Deep Learning-based Side-channel Analysis against AES Inner Rounds

Side-channel attacks (SCA) focus on vulnerabilities caused by insecure implementations and exploit them to deduce useful information about the data being processed or the data itself through leakages obtained from the device. There have been many studies exploiting these side-channel leakages, and most of the state-of-the-art attacks have been shown to work on systems implementing AES. The methodology is usually based on exploiting leakages for the outer rounds, i.e., the first and the last round. In some cases, due to partial countermeasures or the nature of the device itself, it might not be possible to attack the outer round leakages. In this case, the attacker has to resort to attacking the inner rounds. This work provides a generalization for inner round side-channel attacks on AES and experimentally validates it with non-profiled and profiled attacks. This work formulates the computation of the hypothesis values of any byte in the intermediate rounds. The more inner the AES round is, the higher is the attack complexity in terms of the number of bits to be guessed for the hypothesis. We discuss the main limitations for obtaining predictions in inner rounds and, in particular, we compare the performance of Correlation Power Analysis (CPA) against deep learning-based profiled side-channel attacks (DL-SCA). We demonstrate that because trained deep learning models require fewer traces in the attack phase, they also have fewer complexity limitations to attack inner AES rounds than non-profiled attacks such as CPA. This paper is the first to propose deep learning-based profiled attacks on inner rounds of AES under several time and memory constraints to the best of our knowledge.

[1]  Joos Vandewalle,et al.  Machine learning in side-channel analysis: a first study , 2011, Journal of Cryptographic Engineering.

[2]  Andrew Zisserman,et al.  Very Deep Convolutional Networks for Large-Scale Image Recognition , 2014, ICLR.

[3]  Krystal Meyers,et al.  Make some noise , 2008 .

[4]  Cécile Canovas,et al.  Study of Deep Learning Techniques for Side-Channel Analysis and Introduction to ASCAD Database , 2018, IACR Cryptol. ePrint Arch..

[5]  Stefan Mangard,et al.  An AES Smart Card Implementation Resistant to Power Analysis Attacks , 2006, ACNS.

[6]  Olivier Markowitch,et al.  A machine learning approach against a masked AES , 2014, Journal of Cryptographic Engineering.

[7]  Lilian Bossuet,et al.  Methodology for Efficient CNN Architectures in Profiling Attacks , 2019, IACR Cryptol. ePrint Arch..

[8]  Stefan Mangard,et al.  Protecting AES Software Implementations on 32-Bit Processors Against Power Analysis , 2007, ACNS.

[9]  Annelie Heuser,et al.  The Curse of Class Imbalance and Conflicting Metrics with Machine Learning for Side-channel Evaluations , 2018, IACR Cryptol. ePrint Arch..

[10]  Máire O'Neill,et al.  Neural network based attack on a masked implementation of AES , 2015, 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[11]  Bart Preneel,et al.  Revisiting a Methodology for Efficient CNN Architectures in Profiling Attacks , 2020, IACR Trans. Cryptogr. Hardw. Embed. Syst..

[12]  Gaël Thomas,et al.  A Multi-round Side Channel Attack on AES Using Belief Propagation , 2016, FPS.

[13]  François-Xavier Standaert,et al.  Soft Analytical Side-Channel Attacks , 2014, ASIACRYPT.

[14]  Stjepan Picek,et al.  Reinforcement Learning for Hyperparameter Tuning in Deep Learning-based Side-channel Analysis , 2021, IACR Cryptol. ePrint Arch..

[15]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[16]  Sayandeep Saha,et al.  Fault Template Attacks on Block Ciphers Exploiting Fault Propagation , 2020, EUROCRYPT.

[17]  Emmanuel Prouff,et al.  Breaking Cryptographic Implementations Using Deep Learning Techniques , 2016, SPACE.

[18]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[19]  Emmanuel Prouff,et al.  Convolutional Neural Networks with Data Augmentation Against Jitter-Based Countermeasures - Profiling Attacks Without Pre-processing , 2017, CHES.

[20]  Pankaj Rohatgi,et al.  Introduction to differential power analysis , 2011, Journal of Cryptographic Engineering.

[21]  Moti Yung,et al.  A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks (extended version) , 2009, IACR Cryptol. ePrint Arch..

[22]  Houssem Maghrebi,et al.  Deep Learning based Side-Channel Attack: a New Profiling Methodology based on Multi-Label Classification , 2020, IACR Cryptol. ePrint Arch..

[23]  Stjepan Picek,et al.  Strength in Numbers: Improving Generalization with Ensembles in Machine Learning-based Profiled Side-channel Analysis , 2020, IACR Trans. Cryptogr. Hardw. Embed. Syst..

[24]  Alan Hanjalic,et al.  Make Some Noise: Unleashing the Power of Convolutional Neural Networks for Profiled Side-channel Analysis , 2019, IACR Cryptol. ePrint Arch..

[25]  Jerry den Hartog,et al.  Principles on the Security of AES against First and Second-Order Differential Power Analysis , 2010, ACNS.