X-DeepSCA: Cross-Device Deep Learning Side Channel Attack*

This article, for the first time, demonstrates Cross-device Deep Learning Side-Channel Attack (X-DeepSCA), achieving an accuracy of > 99.9%, even in presence of significantly higher inter-device variations compared to the inter-key variations. Augmenting traces captured from multiple devices for training and with proper choice of hyper-parameters, the proposed 256-class Deep Neural Network (DNN) learns accurately from the power side-channel leakage of an AES-128 target encryption engine, and an N-trace (N ≤ 10) X-DeepSCA attack breaks different target devices within seconds compared to a few minutes for a correlational power analysis (CPA) attack, thereby increasing the threat surface for embedded devices significantly. Even for low SNR scenarios, the proposed X-DeepSCA attack achieves ~ 10× lower minimum traces to disclosure (MTD) compared to a traditional CPA. CCS Concepts • Security and privacy $\rightarrow $ Embedded systems security; Side-channel analysis and countermeasures.

[1]  Michael A. Temple,et al.  Improving cross-device attacks using zero-mean unit-variance normalization , 2012, Journal of Cryptographic Engineering.

[2]  Markus G. Kuhn,et al.  Efficient, Portable Template Attacks , 2018, IEEE Transactions on Information Forensics and Security.

[3]  Olivier Markowitch,et al.  Power analysis attack: an approach based on machine learning , 2014, Int. J. Appl. Cryptogr..

[4]  Romain Poussier,et al.  Template attacks versus machine learning revisited and the curse of dimensionality in side-channel analysis: extended version , 2018, Journal of Cryptographic Engineering.

[5]  Cécile Canovas,et al.  Study of Deep Learning Techniques for Side-Channel Analysis and Introduction to ASCAD Database , 2018, IACR Cryptol. ePrint Arch..

[6]  Guilherme Perin,et al.  Lowering the Bar : Deep Learning for Side-Channel Analysis ( WhitePaper ) , 2018 .

[7]  Elisabeth Oswald,et al.  Practical Template Attacks , 2004, WISA.

[8]  Santosh Ghosh,et al.  ASNI: Attenuated Signature Noise Injection for Low-Overhead Power Side-Channel Attack Immunity , 2018, IEEE Transactions on Circuits and Systems I: Regular Papers.

[9]  Kerstin Lemke-Rust,et al.  Efficient Template Attacks Based on Probabilistic Multi-class Support Vector Machines , 2012, CARDIS.

[10]  Shreyas Sen,et al.  High efficiency power side-channel attack immunity using noise injection in attenuated signature domain , 2017, 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[11]  Máire O'Neill,et al.  Neural network based attack on a masked implementation of AES , 2015, 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[12]  William P. Marnane,et al.  Empirical evaluation of multi-device profiling side-channel attacks , 2014, 2014 IEEE Workshop on Signal Processing Systems (SiPS).

[13]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[14]  Shreyas Sen,et al.  STELLAR: A Generic EM Side-Channel Attack Protection through Ground-Up Root-cause Analysis , 2019, 2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[15]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[16]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[17]  Herbert Bos,et al.  Research in Attacks, Intrusions, and Defenses , 2015, Lecture Notes in Computer Science.

[18]  Olivier Markowitch,et al.  A Time Series Approach for Profiling Attack , 2013, SPACE.

[19]  Emmanuel Prouff,et al.  Breaking Cryptographic Implementations Using Deep Learning Techniques , 2016, SPACE.

[20]  David Brumley,et al.  Remote timing attacks are practical , 2003, Comput. Networks.

[21]  Denis Flandre,et al.  A Formal Study of Power Variability Issues and Side-Channel Attacks for Nanoscale Devices , 2011, EUROCRYPT.

[22]  Christof Paar,et al.  Black-Box Side-Channel Attacks Highlight the Importance of Countermeasures - An Analysis of the Xilinx Virtex-4 and Virtex-5 Bitstream Encryption Mechanism , 2012, CT-RSA.

[23]  Olivier Markowitch,et al.  A machine learning approach against a masked AES , 2014, Journal of Cryptographic Engineering.

[24]  Cécile Canovas,et al.  Convolutional Neural Networks with Data Augmentation Against Jitter-Based Countermeasures - Profiling Attacks Without Pre-processing , 2017, CHES.

[25]  Joos Vandewalle,et al.  Machine learning in side-channel analysis: a first study , 2011, Journal of Cryptographic Engineering.

[26]  Christof Paar,et al.  On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoqCode Hopping Scheme , 2008, CRYPTO.

[27]  Yuan Yu,et al.  TensorFlow: A system for large-scale machine learning , 2016, OSDI.

[28]  Francis Olivier,et al.  Electromagnetic Analysis: Concrete Results , 2001, CHES.

[29]  Sergey Ioffe,et al.  Batch Normalization: Accelerating Deep Network Training by Reducing Internal Covariate Shift , 2015, ICML.

[30]  Christof Paar,et al.  Side-Channel Attacks on the Yubikey 2 One-Time Password Generator , 2013, RAID.

[31]  Christof Paar,et al.  Breaking Mifare DESFire MF3ICD40: Power Analysis and Templates in the Real World , 2011, CHES.