Random Forest profiling attack on advanced encryption standard

Random Forest, a non-parametric classifier, is proposed for byte-wise profiling attack on advanced encryption standard AES and shown to improve results on PIC microcontrollers, especially in high-dimensional variable spaces. It is shown in this research that data collected from 40 PIC microcontrollers exhibited highly non-Gaussian variables. For the full-dimensional dataset consisting of 50,000 variables, Random Forest correctly extracted all 16 bytes of the AES key. For a reduced set of 2,700 variables captured during the first round of the encryption, Random Forest achieved success rates as high as 100% for cross-device attacks on 40 PIC microcontrollers from four different device families. With further dimensionality reduction, Random Forest still outperformed classical template attack for this dataset, requiring fewer traces and achieving higher success rates with lower misclassification rate. The importance of analysing the system noise in choosing a classifier for profiling attack is examined and demonstrated through this work.

[1]  Emmanuel Prouff,et al.  Theoretical and practical aspects of mutual information-based side channel analysis , 2010, Int. J. Appl. Cryptogr..

[2]  Christof Paar,et al.  Templates vs. Stochastic Methods , 2006, CHES.

[3]  Rich Caruana,et al.  An empirical evaluation of supervised learning in high dimensions , 2008, ICML '08.

[4]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[5]  Sergios Theodoridis,et al.  Pattern Recognition, Fourth Edition , 2008 .

[6]  Luc Devroye,et al.  Consistency of Random Forests and Other Averaging Classifiers , 2008, J. Mach. Learn. Res..

[7]  Kilian Stoffel,et al.  Theoretical Comparison between the Gini Index and Information Gain Criteria , 2004, Annals of Mathematics and Artificial Intelligence.

[8]  Annelie Heuser,et al.  Intelligent Machine Homicide - Breaking Cryptographic Devices Using Support Vector Machines , 2012, COSADE.

[9]  Rich Caruana,et al.  Predicting good probabilities with supervised learning , 2005, ICML.

[10]  Joos Vandewalle,et al.  Machine learning in side-channel analysis: a first study , 2011, Journal of Cryptographic Engineering.

[11]  Christof Paar,et al.  A Stochastic Model for Differential Side Channel Cryptanalysis , 2005, CHES.

[12]  Eric Peeters,et al.  Template Attacks in Principal Subspaces , 2006, CHES.

[13]  Jasper G. J. van Woudenberg,et al.  Getting More from PCA: First Results of Using Principal Component Analysis for Extensive Power Analysis , 2012, CT-RSA.

[14]  Ingmar Nitze,et al.  COMPARISON OF MACHINE LEARNING ALGORITHMS RANDOM FOREST, ARTIFICIAL NEURAL NETWORK AND SUPPORT VECTOR MACHINE TO MAXIMUM LIKELIHOOD FOR SUPERVISED CROP TYPE CLASSIFICATION , 2012 .

[15]  Juan José Rodríguez Diez,et al.  An Experimental Study on Rotation Forest Ensembles , 2007, MCS.

[16]  Gérard Biau,et al.  Analysis of a Random Forests Model , 2010, J. Mach. Learn. Res..

[17]  Jianhua Wang,et al.  Evalution of Random Forest Ensemble Classification for Land Cover Mapping Using TM and Ancillary Geographical Data , 2009, 2009 Sixth International Conference on Fuzzy Systems and Knowledge Discovery.

[18]  Elisabeth Oswald,et al.  Practical Template Attacks , 2004, WISA.

[19]  Rusty O. Baldwin,et al.  Statistical analysis and comparison of linear regression attacks on the advanced encryption standard , 2015, Int. J. Inf. Commun. Technol..

[20]  Bjoern H. Menze,et al.  A comparison of random forest and its Gini importance with standard chemometric methods for the feature selection and classification of spectral data , 2009, BMC Bioinformatics.

[21]  Guido Bertoni,et al.  Security Evaluation of WDDL and SecLib Countermeasures against Power Attacks , 2008, IEEE Transactions on Computers.

[22]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[23]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[24]  Leo Breiman,et al.  Random Forests , 2001, Machine Learning.

[25]  Thomas S. Messerges,et al.  Investigations of Power Analysis Attacks on Smartcards , 1999, Smartcard.

[26]  Ramón Díaz-Uriarte,et al.  Gene selection and classification of microarray data using random forest , 2006, BMC Bioinformatics.

[27]  Yi Lin,et al.  Random Forests and Adaptive Nearest Neighbors , 2006 .

[28]  Benedikt Heinz,et al.  Localized Electromagnetic Analysis of Cryptographic Implementations , 2012, CT-RSA.

[29]  Peter A. Flach,et al.  Learning Decision Trees Using the Area Under the ROC Curve , 2002, ICML.

[30]  Michael A. Temple,et al.  Improving cross-device attacks using zero-mean unit-variance normalization , 2012, Journal of Cryptographic Engineering.

[31]  Olivier Markowitch,et al.  Side channel attack: an approach based on machine learning , 2011 .

[32]  Catherine H. Gebotys,et al.  EM Analysis of Rijndael and ECC on a Wireless Java-Based PDA , 2005, CHES.

[33]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[34]  François-Xavier Standaert,et al.  Using Subspace-Based Template Attacks to Compare and Combine Power and Electromagnetic Information Leakages , 2008, CHES.

[35]  Yung-Seop Lee,et al.  Enriched random forests , 2008, Bioinform..