Practical aspects on non-profiled deep-learning side-channel attacks against AES software implementation with two types of masking countermeasures including RSM

IF 1.5 4区计算机科学 Q2 COMPUTER SCIENCE, THEORY & METHODS

Journal of Cryptographic Engineering Pub Date : 2023-03-27 DOI:10.1007/s13389-023-00312-6

Kunihiro Kuroda, Yuta Fukuda, Kota Yoshida, Takeshi Fujino

{"title":"Practical aspects on non-profiled deep-learning side-channel attacks against AES software implementation with two types of masking countermeasures including RSM","authors":"Kunihiro Kuroda, Yuta Fukuda, Kota Yoshida, Takeshi Fujino","doi":"10.1007/s13389-023-00312-6","DOIUrl":null,"url":null,"abstract":"Abstract Deep-learning side-channel attacks, applying deep neural networks to side-channel attacks, are known that can easily attack some existing side-channel attack countermeasures such as masking and random jitter. While there have been many studies on profiled deep-learning side-channel attacks, a new approach that involves applying deep learning to non-profiled attacks was proposed in 2018. In our study, we investigate the structure of multi-layer perceptrons and points of interest for non-profiled deep-learning side-channel attacks using the ANSSI database with a masking countermeasure. The results of investigations indicate that it is better to use a simple network model, apply regularization to prevent over-fitting, and select a wide range of power traces that contain side-channel information as the points of interest. We also implemented AES-128 software implementation protected with the Rotating Sboxes Masking countermeasure, which has never been attacked by non-profiled deep-learning side-channel attacks, on the Xmega128 microcontroller and carried out non-profiled deep-learning side-channel attacks against it. Non-profiled deep-learning side-channel attacks successfully recovered all partial keys while the conventional power analysis could not. The attack results also showed that the least significant bit is the adequate selection for successful non-profiled deep-learning side-channel attacks, but the best labeling method may vary depending on the implementation of the countermeasure algorithm. We conducted two experimental analyses to clarify that deep-learning side-channel attacks learn mask values used in the masking countermeasure. One is the gradient visualization used in previous studies, and the other is a new analysis method using partial removal of power traces.","PeriodicalId":48508,"journal":{"name":"Journal of Cryptographic Engineering","volume":"62 1","pages":"0"},"PeriodicalIF":1.5000,"publicationDate":"2023-03-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cryptographic Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1007/s13389-023-00312-6","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}

引用次数: 13

Abstract

Abstract Deep-learning side-channel attacks, applying deep neural networks to side-channel attacks, are known that can easily attack some existing side-channel attack countermeasures such as masking and random jitter. While there have been many studies on profiled deep-learning side-channel attacks, a new approach that involves applying deep learning to non-profiled attacks was proposed in 2018. In our study, we investigate the structure of multi-layer perceptrons and points of interest for non-profiled deep-learning side-channel attacks using the ANSSI database with a masking countermeasure. The results of investigations indicate that it is better to use a simple network model, apply regularization to prevent over-fitting, and select a wide range of power traces that contain side-channel information as the points of interest. We also implemented AES-128 software implementation protected with the Rotating Sboxes Masking countermeasure, which has never been attacked by non-profiled deep-learning side-channel attacks, on the Xmega128 microcontroller and carried out non-profiled deep-learning side-channel attacks against it. Non-profiled deep-learning side-channel attacks successfully recovered all partial keys while the conventional power analysis could not. The attack results also showed that the least significant bit is the adequate selection for successful non-profiled deep-learning side-channel attacks, but the best labeling method may vary depending on the implementation of the countermeasure algorithm. We conducted two experimental analyses to clarify that deep-learning side-channel attacks learn mask values used in the masking countermeasure. One is the gradient visualization used in previous studies, and the other is a new analysis method using partial removal of power traces.

查看原文本刊更多论文

采用包括RSM在内的两种掩蔽对策实现针对AES软件的非配置深度学习侧信道攻击的实践方面

摘要深度学习侧信道攻击是将深度神经网络应用于侧信道攻击的一种方法，它可以很容易地攻击现有的一些侧信道攻击对策，如掩蔽和随机抖动。虽然已经有很多关于深度学习侧信道攻击的研究，但2018年提出了一种将深度学习应用于非侧信道攻击的新方法。在我们的研究中，我们使用带有掩蔽对策的ANSSI数据库研究了多层感知器的结构和非轮廓深度学习侧信道攻击的兴趣点。研究结果表明，最好使用简单的网络模型，应用正则化以防止过拟合，并选择包含侧信道信息的大范围功率走线作为感兴趣点。我们还在Xmega128微控制器上实现了受旋转Sboxes掩蔽对策保护的AES-128软件实现，该对策从未受到非配置深度学习侧信道攻击的攻击，并对其进行了非配置深度学习侧信道攻击。非轮廓深度学习侧信道攻击成功地恢复了所有部分密钥，而传统的功率分析无法恢复。攻击结果还表明，最小有效位是成功的非轮廓深度学习侧信道攻击的充分选择，但最佳标记方法可能因对策算法的实现而异。我们进行了两个实验分析，以阐明深度学习侧信道攻击学习掩码对策中使用的掩码值。一种是以往研究中使用的梯度可视化方法，另一种是采用部分去除功率走线的新型分析方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Cryptographic Engineering COMPUTER SCIENCE, THEORY & METHODS-

CiteScore

4.70

自引率

0.00%

发文量

期刊介绍： The Journal of Cryptographic Engineering (JCEN) presents high-quality scientific research on architectures, algorithms, techniques, tools, implementations and applications in cryptographic engineering, including cryptographic hardware, cryptographic embedded systems, side-channel attacks and countermeasures, and embedded security. JCEN serves the academic and corporate R&D community interested in cryptographic hardware and embedded security.JCEN publishes essential research on broad and varied topics including:Public-key cryptography, secret-key cryptography and post-quantum cryptographyCryptographic implementations include cryptographic processors, physical unclonable functions, true and deterministic random number generators, efficient software and hardware architecturesAttacks on implementations and their countermeasures, such as side-channel attacks, fault attacks, hardware tampering and reverse engineering techniquesSecurity evaluation of real-world cryptographic systems, formal methods and verification tools for secure embedded design that offer provable security, and metrics for measuring securityApplications of state-of-the-art cryptography, such as IoTs, RFIDs, IP protection, cyber-physical systems composed of analog and digital components, automotive security and trusted computing