recent advances in side channel analysis using machine
play

Recent advances in side- channel analysis using machine learning - PowerPoint PPT Presentation

Apr 17, 2023 •3.86k likes •4.52k views

Recent advances in side- channel analysis using machine learning techniques Annelie Heuser with Stjepan Picek, Sylvain Guilley, Alan Jovic, Shivam Bhasin, Tania Richmond, Karlo Knezevic In this talk Short recap on side-channel analysis

  1. Recent advances in side- channel analysis using machine learning techniques Annelie Heuser with Stjepan Picek, Sylvain Guilley, Alan Jovic, Shivam Bhasin, Tania Richmond, Karlo Knezevic

  2. In this talk… • Short recap on side-channel analysis and datasets • Evaluation metrics in SCA vs ML • Redefinition of profiled side-channel analysis through semi-supervised learning • Learning with imbalanced data • New approach to compare profiled side-channel attacks: e ffi cient attacker framework

  3. Side-channel analysis Invasive hardware attacks, proceeding in two steps: 1) During cryptographic operations capture additional side-channel information • power consumption/ electromagnetic emanation • timing • noise, … Side- 2) Side-channel distinguisher to channel Input reveal the secret distinguisher

  4. Profiled SCA • strongest attacker model • attacker processes two devices - profiling and attacking • attention on devices and overfitting

  5. Profiled SCA • Profiling phase: building model La # samples Traces be ls # points key MODEL Algorithm

  6. Profiled SCA • Attacking phase: for each trace in the attacking phase, get the probability that the trace belongs to a certain class label Trace Algorithm Probability MODEL # key guesses

  7. Profiled SCA • Attacking phase: maximum likelihood principle to calculate that a set of traces belongs to a certain key } Trace Probabilities Probabilities Trace Probabilities Probabilities Trace key ranking … Trace Probabilities # key guesses

  8. Template attack • first profiled attack • optimal from an information theoretical point of view MODEL Algorithm Density estimation densities • may not be optimal in practice (limited profiling phase) • often works with the pre-assumption that the noise is normal distributed • to estimate: mean and covariances for each class label • pooled version

  9. Support Vector Machines • one of first introduced machine learning algorithm to SCA • shown to be e ff ective when the number of profiling traces is not “unlimited” • support vectors are estimated in profiling phase MODEL Algorithm hyperplanes / 
 SVM support vectors

  10. Random Forest • one of first introduced machine learning algorithm to SCA • shown to be e ff ective when the number of profiling traces is not “unlimited” • often less e ff ective as SVM, but way more e ffi cient in the training phase MODEL Algorithm RF trees

  11. Neural Networks • new hype for side-channel analysis • can be really e ff ective in particular with countermeasures • so far most investigated are CNN and MLP MODEL Algorithm network design/ 
 CNN/MLP weights

  12. Guessing: labels vs keys • Make “models” on: • secret key directly or • intermediate values related to the key • Function between intermediate value and secret key • one-to-one (e.g. value = ) • one-to-many (e.g. value = )

  13. Dataset 1 • Low noise dataset - DPA contest v4 (publicly available) • Atmel ATMega-163 smart card connected to a SASEBO- W board • AES-256 RSM 
 (Rotating SBox Masking) • In this talk: 
 mask assumed known

  14. Leakage • Correlation between HW of the Sbox output and traces

  15. Leakage densities • In low noise scenarios: HW easily distinguishable

  16. Dataset 2 • High noise dataset (still unprotected!) • AES-128 core was written in VHDL in a round based architecture (11 clock cycles for each encryption). • The design was implemented on Xilinx Virtex-5 FPGA of a SASEBO GII evaluation board. • publicly available on github: 
 https://github.com/AESHD/AES HD Dataset

  17. Leakage • Correlation between HD of the Sbox output (last round) and traces

  18. Leakage densities • High noise scenario: densities of HWs

  19. Dataset 3 • AES-128: Random delay countermeasure => misaligned • 8-bit Atmel AVR microcontroller • publicly available on github: https://github.com/ ikizhvatov/randomdelays-traces

  20. Leakage

  21. Leakage densities • High noise, random delay dataset

  22. Evaluation metrics in SCA vs ML

  23. Evaluation metrics • common side-channel metrics • Success rate : Average estimated probability of success • Guessing entropy: Average secret key rank • depends on the number of traces used in the attacking phase • average is computed from E number of experiments

  24. Evaluation metrics • Accuracy: commonly used in machine learning applications • average estimated probability (percentage) of correct classification • averaged over the number of traces used in the attacking phase (not over the experiments) • accuracy cannot be translated into guessing entropy/ success rate! • is particularly important when the values to classify are not uniformly distributed • indication: high accuracy => good side-channel performance (not vice versa)

  25. SR/GE vs acc Label prediction vs fixed key prediction • accuracy: each label is considered independently (along #measurements) • SR/GE: computed regarding fixed key, accumulated over #measurements • low accuracy may not indicate low SR/GE • even accuracies below random guessing may lead to high SR/low GE for a large #measurements • random guessing should lead to low SR/ GE around 2^n/2 (n=#bits)

  26. SR/GE vs acc Global accuracy vs class accuracy • only relevant for non-bijective function between class and key (e.g. class involved the HW) • the importance to correctly classify more unlikely values in the class may be more significant than others • accuracy is averaged over all class values • recall may be more precise

  27. Discussion • May there be another ML metric which is better related to GE/SR? • In our experiments we could not find any other metric from the set of “usual” ML metrics… • What to do about training? Can’t we just use GE/SR…. • Not as straightforward, and integrating GE/SR will make the training extremely more expensive • not all ML techniques are outputting probabilities • For DL recent advances with cross entropy… • more details in: Stjepan Picek, Annelie Heuser, Alan Jovic, Shivam Bhasin, Francesco Regazzoni: The Curse of Class Imbalance and Conflicting Metrics with Machine Learning for Side-channel Evaluations. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2019(1): 209-237 (2019)

  28. Redefinition of profiled side- channel analysis through semi- supervised learning

  29. Attacker models • profiled (traditional view): 
 attacker processes two devices - profiling and attacking

  30. Attacker models • profiled (more realistic?!): 
 attacker processes two devices - profiling and attacking

  31. Semi-supervised Learning • Labeled data (profiling device) • Unlabeled data (attacking device) • