaknesses, with a particular focus on their curse of dimensionality. For this purpose, we take advantage of a well-controlled simulated experimental setting in order to put forward two important aspects. First and from a theoretic point of view, the data complexity of template attacks is not sensitive to the dimension increase in side-channel traces given that their profiling is perfect. Second and from a practical point of view, concrete attacks are always affected by (estimation and assumption) errors during profiling. As these errors increase, machine learning gains interest compared to template attacks, especially when based on random forests. We then clarify these results thanks to the bias–variance decomposition of the error rate recently introduced in the context side-channel analysis.

[1]  Olivier Markowitch,et al.  Side channel attack: an approach based on machine learning , 2011 .

[2]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[3]  Gilles Louppe,et al.  Understanding Random Forests: From Theory to Practice , 2014, 1407.7502.

[4]  Romain Poussier,et al.  Score-Based vs. Probability-Based Enumeration - A Cautionary Note , 2016, INDOCRYPT.

[5]  Aurélien Francillon,et al.  Smart Card Research and Advanced Applications , 2013, Lecture Notes in Computer Science.

[6]  Moti Yung,et al.  A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks (extended version) , 2009, IACR Cryptol. ePrint Arch..

[7]  Stefan Mangard,et al.  One for all - all for one: unifying standard differential power analysis attacks , 2011, IET Inf. Secur..

[8]  Werner Schindler,et al.  How to Compare Profiled Side-Channel Attacks? , 2009, ACNS.

[9]  Johan A. K. Suykens,et al.  Least Squares Support Vector Machines , 2002 .

[10]  Olivier Markowitch,et al.  A machine learning approach against a masked AES , 2014, Journal of Cryptographic Engineering.

[11]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[12]  Romain Poussier,et al.  Template Attacks vs. Machine Learning Revisited (and the Curse of Dimensionality in Side-Channel Analysis) , 2015, COSADE.

[13]  Elisabeth Oswald,et al.  Reliable information extraction for single trace attacks , 2015, 2015 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[14]  Máire O'Neill,et al.  Neural network based attack on a masked implementation of AES , 2015, 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[15]  François-Xavier Standaert,et al.  An optimal Key Enumeration Algorithm and its Application to Side-Channel Attacks , 2012, IACR Cryptol. ePrint Arch..

[16]  Pedro M. Domingos A Unifeid Bias-Variance Decomposition and its Applications , 2000, ICML.

[17]  Kerstin Lemke-Rust,et al.  Efficient Template Attacks Based on Probabilistic Multi-class Support Vector Machines , 2012, CARDIS.

[18]  Zdenek Martinasek,et al.  Optimization of Power Analysis Using Neural Network , 2013, CARDIS.

[19]  Tong Zhang,et al.  An Introduction to Support Vector Machines and Other Kernel-Based Learning Methods , 2001, AI Mag..

[20]  François Durvaux,et al.  How to Certify the Leakage of a Chip? , 2014, IACR Cryptol. ePrint Arch..

[21]  Jason R. Hamlet,et al.  A new power-aware FPGA design metric , 2013, Journal of Cryptographic Engineering.

[22]  Nello Cristianini,et al.  An Introduction to Support Vector Machines and Other Kernel-based Learning Methods , 2000 .

[23]  Andreas Holzinger,et al.  Data Mining with Decision Trees: Theory and Applications , 2015, Online Inf. Rev..

[24]  Francis Olivier,et al.  Electromagnetic Analysis: Concrete Results , 2001, CHES.

[25]  Rusty O. Baldwin,et al.  Random Forest profiling attack on advanced encryption standard , 2014, Int. J. Appl. Cryptogr..

[26]  Christof Paar,et al.  Templates vs. Stochastic Methods , 2006, CHES.

[27]  Corinna Cortes,et al.  Support-Vector Networks , 1995, Machine Learning.

[28]  Joos Vandewalle,et al.  Machine learning in side-channel analysis: a first study , 2011, Journal of Cryptographic Engineering.

[29]  Christof Paar,et al.  A Stochastic Model for Differential Side Channel Cryptanalysis , 2005, CHES.

[30]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[31]  J. Jaffe,et al.  Side Channel Cryptanalysis Using Machine Learning Using an SVM to recover DES keys from a smart card . , 2012 .

[32]  Annelie Heuser,et al.  Intelligent Machine Homicide - Breaking Cryptographic Devices Using Support Vector Machines , 2012, COSADE.

[33]  Olivier Markowitch,et al.  Power analysis attack: an approach based on machine learning , 2014, Int. J. Appl. Cryptogr..

[34]  Leo Breiman,et al.  Random Forests , 2001, Machine Learning.

[35]  Olivier Markowitch,et al.  The bias–variance decomposition in profiled attacks , 2015, Journal of Cryptographic Engineering.

[36]  Denis Flandre,et al.  A Formal Study of Power Variability Issues and Side-Channel Attacks for Nanoscale Devices , 2011, EUROCRYPT.

[37]  Markus G. Kuhn,et al.  Efficient Template Attacks , 2013, CARDIS.

[38]  Pedro M. Domingos A Unified Bias-Variance Decomposition for Zero-One and Squared Loss , 2000, AAAI/IAAI.