10 results sorted by ID
The Need for MORE: Unsupervised Side-channel Analysis with Single Network Training and Multi-output Regression
Ioana Savu, Marina Krček, Guilherme Perin, Lichao Wu, Stjepan Picek
Attacks and cryptanalysis
Deep learning-based profiling side-channel analysis has gained widespread adoption in academia and industry due to its ability to uncover secrets protected by countermeasures. However, to exploit this capability, an adversary must have access to a clone of the targeted device to obtain profiling measurements and know secret information to label these measurements. Non-profiling attacks avoid these constraints by not relying on secret information for labeled data. Instead, they attempt all...
An End-to-end Plaintext-based Side-channel Collision Attack without Trace Segmentation
Lichao Wu, Sébastien Tiran, Guilherme Perin, Stjepan Picek
Attacks and cryptanalysis
Side-channel Collision Attacks (SCCA) constitute a subset of non-profiling attacks that exploit information dependency leaked during cryptographic operations. Unlike traditional collision attacks, which seek instances where two different inputs to a cryptographic algorithm yield identical outputs, SCCAs specifically target the internal state, where identical outputs are more likely. In CHES 2023, Staib et al. presented a Deep Learning-based SCCA (DL-SCCA), which enhanced the attack...
Hiding in Plain Sight: Non-profiling Deep Learning-based Side-channel Analysis with Plaintext/Ciphertext
Lichao Wu, Guilherme Perin, Stjepan Picek
Attacks and cryptanalysis
Deep learning-based profiling side-channel analysis is widely adopted in academia and industry thanks to the ability to reveal secrets protected with countermeasures. To leverage its capability, the adversary needs to have access to a clone of an attack device to obtain the profiling measurements. Moreover, the adversary needs to know secret information to label these measurements. Non-profiling attacks avoid those constraints by not relying on secret information to label data but rather by...
Time is money, friend! Timing Side-channel Attack against Garbled Circuit Constructions
Mohammad Hashemi, Domenic Forte, Fatemeh Ganji
Attacks and cryptanalysis
With the advent of secure function evaluation (SFE), distrustful parties can jointly compute on their private inputs without disclosing anything besides the results. Yao’s garbled circuit protocol has become an integral part of secure computation thanks to considerable efforts made to make it feasible, practical, and more efficient. These efforts have resulted in multiple optimizations on this primitive to enhance its performance by orders of magnitude over the last years. The advancement in...
DLDDO: Deep Learning to Detect Dummy Operations
JongHyeok Lee, Dong-Guk Han
Applications
Recently, research on deep learning based side-channel analysis (DLSCA) has received a lot of attention. Deep learning-based profiling methods similar to template attacks as well as non-profiling-based methods similar to differential power analysis have been proposed. DLSCA methods have been proposed for targets to which masking schemes or jitter-based hiding schemes are applied. However, most of them are methods for finding the secret key, except for methods for preprocessing, and there are...
Improving Non-Profiled Side-Channel Attacks using Autoencoder based Preprocessing
Donggeun Kwon, HeeSeok Kim, Seokhie Hong
Implementation
In recent years, deep learning-based side-channel attacks have established their position as mainstream. However, most deep learning techniques for cryptanalysis mainly focused on classifying side-channel information in a profiled scenario where attackers can obtain a label of training data. In this paper, we introduce a novel approach with deep learning for improving side-channel attacks, especially in a non-profiling scenario. We also propose a new principle of training that trains an...
2016/922
Last updated: 2019-08-18
Side-Channel Leakage Evaluation and Detection Based on Communication Theory
Wei Yang, Yuchen Cao, Ke Ma, Hailong Zhang
Side-channel attacks (SCAs) have been a realistic serious threat to crypto devices. Therefore, evaluating the SCAs resilience of a crypto device is important and necessary. The SCAs-secure evaluation criteria includes the information theoretic metric and the security metric. The former metric, i.e. mutual information (MI), measures the leakage amount of a crypto device. However, because the real leakage distribution of a crypto device is unknown, the leakage evaluation is difficult....
SNR to Success Rate: Reaching the Limit of Non-Profiling DPA
Suvadeep Hajra, Debdeep Mukhopadhyay
Many profiling power analysis attacks estimate the
multivariate probability distribution using a profiling step, and thus, can optimally combine the leakages of multiple sample
points. Though there exist several approaches like filtering, Principal Component Analysis for combining the leakages of multiple sample points in non-profiling DPA, their optimality has been been rarely studied. We study the issue of optimally combining the leakages of multiple sample points in non-profiling DPA...
