Practical Aspects on Non-profiled Deep-learning Side-channel Attacks against AES Software Implementation with Two Types of Masking Countermeasures including RSM

Deep-learning side-channel attacks (DL-SCAs), applying deep neural networks (DNNs) to SCAs, are known that can easily attack some existing SCA countermeasures such as masking and random jitter. While there have been many studies on profiled DL-SCAs, a new approach that involves applying deep learning to non-profiled attacks was proposed in 2018. In our study, we investigate the structure of DNN models and attack points (PoI: Points of Interests) for non-profiled DL-SCAs using the ANSSI SCA database with a masking countermeasure. The results of investigations indicate that it is better to use a simple network model, apply regularization to prevent over-fitting, and select a wide range of power traces that contain side-channel information as the PoI. We also implemented AES-128 software implementation protected with the RSM (Rotating Sboxes Masking) countermeasure, which has never been attacked by non-profiled DL-SCAs, on the Xmega128 microcontroller and carried out non-profiled DL-SCAs against it. Non-profiled DL-SCAs successfully recovered all partial keys while the conventional power analysis could not. We conducted two types of experimental analyses to clarify that DL-SCAs learn mask-values used in the masking countermeasure. One is the-gradient visualization used in previous studies, and the other is a new analysis method using partial removal of power traces.

[1]  Christophe Giraud,et al.  An Implementation of DES and AES, Secure against Some Attacks , 2001, CHES.

[2]  Benjamin Timon,et al.  Non-Profiled Deep Learning-Based Side-Channel Attacks , 2019, IACR Cryptol. ePrint Arch..

[3]  Vincent Beroulle,et al.  On the Performance of Non-Profiled Differential Deep Learning Attacks against an AES Encryption Algorithm Protected using a Correlated Noise Generation based Hiding Countermeasure , 2020, 2020 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[4]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[5]  Sylvain Guilley,et al.  RSM: A small and fast countermeasure for AES, secure against 1st and 2nd-order zero-offset SCAs , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[6]  Cécile Canovas,et al.  Gradient Visualization for General Characterization in Profiling Attacks , 2019, IACR Cryptol. ePrint Arch..

[7]  Cécile Canovas,et al.  Study of Deep Learning Techniques for Side-Channel Analysis and Introduction to ASCAD Database , 2018, IACR Cryptol. ePrint Arch..

[8]  Scott Lundberg,et al.  A Unified Approach to Interpreting Model Predictions , 2017, NIPS.

[9]  Yoo-Seung Won,et al.  Non-Profiled Side-Channel Attack Based on Deep Learning Using Picture Trace , 2021, IEEE Access.

[10]  Yujie Zhou,et al.  Improved DPA attack on rotating S-boxes masking scheme , 2017, 2017 IEEE 9th International Conference on Communication Software and Networks (ICCSN).

[11]  Emmanuel Prouff,et al.  A Generic Method for Secure SBox Implementation , 2007, WISA.

[12]  Benjamin Timon Non-Profiled Deep Learning-based Side-Channel attacks with Sensitivity Analysis , 2019, IACR Transactions on Cryptographic Hardware and Embedded Systems.

[13]  Emmanuel Prouff,et al.  Breaking Cryptographic Implementations Using Deep Learning Techniques , 2016, SPACE.

[14]  Máire O'Neill,et al.  Neural network based attack on a masked implementation of AES , 2015, 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[15]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[16]  Emmanuel Prouff,et al.  Convolutional Neural Networks with Data Augmentation Against Jitter-Based Countermeasures - Profiling Attacks Without Pre-processing , 2017, CHES.