Skip to main content

A Second Look at the ASCAD Databases

Part of the Lecture Notes in Computer Science book series (LNCS,volume 13211)


The ASCAD databases marked the starting point for a large amount of research regarding deep learning-based (SCA). While most work focuses on the analysis of different architectures, little attention has been paid to the datasets used for training and evaluation. In this paper, we provide a detailed analysis of the ASCAD datasets that examines all 16 bytes of the targeted AES implementation and reveals leakage from intermediate values of interest for attribution of Machine Learning (ML)-based SCA. We show that some bytes exhibit first-order or univariate second-order leakage that is unexpected for a protected implementation. Subsequently, we investigate how training on the fixed key we provide a detailed analysis of the ASCAD database is an easier task for (CNNs) based on two different hyperparameter architectures. Our findings suggest that results based on the we provide a detailed analysis of the ASCAD fix dataset should be revisited and that the more recent ASCAD variable dataset with variable key training should be used in future work. Finally, we investigate the attack success for all bytes. Performance differences with the same network architecture for different bytes highlight that even traces of identical operations on the same dataset pose challenges to CNNs. This highlights the possibility to use different bytes of the ASCAD dataset in order to evaluate the robustness of ML approaches in future work.


  • Side-Channel Analysis
  • Machine Learning
  • CNNs

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
USD   54.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions


  1. 1., accessed 29.04.2021.

  2. 2.

    Recently, in May 2021, a database with traces from a 32-bit STM32F303 microcontroller was released as ASCADv2 database. As most related work is based on the ATMega databases, the in-depth analysis of the new database is left as future work.

  3. 3.

    Note that Benadjila et al. [2] is the peer-reviewed version of Prouff et al. [17] and is used in the remainder of the paper.

  4. 4.

    Note that we use byte indices according to the AES standard in contrast to the indexing introduced with the ASCAD databases [17] starting with index 1.

  5. 5., accessed 29.04.2021.

  6. 6.

  7. 7.

    The sampling frequency is not \(f_s ={2}\,\mathrm {GS/s}\) as provided by [2] and generally adopted by related work. In this case the whole trace segment would only show 1.4 clock cycles, which is not consistent with the CPOI results.

  8. 8., accessed 29.04.2021.

  9. 9., accessed 29.04.2021.

  10. 10.

    The authors revised their claim that both datasets consist of EM measurements to them actually being power measurements in, accessed 15.02.2022.

  11. 11.

    Note that for key byte \(k_{15} \) of the ASCAD variable dataset there is one additional peak compared to the other bytes. We manually corrected the range such that the same operations/code lines are contained.

  12. 12.

    We map the beginning of a correlation peak to the rising edge of a clock cycle, as the highest current change is reflected by a high leakage. We build our mapping on load and store operations that normally exhibit higher leakage for microcontrollers as the data transfer over the bus consumes more power than normal ALU operations. The first operation, namely the load of \(r_{i}\) in line 407, is mapped to the corresponding first correlation peak. The second operation is the store of the final S-Box result \(\mathrm {S}(k_{i} \oplus ptxt_{i})\oplus r_{i} \) in line 428.

  13. 13.

    Namely r3, r24, r26 and r27, for details please refer to the assembly implementation.

  14. 14.

    Note that the possibility of a first-order leak has already been discussed in, where a normalization step allows for a sort of second-order univariate attack if observing a certain sample (sample 188) independently. Nevertheless, this does not have an influence in practice, as in a masked setting an attacker can not perform leakage evaluation to identify this sample directly, but rather has to use the maximum correlation among all samples.

  15. 15.

    Interestingly, one main difference compared to the architecture for ASCAD fix [18, Table 10] is the kernel size of the convolutional layer, which is considerably smaller – a further indication that the information is concentrated on fewer samples.


