Abstract
With the renaissance of deep learning, the side-channel community also notices the potential of this technology, which is highly related to the profiling attacks in the side-channel context. Many papers have recently investigated the abilities of deep learning in profiling traces. Some of them also aim at the countermeasures (e.g., masking) simultaneously. Nevertheless, so far, all of these papers work with an (implicit) assumption that the number of time samples in raw traces can be reduced before the profiling, i.e., the position of points of interest (PoIs) can be manually located. This is arguably the most challenging part of a practical black-box analysis targeting an implementation protected by masking. Therefore, we argue that to fully utilize the potential of deep learning and get rid of any manual intervention, the end-to-end profiling directly mapping raw traces to target intermediate values is demanded.In this paper, we propose a neural network architecture that consists of encoders, attention mechanisms and a classifier, to conduct the end-to-end profiling. The networks built by our architecture could directly classify the traces that contain a large number of time samples (i.e., raw traces without manual feature extraction) while whose underlying implementation is protected by masking. We validate our networks on several public datasets, i.e., DPA contest v4 and ASCAD, where over 100,000 time samples are directly used in profiling. To our best knowledge, we are the first that successfully carry out end-to-end profiling attacks. The results on the datasets indicate that our networks could get rid of the tricky manual feature extraction. Moreover, our networks perform even systematically better (w.r.t. the number of traces in attacks) than those trained on the reduced traces. These validations imply our approach is not only a first but also a concrete step towards end-to-end profiling attacks in the side-channel context.
Highlights
Side-channel analysis (SCA), introduced in [Koc96] for the first time, takes advantage of the fact that cryptographic algorithms are not entirely black-box when implemented in the real world
We show the profiling and attack results on several datasets to evaluate the feasibility of the architecture when it faces the raw traces without any feature extraction
We carry out these experiments on the public datasets (e.g., Differential Power Analysis (DPA) contest, ASCAD) and traces collected from a microcontroller ATmega128A
Summary
Side-channel analysis (SCA), introduced in [Koc96] for the first time, takes advantage of the fact that cryptographic algorithms are not entirely black-box when implemented in the real world. It exploits the possible leakages of the sensitive internals via some side-channels, e.g., execution time, power consumption, electromagnetic radiation, etc., to recover the secret of a cryptographic device. We use the upper-case letter X to denote the random variables, the bold format X to denote the corresponding random vectors. We use sans-serif upper-case (e.g., H) and lower-case (e.g., h) letters to represent matrices and vectors, respectively, when describing the architecture of neural networks. We will omit the subscripts for conciseness whenever there is no ambiguity
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: IACR Transactions on Cryptographic Hardware and Embedded Systems
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
