Paper 2023/093
Automated Side-Channel Attacks using Black-Box Neural Architecture Search
Abstract
The usage of convolutional neural networks (CNNs) to break cryptographic systems through hardware side-channels has enabled fast and adaptable attacks on devices like smart cards and TPMs. Current literature proposes fixed CNN architectures designed by domain experts to break such systems, which is time-consuming and unsuitable for attacking a new system. Recently, an approach using neural architecture search (NAS), which is able to acquire a suitable architecture automatically, has been explored. These works use the secret key information in the attack dataset for optimization and only explore two different search strategies using one-dimensional CNNs. We propose a NAS approach that relies only on using the profiling dataset for optimization, making it fully black-box. Using a large-scale experimental parameter study, we explore which choices for NAS, such as 1-D or 2-D CNNs and search strategy, produce the best results on 10 state-of-the-art datasets for Hamming weight and identity leakage models. We show that applying the random search strategy on 1-D inputs results in a high success rate and retrieves the correct secret key using a single attack trace on two of the datasets. This combination matches the attack efficiency of fixed CNN architectures, outperforming them in 4 out of 10 datasets. Our experiments also point toward the need for repeated attack evaluations of machine learning-based solutions in order to avoid biased performance estimates.
Metadata
- Available format(s)
- Category
- Attacks and cryptanalysis
- Publication info
- Preprint.
- Keywords
- Neural Architecture SearchParameter StudyConvolutional Neural NetworkSide-Channel AttackAES
- Contact author(s)
-
prithag @ mail uni-paderborn de
jan drees @ uni-wuppertal de
eyke @ lmu de - History
- 2024-01-14: last of 5 revisions
- 2023-01-25: received
- See all versions
- Short URL
- https://ia.cr/2023/093
- License
-
CC BY-SA
BibTeX
@misc{cryptoeprint:2023/093, author = {Pritha Gupta and Jan Peter Drees and Eyke Hüllermeier}, title = {Automated Side-Channel Attacks using Black-Box Neural Architecture Search}, howpublished = {Cryptology {ePrint} Archive, Paper 2023/093}, year = {2023}, url = {https://eprint.iacr.org/2023/093} }