Abstract
Template attacks and machine learning are two popular approaches to profiled side-channel analysis. In this paper, we aim to contribute to the understanding of their respective strengths and weaknesses, with a particular focus on their curse of dimensionality. For this purpose, we take advantage of a well-controlled simulated experimental setting in order to put forward two important aspects. First and from a theoretic point of view, the data complexity of template attacks is not sensitive to the dimension increase in side-channel traces given that their profiling is perfect. Second and from a practical point of view, concrete attacks are always affected by (estimation and assumption) errors during profiling. As these errors increase, machine learning gains interest compared to template attacks, especially when based on random forests. We then clarify these results thanks to the bias–variance decomposition of the error rate recently introduced in the context side-channel analysis.
Similar content being viewed by others
Notes
In [32] the equation representing the perceived information has a minus sign, whereas the correct sign is positive.
There are variants of SVM and RF that aim to remedy to this issue. Yet, the “probability-like” scores they output are not directly exploitable in the estimation of information theoretic metrics. For example, we could exhibit examples where probability-like scores of one do not correspond to a success rate of one. More recently, Choudary et al. [6] showed that key enumeration based on scores and based on probabilities provide different results, which highlights the difference between score-based and probability-based profiled attacks.
By contrast, we do not discuss the impact on the bias and on the variance term of each meta-parameter of a random forest and a template attack. For the interested readers about this aspect, we refer to the document of Louppe [28] analyzing random forests and to the paper of Lerman et al. [25] analyzing template attack.
References
Banciu, V., Oswald, E., Whitnall, C.: Reliable information extraction for single trace attacks. In: Nebel, W., Atienza, D. (eds.) Proceedings of the 2015 Design, Automation and Test in Europe Conference and Exhibition, DATE 2015, Grenoble, France, March 9–13, 2015, pp. 133–138. ACM (2015)
Banciu, V., Oswald, E., Carolyn, W.: Reliable information extraction for single trace attacks. In: IACR Cryptology ePrint Archive, vol. 2015, p. 45 (2015)
Bartkewitz, T., Lemke-Rust, K.: Efficient template attacks based on probabilistic multi-class support vector machines. In: Mangard, S. (ed.) CARDIS, volume 7771 of Lecture Notes in Computer Science, pp. 263–276. Springer, Berlin (2012)
Breiman, L.: Random forests. Mach. Learn. 45(1), 5–32 (2001)
Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES, volume 2523 of Lecture Notes in Computer Science, pp. 13–28. Springer, Berlin (2002)
Choudary, M.O., Poussier, R., Standaert, F.-X.: Score-based vs. probability-based enumeration—a cautionary note. In: Progress in Cryptology—INDOCRYPT 2016—17th International Conference on Cryptology in India, Kolkata, India, December 11–14, 2016, Proceedings (2016) (to appear)
Choudary, O., Kuhn, M.G.: Efficient template attacks. In: Francillon, A., Rohatgi, P. (eds.) Smart Card Research and Advanced Applications–12th International Conference, CARDIS 2013, Berlin, Germany, November 27-29, 2013. Revised Selected Papers. Lecture Notes in Computer Science, vol. 8419, pp. 253–270. Springer (2013)
Cortes, C., Vapnik, V.: Support-vector networks. Mach. Learn. 20(3), 273–297 (1995)
Cristianini, N., Shawe-Taylor, J.: An Introduction to Support Vector Machines and Other Kernel-based Learning Methods. Cambridge University Press, Cambridge (2010)
Domingos, P.: A unifeid bias-variance decomposition and its applications. In: Langley, P. (ed.) Proceedings of the Seventeenth International Conference on Machine Learning (ICML 2000), Stanford University, Stanford, CA, USA, June 29–July 2, 2000, pp. 231–238. Morgan Kaufmann (2000)
Domingos, P.: A unified bias-variance decomposition for zero-one and squared loss. In Kautz, H.A., Porter, B.W. (eds.) Proceedings of the Seventeenth National Conference on Artificial Intelligence and Twelfth Conference on Innovative Applications of Artificial Intelligence, July 30–August 3, 2000, Austin, Texas, USA, pp. 564–569. AAAI Press/The MIT Press (2000)
Durvaux, F., Standaert, F.-X., Veyrat-Charvillon, N.: How to certify the leakage of a chip? In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT, volume 8441 of Lecture Notes in Computer Science, pp. 459–476. Springer, Berlin (2014)
Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES, volume 2162 of Lecture Notes in Computer Science, pp. 251–261. Springer, Berlin (2001)
Gierlichs, B., Lemke-Rust, K., Paar, C.: Templates vs. stochastic methods. In: Goubin, L., Matsui, M. (eds.) CHES, volume 4249 of Lecture Notes in Computer Science, pp. 15–29. Springer, Berlin (2006)
Gilmore, R., Hanley, N., O’Neill, M.: Neural network based attack on a masked implementation of AES. In: IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2015, Washington, DC, USA, 5–7 May, 2015, pp. 106–111. IEEE (2015)
He, H., Jaffe, J., Zou, L.: CS 229 Machine Learning—Side Channel Cryptanalysis Using Machine Learning. Technical Report, Stanford University (2012)
