Abstract
Side-channel attacks challenge the security of cryptographic devices. One of the widespread countermeasures against these attacks is the masking approach. In 2012, Nassar et al. [21] presented a new lightweight (low-cost) Boolean masking countermeasure to protect the implementation of the AES block-cipher. This masking scheme represents the target algorithm of the DPAContest V4 [30]. In this article, we present the first machine learning attack against a masking countermeasure, using the dataset of the DPAContest V4. We succeeded to extract each targeted byte of the key of the masked AES with \(26\) traces during the attacking phase. This number of traces represents roughly twice the number of traces needed compared to an unmasked AES on the same cryptographic device. Finally, we compared our proposal to a stochastic attack and to a strategy based on template attack. We showed that an attack based on a machine learning model reduces the number of traces required during the attacking step with a factor two and four compared respectively to template attack and to stochastic attack when analyzing the same leakage information. A new strategy based on stochastic attack reduces this number to 27.8 traces (in average) during the attack but requires a larger execution time in our setting than a learning model.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The \(50\) instants are sorted in descending order with respect to their correlation coefficient in absolute value.
- 2.
Each sample of the trace is an 8-bit value. The limit of R - the used program language - is \(2^{31}\) bytes for a matrix.
- 3.
SVM had a radial kernel with a gamma equals to the inverse of the data dimension and a cost of \(1\). RF had 500 trees.
- 4.
The experiments were executed on a MacBook Pro with 2.66 GHz Intel Core 2 Duo, 8 GB 1067 MHz DDR3.
References
Bartkewitz, T., Lemke-Rust, K.: Efficient template attacks based on probabilistic multi-class support vector machines. In: Mangard, S. (ed.) CARDIS 2012. LNCS, vol. 7771, pp. 263–276. Springer, Heidelberg (2013)
Breiman, L.: Random forests. Mach. Learn. 45, 5–32 (2001)
Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, p. 398. Springer, Heidelberg (1999)
Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski Jr, B.S., Koç, C.K., Paar, C. (eds.) CHES. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2002)
Cortes, C., Vapnik, V.: Support-vector networks. Mach. Learn. 20(3), 273–297 (1995)
Dimitriadou, E., Hornik, K., Leisch, F., Meyer, D., Weingessel, A.: e1071: misc functions of the department of statistics (e1071), TU Wien, R package version 1.6 (2011)
Gandolfi, K., Mourtel, Ch., Olivier, F.: Electromagnetic analysis: Concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, p. 251. Springer, Heidelberg (2001)
Gierlichs, B., Janussen, K.: Template attacks on masking: an interpretation. In: Lucks, S., Sadeghi, A.-R., Wolf, C., (eds.) WEWoRC (2007)
Heuser, A., Zohner, M.: Intelligent machine homicide. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 249–264. Springer, Heidelberg (2012)
Hospodar, G., Gierlichs, B., Mulder, E.D., Verbauwhede, I., Vandewalle, J.: Machine learning in side-channel analysis: a first study. J. Crypt. Eng. 1(4), 293–302 (2011)
Hospodar, G., Mulder, E.D., Gierlichs, B., Vandewalle, J., Verbauwhede, I.: Least squares support vector machines for side-channel analysis. In: Second International Workshop on Constructive SideChannel Analysis and Secure, pp. 99–104. Design Center for Advanced Security Research Darmstadt (2011)
Japkowicz, N., Stephen, S.: The class imbalance problem: a systematic study. Int. Data Anal. J. 6(5), 429–449 (2002)
Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, p. 388. Springer, Heidelberg (1999)
Lerman, L., Bontempi, G., Markowitch, O.: Side channel attack: an approach based on machine learning. In: Second International Workshop on Constructive Side Channel Analysis and Secure Design, pp. 29–41. Center for Advanced Security Research Darmstadt (2011)
Lerman, L., Bontempi, G., Markowitch, O.: Power analysis attack: an approach based on machine learning. Int. J. Appl. Crypt. 3(2), 97–115 (2014)
Lerman, L., Bontempi, G., Ben Taieb, S., Markowitch, O.: A time series approach for profiling attack. In: Gierlichs, B., Guilley, S., Mukhopadhyay, D. (eds.) SPACE 2013. LNCS, vol. 8204, pp. 75–94. Springer, Heidelberg (2013)
Liaw, A., Wiener, M.: Classification and regression by randomforest. R News 2(3), 18–22 (2002)
Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks- Revealing the Secrets of Smart Cards. Springer, Heidelberg (2007)
Martinasek, Z., Zeman, V.: Innovative method of the power analysis. Radio Eng. 22(2), 586–594 (2013)
Nassar, M., Souissi, Y., Guilley, S., Danger, J-L.: RSM: a small and fast countermeasure for AES, secure against 1st and 2nd-order zero-offset SCAs. In: Rosenstiel W.,Thiele, L. (eds.) DATE, pp. 1173–1178. IEEE (2012)
Oswald, E., Mangard, S.: Template attacks on masking—resistance is futile. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 243–256. Springer, Heidelberg (2006)
Pearson, K.: On lines and planes of closest fit to systems of points in space. Philos. Mag. 2(6), 559–572 (1901)
Peng, H., Long, F., Ding, C.: Feature selection based on mutual information criteria of max-dependency, max-relevance, and min-redundancy. IEEE Trans. Pattern Anal. Mach. Intell. 27(8), 1226–1238 (2005)
Rivain, M., Dottax, E., Prouff, E.: Block ciphers implementations provably secure against second order side channel analysis. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 127–143. Springer, Heidelberg (2008)
Schindler, W.: Advanced stochastic methods in side channel analysis on block ciphers in the presence of masking. J. Math. Crypt. 2(3), 291–310 (2008)
Schindler, W., Lemke, K., Paar, Ch.: A stochastic model for differential side channel cryptanalysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 30–46. Springer, Heidelberg (2005)
Standaert, F.-X., Archambeau, C.: Using subspace-based template attacks to compare and combine power and electromagnetic information leakages. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 411–425. Springer, Heidelberg (2008)
Standaert, F.-X., Veyrat-Charvillon, N., Oswald, E., Gierlichs, B., Medwed, M., Kasper, M., Mangard, S.: The world is not enough: another look on second-order DPA. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 112–129. Springer, Heidelberg (2010)
DPAContest V4 (2013). http://www.dpacontest.org/home/
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Lerman, L., Medeiros, S.F., Bontempi, G., Markowitch, O. (2014). A Machine Learning Approach Against a Masked AES. In: Francillon, A., Rohatgi, P. (eds) Smart Card Research and Advanced Applications. CARDIS 2013. Lecture Notes in Computer Science(), vol 8419. Springer, Cham. https://doi.org/10.1007/978-3-319-08302-5_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-08302-5_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-08301-8
Online ISBN: 978-3-319-08302-5
eBook Packages: Computer ScienceComputer Science (R0)