Advertisement

Profiled Power Analysis Attacks Using Convolutional Neural Networks with Domain Knowledge

  • Benjamin HettwerEmail author
  • Stefan Gehrer
  • Tim Güneysu
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11349)

Abstract

Evaluation of cryptographic implementations against profiled side-channel attacks plays a fundamental role in security testing nowadays. Recently, deep neural networks and especially Convolutional Neural Networks have been introduced as a new tool for that purpose. Although having several practical advantages over common Gaussian templates such as intrinsic feature extraction, the deep-learning-based profiling techniques proposed in literature still require a suitable leakage model for the implementation under test. Since this is a crucial task, we are introducing domain knowledge to exploit the full power of approximating very complex functions with neural networks. By doing so, we are able to attack the secret key directly without any assumption about the leakage behavior. Our experiments confirmed that our method is much more efficient than state-of-the-art profiling approaches when targeting an unprotected hardware and a protected software implementation of the AES.

Keywords

Side-channel attacks Deep learning Convolutional Neural Networks 

Notes

Acknowledgment

The authors would like to thank the reviewers for their comments. This work is supported in parts by the German Federal Ministry of Education and Research (BMBF) under grant agreement number 16KIS0606K (SecRec).

References

  1. 1.
    Keras Documentation. https://keras.io/
  2. 2.
    Scikit-learn: machine learning in Python. http://scikit-learn.org/stable/
  3. 3.
    Bartkewitz, T., Lemke-Rust, K.: Efficient template attacks based on probabilistic multi-class support vector machines. In: Mangard, S. (ed.) CARDIS 2012. LNCS, vol. 7771, pp. 263–276. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-37288-9_18CrossRefGoogle Scholar
  4. 4.
    Bhasin, S., Bruneau, N., Danger, J.-L., Guilley, S., Najm, Z.: Analysis and improvements of the DPA contest v4 implementation. In: Chakraborty, R.S., Matyas, V., Schaumont, P. (eds.) SPACE 2014. LNCS, vol. 8804, pp. 201–218. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-12060-7_14CrossRefGoogle Scholar
  5. 5.
    Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-28632-5_2CrossRefGoogle Scholar
  6. 6.
    Cagli, E., Dumas, C., Prouff, E.: Convolutional neural networks with data augmentation against jitter-based countermeasures. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 45–68. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-66787-4_3CrossRefGoogle Scholar
  7. 7.
    Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003).  https://doi.org/10.1007/3-540-36400-5_3CrossRefGoogle Scholar
  8. 8.
    Doget, J., Prouff, E., Rivain, M., Standaert, F.X.: Univariate side channel attacks and leakage modeling. J. Cryptogr. Eng. 1(2), 123 (2011).  https://doi.org/10.1007/s13389-011-0010-2CrossRefGoogle Scholar
  9. 9.
    Gierlichs, B., Batina, L., Tuyls, P., Preneel, B.: Mutual information analysis. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 426–442. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-85053-3_27CrossRefGoogle Scholar
  10. 10.
    Gilmore, R., Hanley, N., O’Neill, M.: Neural network based attack on a masked implementation of AES. In: 2015 IEEE International Symposium on Hardware Oriented Security and Trust, HOST, pp. 106–111, May 2015.  https://doi.org/10.1109/HST.2015.7140247
  11. 11.
    Goodfellow, I., Bengio, Y., Courville, A.: Deep Learning. MIT Press, Cambridge (2016). http://www.deeplearningbook.orgzbMATHGoogle Scholar
  12. 12.
    Hospodar, G., Gierlichs, B., De Mulder, E., Verbauwhede, I., Vandewalle, J.: Machine learning in side-channel analysis: a first study. J. Cryptogr. Eng. 1(4), 293 (2011).  https://doi.org/10.1007/s13389-011-0023-xCrossRefGoogle Scholar
  13. 13.
    Ioffe, S., Szegedy, C.: Batch normalization: accelerating deep network training by reducing internal covariate shift. CoRR abs/1502.03167 (2015). http://arxiv.org/abs/1502.03167
  14. 14.
    Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48405-1_25CrossRefGoogle Scholar
  15. 15.
    Kocher, P., Jaffe, J., Jun, B., Rohatgi, P.: Introduction to differential power analysis. J. Cryptogr. Eng. 1(1), 5–27 (2011).  https://doi.org/10.1007/s13389-011-0006-yCrossRefGoogle Scholar
  16. 16.
