Practical aspects on non-profiled deep-learning side-channel attacks against AES software implementation with two types of masking countermeasures including RSM
Kunihiro Kuroda, Yuta Fukuda, Kota Yoshida, Takeshi Fujino
{"title":"Practical aspects on non-profiled deep-learning side-channel attacks against AES software implementation with two types of masking countermeasures including RSM","authors":"Kunihiro Kuroda, Yuta Fukuda, Kota Yoshida, Takeshi Fujino","doi":"10.1007/s13389-023-00312-6","DOIUrl":null,"url":null,"abstract":"Abstract Deep-learning side-channel attacks, applying deep neural networks to side-channel attacks, are known that can easily attack some existing side-channel attack countermeasures such as masking and random jitter. While there have been many studies on profiled deep-learning side-channel attacks, a new approach that involves applying deep learning to non-profiled attacks was proposed in 2018. In our study, we investigate the structure of multi-layer perceptrons and points of interest for non-profiled deep-learning side-channel attacks using the ANSSI database with a masking countermeasure. The results of investigations indicate that it is better to use a simple network model, apply regularization to prevent over-fitting, and select a wide range of power traces that contain side-channel information as the points of interest. We also implemented AES-128 software implementation protected with the Rotating Sboxes Masking countermeasure, which has never been attacked by non-profiled deep-learning side-channel attacks, on the Xmega128 microcontroller and carried out non-profiled deep-learning side-channel attacks against it. Non-profiled deep-learning side-channel attacks successfully recovered all partial keys while the conventional power analysis could not. The attack results also showed that the least significant bit is the adequate selection for successful non-profiled deep-learning side-channel attacks, but the best labeling method may vary depending on the implementation of the countermeasure algorithm. We conducted two experimental analyses to clarify that deep-learning side-channel attacks learn mask values used in the masking countermeasure. One is the gradient visualization used in previous studies, and the other is a new analysis method using partial removal of power traces.","PeriodicalId":48508,"journal":{"name":"Journal of Cryptographic Engineering","volume":"62 1","pages":"0"},"PeriodicalIF":1.5000,"publicationDate":"2023-03-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cryptographic Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1007/s13389-023-00312-6","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 13
Abstract
Abstract Deep-learning side-channel attacks, applying deep neural networks to side-channel attacks, are known that can easily attack some existing side-channel attack countermeasures such as masking and random jitter. While there have been many studies on profiled deep-learning side-channel attacks, a new approach that involves applying deep learning to non-profiled attacks was proposed in 2018. In our study, we investigate the structure of multi-layer perceptrons and points of interest for non-profiled deep-learning side-channel attacks using the ANSSI database with a masking countermeasure. The results of investigations indicate that it is better to use a simple network model, apply regularization to prevent over-fitting, and select a wide range of power traces that contain side-channel information as the points of interest. We also implemented AES-128 software implementation protected with the Rotating Sboxes Masking countermeasure, which has never been attacked by non-profiled deep-learning side-channel attacks, on the Xmega128 microcontroller and carried out non-profiled deep-learning side-channel attacks against it. Non-profiled deep-learning side-channel attacks successfully recovered all partial keys while the conventional power analysis could not. The attack results also showed that the least significant bit is the adequate selection for successful non-profiled deep-learning side-channel attacks, but the best labeling method may vary depending on the implementation of the countermeasure algorithm. We conducted two experimental analyses to clarify that deep-learning side-channel attacks learn mask values used in the masking countermeasure. One is the gradient visualization used in previous studies, and the other is a new analysis method using partial removal of power traces.
期刊介绍:
The Journal of Cryptographic Engineering (JCEN) presents high-quality scientific research on architectures, algorithms, techniques, tools, implementations and applications in cryptographic engineering, including cryptographic hardware, cryptographic embedded systems, side-channel attacks and countermeasures, and embedded security. JCEN serves the academic and corporate R&D community interested in cryptographic hardware and embedded security.JCEN publishes essential research on broad and varied topics including:Public-key cryptography, secret-key cryptography and post-quantum cryptographyCryptographic implementations include cryptographic processors, physical unclonable functions, true and deterministic random number generators, efficient software and hardware architecturesAttacks on implementations and their countermeasures, such as side-channel attacks, fault attacks, hardware tampering and reverse engineering techniquesSecurity evaluation of real-world cryptographic systems, formal methods and verification tools for secure embedded design that offer provable security, and metrics for measuring securityApplications of state-of-the-art cryptography, such as IoTs, RFIDs, IP protection, cyber-physical systems composed of analog and digital components, automotive security and trusted computing