Heuser, A., Zohner, M.: Intelligent machine homicide–breaking cryptographic devices using support vector machines. In: Schindler, W., Huss, S.A. (eds.) COSADE, volume 7275 of Lecture Notes in Computer Science, pp. 249–264. Springer, Berlin (2012)
Hospodar, G., Gierlichs, B., De Mulder, E., Verbauwhede, I., Vandewalle, J.: Machine learning in side-channelanalysis: a first study. J. Cryptogr. Eng. 1(4), 293–302 (2011)
Hospodar, G., De Mulder, E., Gierlichs, B., Vandewalle, J., Verbauwhede, I.: Least squares support vector machines for side-channel analysis. In: Second International Workshop on Constructive Side-Channel Analysis and Secure Design, pp. 99–104. Center for Advanced Security Research Darmstadt (2011)
Kocher, P.C.: Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems. In: Koblitz, N. (ed.) CRYPTO, volume 1109 of Lecture Notes in Computer Science, pp. 104–113. Springer, Berlin (1996)
Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M.J. (ed.) CRYPTO, volume 1666 of Lecture Notes in Computer Science, pp. 388–397. Springer, Berlin (1999)
Lerman, L., Bontempi, G., Markowitch, O.: Side-channel attacks: an approach based on machine learning. In: Second International Workshop on Constructive Side-Channel Analysis and Secure Design, pp. 29–41. Center for Advanced Security Research Darmstadt (2011)
Lerman, L., Bontempi, G., Markowitch, O.: Power analysis attack: an approach based on machine learning. IJACT 3(2), 97–115 (2014)
Lerman, L., Bontempi, G., Markowitch, O.: A machine learning approach against a masked AES. J. Cryptogr. Eng. 5(2), 123–139 (2015)
Lerman, L., Bontempi, G., Markowitch, O.: The bias–variance decomposition in profiled attacks. J. Cryptogr. Eng. 5, 1–13 (2015)
Lerman, L., Medeiros, S.F., Bontempi, G., Markowitch, O.: A machine learning approach against a masked AES. In: Francillon, A., Rohatgi, P. (eds.) Smart Card Research and Advanced Applications–12th International Conference, CARDIS 2013, Berlin, Germany, November 27-29, 2013. Revised Selected Papers. Lecture Notes in Computer Science, vol. 8419, pp. 61–75. Springer (2013)
Lerman, L., Poussier, R., Bontempi, G., Markowitch, O., Standaert, F.-X.: Template attacks vs. machine learning revisited (and the curse of dimensionality in side-channel analysis). In: Mangard, S., Poschmann, A.Y. (eds.) Constructive Side-Channel Analysis and Secure Design—6th International Workshop, COSADE 2015, Berlin, Germany, April 13–14, 2015. Revised Selected Papers, volume 9064 of Lecture Notes in Computer Science, pp. 20–33. Springer (2015)
Louppe, G.: Understanding Random Forests: From Theory to Practice. ArXiv e-prints (2014)
Mangard, S., Oswald, E., Standaert, F.-X.: One for all–all for one: unifying standard differential power analysis attacks. IET Inf. Secur. 5(2), 100–110 (2011)
Martinasek, Z., Hajny, J., Malina, L.: Optimization of power analysis using neural network. In: Francillon, A., Rohatgi, P. (eds.) Smart Card Research and Advanced Applications—12th International Conference, CARDIS 2013, Berlin, Germany, November 27–29, 2013. Revised Selected Papers, volume 8419 of Lecture Notes in Computer Science, pp. 94–107. Springer (2013)
Patel, H., Baldwin, R.O.: Random forest profiling attack on advanced encryption standard. IJACT 3(2), 181–194 (2014)
Renauld, M., Standaert, F.-X., Veyrat-Charvillon, N., Kamel, D., Flandre, D.: A formal study of power variability issues and side-channel attacks for nanoscale devices. In: Paterson, K.G. (ed.) EUROCRYPT, volume 6632 of Lecture Notes in Computer Science, pp. 109–128. Springer, Berlin (2011)
Rokach, L., Maimon, O.: Data Mining with Decision Trees: Theory and Applications. Series in Machine Perception and Artificial Intelligence. World Scientific Publishing Company, Incorporated, Singapore (2008)
Schindler, W., Lemke, K., Paar, C.: A stochastic model for differential side channel cryptanalysis. In: Rao, J.R., Sunar, B. (eds.) CHES, volume 3659 of Lecture Notes in Computer Science, pp. 30–46. Springer, Berlin (2005)
Standaert, F.-X., Koeune, F., Schindler, W.: How to compare profiled side-channel attacks? In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS. Lecture Notes in Computer Science, vol. 5536, pp. 485–498. Springer, Berlin (2009)
Standaert, F.-X., Malkin, T., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT, volume 5479 of Lecture Notes in Computer Science, pp. 443–461. Springer, Berlin (2009)
Veyrat-Charvillon, N., Gérard, B., Renauld, M., Standaert, F.-X.: An optimal key enumeration algorithm and its application to side-channel attacks. In: Knudsen, L.R., Wu, H. (eds.) Selected Areas in Cryptography, volume 7707 of Lecture Notes in Computer Science, pp. 390–406. Springer, Berlin (2012)
Acknowledgements
F.-X. Standaert is a research associate of the Belgian Fund for Scientific Research (FNRS-F.R.S.). This work has been funded in parts by the European Commission through the ERC project 280141 (CRASH). L. Lerman is a postdoctoral researcher working on the SCAUT project and funded by the Brussels Institute for Research and Innovation (Innoviris).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Lerman, L., Poussier, R., Markowitch, O. et al. Template attacks versus machine learning revisited and the curse of dimensionality in side-channel analysis: extended version. J Cryptogr Eng 8, 301–313 (2018). https://doi.org/10.1007/s13389-017-0162-9
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13389-017-0162-9