    Lerman, L., Bontempi, G., Markowitch, O.: Side channel attack: an approach based on machine learning. In: Second International Workshop on Constructive Side-Channel Analysis and Secure Design, COSADE 2011 (2011)Google Scholar
  17. 17.
    Lerman, L., Poussier, R., Bontempi, G., Markowitch, O., Standaert, F.-X.: Template attacks vs. machine learning revisited (and the curse of dimensionality in side-channel analysis). In: Mangard, S., Poschmann, A.Y. (eds.) COSADE 2014. LNCS, vol. 9064, pp. 20–33. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-21476-4_2CrossRefGoogle Scholar
  18. 18.
    Maghrebi, H., Portigliatti, T., Prouff, E.: Breaking cryptographic implementations using deep learning techniques. In: Carlet, C., Hasan, M.A., Saraswat, V. (eds.) SPACE 2016. LNCS, vol. 10076, pp. 3–26. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-49445-6_1CrossRefGoogle Scholar
  19. 19.
    Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks. Revealing the Secrets of Smart Cards, 1st edn. Springer, Boston (2007).  https://doi.org/10.1007/978-0-387-38162-6CrossRefzbMATHGoogle Scholar
  20. 20.
    Mitchell, T.M.: Machine Learning, 1st edn. McGraw-Hill Inc., New York (1997)zbMATHGoogle Scholar
  21. 21.
    Nair, V., Hinton, G.E.: Rectified linear units improve restricted Boltzmann machines. In: Proceedings of the 27th International Conference on International Conference on Machine Learning, ICML 2010, pp. 807–814. Omnipress, USA (2010). http://dl.acm.org/citation.cfm?id=3104322.3104425
  22. 22.
    O’Shea, K., Nash, R.: An introduction to convolutional neural networks. CoRR abs/1511.08458 (2015)Google Scholar
  23. 23.
    Oswald, E., Mangard, S.: Template attacks on masking—resistance is futile. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 243–256. Springer, Heidelberg (2006).  https://doi.org/10.1007/11967668_16CrossRefGoogle Scholar
  24. 24.
    Picek, S., Samiotis, I.P., Heuser, A., Kim, J., Bhasin, S., Legay, A.: On the performance of deep learning for side-channel analysis. Cryptology ePrint Archive, Report 2018/004 (2018). https://eprint.iacr.org/2018/004
  25. 25.
    Saravanan, P., Kalpana, P., Preethisri, V., Sneha, V.: Power analysis attack using neural networks with wavelet transform as pre-processor. In: 18th International Symposium on VLSI Design and Test, pp. 1–6, July 2014.  https://doi.org/10.1109/ISVDAT.2014.6881059
  26. 26.
    Schindler, W., Lemke, K., Paar, C.: A stochastic model for differential side channel cryptanalysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 30–46. Springer, Heidelberg (2005).  https://doi.org/10.1007/11545262_3CrossRefGoogle Scholar
  27. 27.
    Smith, L.N., Topin, N.: Deep convolutional neural network design patterns. CoRR abs/1611.00847 (2016). http://arxiv.org/abs/1611.00847
  28. 28.
    Srivastava, N., Hinton, G., Krizhevsky, A., Sutskever, I., Salakhutdinov, R.: Dropout: a simple way to prevent neural networks from overfitting. J. Mach. Learn. Res. 15, 1929–1958 (2014)MathSciNetzbMATHGoogle Scholar
  29. 29.
    Standaert, F.-X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-01001-9_26CrossRefGoogle Scholar
  30. 30.
    TELECOM ParisTech SEN research group: DPA Contest v2. http://www.dpacontest.org/v2/
  31. 31.
    Towell, G.G., Shavlik, J.W.: Knowledge-based artificial neural networks. Artif. Intell. 70(1–2), 119–165 (1994)CrossRefGoogle Scholar
  32. 32.
    Wang, D., Mao, K., Ng, G.W.: Convolutional neural networks and multimodal fusion for text aided image classification. In: 2017 20th International Conference on Information Fusion, Fusion, pp. 1–7, July 2017.  https://doi.org/10.23919/ICIF.2017.8009768
  33. 33.
    Whitnall, C., Oswald, E.: Robust profiling for DPA-style attacks. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 3–21. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48324-4_1CrossRefGoogle Scholar
  34. 34.
    Xie, G.S., Zhang, X.Y., Yan, S., Liu, C.L.: Hybrid CNN and dictionary-based models for scene recognition and domain adaptation. ArXiv e-prints, January 2016Google Scholar
  35. 35.
    Zheng, Y., Zhou, Y., Yu, Z., Hu, C., Zhang, H.: How to compare selections of points of interest for side-channel distinguishers in practice? In: Hui, L.C.K., Qing, S.H., Shi, E., Yiu, S.M. (eds.) ICICS 2014. LNCS, vol. 8958, pp. 200–214. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-21966-0_15CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Robert Bosch GmbH, Corporate Sector ResearchStuttgartGermany
  2. 2.Horst Görtz Institute for IT-SecurityRuhr University BochumBochumGermany

Personalised recommendations