A Semi-Parametric Approach for Side-Channel Attacks on Protected RSA Implementations

Abstract

Side-channel attacks on RSA aim at recovering the secret exponent by processing multiple power or electromagnetic traces. The exponent blinding is the main countermeasure which avoids the application of classical forms of side-channel attacks, like SPA, DPA, CPA and template attacks. Horizontal attacks overcome RSA countermeasures by attacking single traces. However, the processing of a single trace is limited by the amount of information and the leakage assessment using labeled samples is not possible due to the exponent blinding countermeasure. In order to overcome these drawbacks, we propose a side-channel attack framework based on a semi-parametric approach that combines the concepts of unsupervised learning, horizontal attacks, maximum likelihood estimation and template attacks in order to recover the exponent bits. Our method is divided in two main parts: learning and attacking phases. The learning phase consists of identifying the class parameters contained in the power traces representing the loop of the exponentiation. We propose a leakage assessment based on unsupervised learning to identify points of interest in a blinded exponentiation. The attacking phase executes a horizontal attack based on clustering algorithms to provide labeled information. Furthermore, it computes confidence probabilities for all exponent bits. These probabilities indicate how much our semi-parametric approach is able to learn about the class parameters from the side-channel information. To demonstrate the power of our framework we attack the private exponent $$d_{p}$$ of the 1024-bit RSA-CRT implementation protected by the SPA, 32-bit message blinding, and 64-bit exponent blinding countermeasures; the implementation runs on a 32-bit STM32F4 microcontroller.