My Traces Learn What You Did in the Dark: Recovering Secret Signals Without Key Guesses

In side channel attack (SCA) studies, it is widely believed that unprotected implementations leak information about the intermediate states of the internal cryptographic process. However, directly recovering the intermediate states is not common practice in today’s SCA study. Instead, most SCAs exploit the leakages in a “guess-and-determine” way, where they take a partial key guess, compute the corresponding intermediate states, then try to identify which one fits the observed leakages better. In this paper, we ask whether it is possible to take the other way around—directly learning the intermediate states from the side channel leakages. Under certain circumstances, we find that the intermediate states can be efficiently recovered with the well-studied Independent Component Analysis (ICA). Specifically, we propose several methods to convert the side channel leakages into effective ICA observations. For more robust recovery, we also present a specialized ICA algorithm which exploits the specific features of circuit signals. Experiments confirm the validity of our analysis in various circumstances, where most intermediate states can be correctly recovered with only a few hundred traces. Our approach brings new possibilities to the current SCA study, including building an alternative SCA distinguisher, directly attacking the middle encryption rounds and reverse engineering with fewer restrictions. Considering its potential in more advanced applications, we believe our ICA-based SCA deserves more research attention in the future study.

[1]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[2]  Terrence J. Sejnowski,et al.  An Information-Maximization Approach to Blind Separation and Blind Deconvolution , 1995, Neural Computation.

[3]  François-Xavier Standaert,et al.  Using Subspace-Based Template Attacks to Compare and Combine Power and Electromagnetic Information Leakages , 2008, CHES.

[4]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[5]  Dakshi Agrawal,et al.  The EM Side-Channel(s) , 2002, CHES.

[6]  Roman Novak,et al.  Side-Channel Attack on Substitution Blocks , 2003, ACNS.

[7]  Jean-Franois Cardoso High-Order Contrasts for Independent Component Analysis , 1999, Neural Computation.

[8]  Frédéric Valette,et al.  SCARE of the DES , 2005, ACNS.

[9]  François-Xavier Standaert,et al.  Univariate side channel attacks and leakage modeling , 2011, Journal of Cryptographic Engineering.

[10]  Jean Bourgain,et al.  On the singularity probability of discrete random matrices , 2009, 0905.0461.

[11]  Christophe Clavier,et al.  Complete SCARE of AES-Like Block Ciphers by Chosen Plaintext Collision Power Analysis , 2013, INDOCRYPT.

[12]  Adel Belouchrani,et al.  Maximum Likelihood Source Separation By the Expectation-Maximization Technique: Deterministic and St , 1995 .

[13]  Jing Lin,et al.  Fault feature separation using wavelet-ICA filter , 2005 .

[14]  Adi Shamir,et al.  RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis , 2014, CRYPTO.

[15]  Christophe Clavier An Improved SCARE Cryptanalysis Against a Secret A3/A8 GSM Algorithm , 2007, ICISS.

[16]  Denis Réal,et al.  Defeating Any Secret Cryptography with SCARE Attacks , 2010, LATINCRYPT.

[17]  M.E. Davies,et al.  Source separation using single channel ICA , 2007, Signal Process..

[18]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[19]  François-Xavier Standaert,et al.  Unified and optimized linear collision attacks and their application in a non-profiled setting: extended version , 2012, Journal of Cryptographic Engineering.

[20]  Sabine Van Huffel,et al.  Source Separation From Single-Channel Recordings by Combining Empirical-Mode Decomposition and Independent Component Analysis , 2010, IEEE Transactions on Biomedical Engineering.

[21]  Sylvain Guilley,et al.  NICV: Normalized inter-class variance for detection of side-channel leakage , 2014, 2014 International Symposium on Electromagnetic Compatibility, Tokyo.

[22]  Eric Peeters,et al.  Template Attacks in Principal Subspaces , 2006, CHES.

[23]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[24]  Thomas Roche,et al.  SCARE of Secret Ciphers with SPN Structures , 2013, ASIACRYPT.

[25]  François-Xavier Standaert,et al.  Blind Source Separation from Single Measurements Using Singular Spectrum Analysis , 2015, CHES.

[26]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[27]  Aapo Hyvärinen,et al.  Fast and robust fixed-point algorithms for independent component analysis , 1999, IEEE Trans. Neural Networks.

[28]  Michael I. Jordan,et al.  Kernel independent component analysis , 2003 .

[29]  Erkki Oja,et al.  Independent component analysis: algorithms and applications , 2000, Neural Networks.

[30]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.