Pushing the Limit of Non-Profiling DPA using Multivariate Leakage Model
Suvadeep Hajra, Debdeep Mukhopadhyay
Implementation
Profiling power attacks like Template attack and Stochastic attack optimize their performance by jointly evaluating the leakages of multiple sample points. However, such multivariate approaches are rare among non-profiling Differential Power Analysis (DPA) attacks, since integration of the leakage of a higher SNR sample point with the leakage of lower SNR sample point might result in a decrease in the overall performance. One of the few successful multivariate approaches is the application...
Profiling DPA: Efficacy and efficiency trade-offs
Carolyn Whitnall, Elisabeth Oswald
Implementation
Linear regression-based methods have been proposed as efficient means of characterising device leakage in the training phases of profiled side-channel attacks. Empirical comparisons between these and the `classical' approach to template building have confirmed the reduction in profiling complexity to achieve the same attack-phase success, but have focused on a narrow range of leakage scenarios which are especially favourable to simple (i.e.\ efficiently estimated) model specifications. In...
Deep learning-based profiling side-channel analysis has gained widespread adoption in academia and industry due to its ability to uncover secrets protected by countermeasures. However, to exploit this capability, an adversary must have access to a clone of the targeted device to obtain profiling measurements and know secret information to label these measurements. Non-profiling attacks avoid these constraints by not relying on secret information for labeled data. Instead, they attempt all...
Side-channel Collision Attacks (SCCA) constitute a subset of non-profiling attacks that exploit information dependency leaked during cryptographic operations. Unlike traditional collision attacks, which seek instances where two different inputs to a cryptographic algorithm yield identical outputs, SCCAs specifically target the internal state, where identical outputs are more likely. In CHES 2023, Staib et al. presented a Deep Learning-based SCCA (DL-SCCA), which enhanced the attack...
Deep learning-based profiling side-channel analysis is widely adopted in academia and industry thanks to the ability to reveal secrets protected with countermeasures. To leverage its capability, the adversary needs to have access to a clone of an attack device to obtain the profiling measurements. Moreover, the adversary needs to know secret information to label these measurements. Non-profiling attacks avoid those constraints by not relying on secret information to label data but rather by...
With the advent of secure function evaluation (SFE), distrustful parties can jointly compute on their private inputs without disclosing anything besides the results. Yao’s garbled circuit protocol has become an integral part of secure computation thanks to considerable efforts made to make it feasible, practical, and more efficient. These efforts have resulted in multiple optimizations on this primitive to enhance its performance by orders of magnitude over the last years. The advancement in...
Recently, research on deep learning based side-channel analysis (DLSCA) has received a lot of attention. Deep learning-based profiling methods similar to template attacks as well as non-profiling-based methods similar to differential power analysis have been proposed. DLSCA methods have been proposed for targets to which masking schemes or jitter-based hiding schemes are applied. However, most of them are methods for finding the secret key, except for methods for preprocessing, and there are...
In recent years, deep learning-based side-channel attacks have established their position as mainstream. However, most deep learning techniques for cryptanalysis mainly focused on classifying side-channel information in a profiled scenario where attackers can obtain a label of training data. In this paper, we introduce a novel approach with deep learning for improving side-channel attacks, especially in a non-profiling scenario. We also propose a new principle of training that trains an...
Side-channel attacks (SCAs) have been a realistic serious threat to crypto devices. Therefore, evaluating the SCAs resilience of a crypto device is important and necessary. The SCAs-secure evaluation criteria includes the information theoretic metric and the security metric. The former metric, i.e. mutual information (MI), measures the leakage amount of a crypto device. However, because the real leakage distribution of a crypto device is unknown, the leakage evaluation is difficult....
Many profiling power analysis attacks estimate the multivariate probability distribution using a profiling step, and thus, can optimally combine the leakages of multiple sample points. Though there exist several approaches like filtering, Principal Component Analysis for combining the leakages of multiple sample points in non-profiling DPA, their optimality has been been rarely studied. We study the issue of optimally combining the leakages of multiple sample points in non-profiling DPA...
Profiling power attacks like Template attack and Stochastic attack optimize their performance by jointly evaluating the leakages of multiple sample points. However, such multivariate approaches are rare among non-profiling Differential Power Analysis (DPA) attacks, since integration of the leakage of a higher SNR sample point with the leakage of lower SNR sample point might result in a decrease in the overall performance. One of the few successful multivariate approaches is the application...
Linear regression-based methods have been proposed as efficient means of characterising device leakage in the training phases of profiled side-channel attacks. Empirical comparisons between these and the `classical' approach to template building have confirmed the reduction in profiling complexity to achieve the same attack-phase success, but have focused on a narrow range of leakage scenarios which are especially favourable to simple (i.e.\ efficiently estimated) model specifications. In...