  1. Balasch, J., Gierlichs, B., Grosso, V., Reparaz, O., Standaert, F.-X.: On the cost of lazy engineering for masked software implementations. In: Joye, M., Moradi, A. (eds.) CARDIS 2014. LNCS, vol. 8968, pp. 64–81. Springer, Cham (2015).

    CrossRef  Google Scholar 

  2. Benadjila, R., Prouff, E., Strullu, R., Cagli, E., Dumas, C.: Deep learning for side-channel analysis and introduction to ASCAD database. J. Cryptogr. Eng. 10, 163–188 (2019)

    CrossRef  Google Scholar 

  3. Bhasin, S., Chattopadhyay, A., Heuser, A., Jap, D., Picek, S., Shrivastwa, R.R.: Mind the portability: a warriors guide through realistic profiled side-channel analysis. Cryptology ePrint Archive, Report 2019/661,

  4. Bronchain, O., Cassiers, G., Standaert, F.X.: Give me 5 minutes: attacking ASCAD with a single side-channel trace. Cryptology ePrint Archive, Report 2021/817 (2021).

  5. Bronchain, O., Durvaux, F., Masure, L., Standaert, F.X.: Efficient profiled side-channel analysis of masked implementations, extended. IEEE Trans. Inf. Foren. Secur. 17, 1–1 (2022)

    CrossRef  Google Scholar 

  6. Cao, P., Zhang, C., Lu, X., Gu, D.: Cross-device profiled side-channel attack with unsupervised domain adaptation. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2021(4), 27–56 (2021).,

  7. Le Corre, Yann, Großschädl, Johann, Dinu, Daniel: Micro-architectural power simulator for leakage assessment of cryptographic software on ARM Cortex-M3 processors. In: Fan, Junfeng, Gierlichs, Benedikt (eds.) COSADE 2018. LNCS, vol. 10815, pp. 82–98. Springer, Cham (2018).

    CrossRef  Google Scholar 

  8. Durvaux, F., Standaert, F.-X.: From improved leakage detection to the detection of points of interests in leakage traces. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 240–262. Springer, Heidelberg (2016).

    CrossRef  MATH  Google Scholar 

  9. Hettwer, B., Gehrer, S., Güneysu, T.: Deep neural network attribution methods for leakage analysis and symmetric key recovery. In: Paterson, K.G., Stebila, D. (eds.) SAC 2019. LNCS, vol. 11959, pp. 645–666. Springer, Cham (2020).

    CrossRef  Google Scholar 

  10. Hoang, A.T., Hanley, N., O’Neill, M.: Plaintext: a missing feature for enhancing the power of deep learning in side-channel analysis? Breaking multiple layers of side-channel countermeasures. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2020(4), 49–85 (2020)

    CrossRef  Google Scholar 

  11. Lu, X., Zhang, C., Cao, P., Gu, D., Lu, H.: Pay attention to raw traces: a deep learning architecture for end-to-end profiling attacks. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2021(3), 235–274 (2021).,

  12. Mangard, Stefan, Oswald, Elisabeth, Popp, Thomas: Power Analysis Attacks. Springer, Boston, MA (2007).

    CrossRef  MATH  Google Scholar 

  13. Masure, L., Dumas, C., Prouff, E.: Gradient visualization for general characterization in profiling attacks. In: Polian, I., Stöttinger, M. (eds.) Constructive Side-Channel Analysis and Secure Design, pp. 145–167. Springer International Publishing, Cham (2019)

    CrossRef  Google Scholar 

  14. Moradi, A., Mischke, O.: On the simplicity of converting leakages from multivariate to univariate. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 1–20. Springer, Heidelberg (2013).

    CrossRef  Google Scholar 

  15. Perin, G., Chmielewski, L., Picek, S.: Strength in numbers: improving generalization with ensembles in machine learning-based profiled side-channel analysis. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2020(4), 337–364 (2020).,

  16. Prouff, E., Rivain, M., Bevan, R.: Statistical analysis of second order differential power analysis. IEEE Trans. Comput. 58(6), 799–811 (2009)

    CrossRef  MathSciNet  Google Scholar 

  17. Prouff, E., Strullu, R., Benadjila, R., Cagli, E., Dumas, C.: Study of deep learning techniques for side-channel analysis and introduction to ASCAD database. Cryptology ePrint Archive, Report 2018/053 (2018).

