Robust profiled attacks: should the adversary trust the dataset?

Robust profiled attacks: should the adversary trust the dataset?

WoS Article

Side-channel attacks provide tools to analyze the degree of resilience of a cryptographic device against adversaries measuring leakages (e.g., power traces) on the target device executing cryptographic algorithms. In 2002, Chari et al. introduced template attack as the strongest parametric profiled attack in an information theoretic sense. Few years later, Schindler {\it et al.} proposed stochastic attack (another parametric profiled attack) as an improved attack (with respect to template attack) when the adversary has information on the data-dependent part of the leakage. Less than ten years later, the machine learning field provided non-parametric profiled attacks especially useful in high dimensionality contexts. In this paper, we provide new contexts in which profiled attacks based on machine learning outperform conventional parametric profiled attacks: when the set of leakages contains errors or distortions. More precisely, we found that (1) profiled attacks based on machine learning remain effective in a wide range of scenarios, and (2) template attack is more sensitive to distortions and errors in the profiling and attacking sets. We analyzed a series of (parametric and non-parametric) profiled attacks (e.g., support vector machine, random forest, multilayer perceptron, and template attacks) based on two public datasets available in the DPA Contests in order to validate our claims.

Side-channel attacks provide tools to analyze the degree of resilience of a cryptographic device against adversaries measuring leakages (e.g., power traces) on the target device executing cryptographic algorithms. In 2002, Chari et al. introduced template attack as the strongest parametric profiled attack in an information theoretic sense. Few years later, Schindler {\it et al.} proposed stochastic attack (another parametric profiled attack) as an improved attack (with respect to template attack) when the adversary has information on the data-dependent part of the leakage. Less than ten years later, the machine learning field provided non-parametric profiled attacks especially useful in high dimensionality contexts. In this paper, we provide new contexts in which profiled attacks based on machine learning outperform conventional parametric profiled attacks: when the set of leakages contains errors or distortions. More precisely, we found that (1) profiled attacks based on machine learning remain effective in a wide range of scenarios, and (2) template attack is more sensitive to distortions and errors in the profiling and attacking sets. We analyzed a series of (parametric and non-parametric) profiled attacks (e.g., support vector machine, random forest, multilayer perceptron, and template attacks) based on two public datasets available in the DPA Contests in order to validate our claims.

Side-channel attacks; Power analysis; profiled attack; machine learning

Side-channel attacks; Power analysis; profiled attack; machine learning

LERMAN, L.; MARTINÁSEK, Z.; MARKOWITCH, O.

2017

03.08.2016

Institution of Engineering and Technology

1751-8709

IET Information Security

10

5

United States of America

1

16

16

http://digital-library.theiet.org/content/journals/10.1049/iet-ifs.2015.0574