  18. Rijsdijk, J., Wu, L., Perin, G., Picek, S.: Reinforcement learning for hyperparameter tuning in deep learning-based side-channel analysis. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2021(3), 677–707 (2021).,

  19. Seuschek, H., Rass, S.: Side-channel leakage models for RISC instruction set architectures from empirical data. Microprocess. Microsyst. 47, 74–81 (2016)

    CrossRef  Google Scholar 

  20. Timon, B.: Non-profiled deep learning-based side-channel attacks with sensitivity analysis. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2019(2), 107–131 (2019)

    CrossRef  Google Scholar 

  21. Wu, L., Picek, S.: Remove some noise: on pre-processing of side-channel measurements with autoencoders. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2020(4), 389–415 (2020)

    CrossRef  Google Scholar 

  22. Yu, H., Shan, H., Panoff, M., Jin, Y.: Cross-device profiled side-channel attacks using meta-transfer learning. In: 2021 58th ACM/IEEE Design Automation Conference (DAC). IEEE, December 2021.

  23. Zhou, Y., Standaert, F.-X.: Deep learning mitigates but does not annihilate the need of aligned traces and a generalized ResNet model for side-channel attacks. J. Cryptogr. Eng. 10(1), 85–95 (2019).

    CrossRef  Google Scholar 

Download references


This work was supported by the German Federal Ministry of Education and Research in the project SIKRIN-KRYPTOV through grant number 16KIS1070. We also gratefully acknowledge the support of NVIDIA Corporation with the donation of the Titan V GPU used for this research. We would like to thank all reviewers for their valuable feedback during the review process.

Author information

Authors and Affiliations


Corresponding author

Correspondence to Thomas Schamberger .

Editor information

Editors and Affiliations

A Appendix

A Appendix

1.1 A.1 Sample Ranges for Different Bytes

See Table 4.

Table 4. Sample indices for the alignment on CPOI values.

1.2 A.2 Multivariate Second-Order Attack - Sample Combinations

The resulting correlation results for all sample combinations are shown in Fig. 8. Note that for visualization, we used a convolution filter as due to the low amount of combination points they were barely visible. Furthermore, correlations of less than \(4/\sqrt{10000}\) are depicted in white [12]. We limit our evaluation to key bytes with different leakage characteristics as shown in Fig. 3. For all these key bytes it can be concluded that samples corresponding to \(r_{out}\) (around 70) and \(r_{i}\) (200) can be combined with their corresponding masked S-Box value (1000 and 1100). For \(k_{15}\) the additional leakage of \(\mathrm {S}(k_{15} \oplus ptxt_{15}) \oplus r_{out} \) allows for an additional combination with samples around index 200. Further, key bytes that are vulnerable against first-order CPA (\(k_{4}\), \(k_{5}\)) show possible additional combinations.

Fig. 8.
figure 8

Second-order attack results for \(k_2\), \(k_3\), \(k_4\), \(k_5\), \(k_6\) and \(k_{15}\) of ASCAD variable. The resulting correlation value for the different sample combinations of the correct key hypothesis is shown.

Rights and permissions

Reprints and Permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Egger, M., Schamberger, T., Tebelmann, L., Lippert, F., Sigl, G. (2022). A Second Look at the ASCAD Databases. In: Balasch, J., O’Flynn, C. (eds) Constructive Side-Channel Analysis and Secure Design. COSADE 2022. Lecture Notes in Computer Science, vol 13211. Springer, Cham.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-99765-6

  • Online ISBN: 978-3-030-99766-3

  • eBook Packages: Computer ScienceComputer Science (R0)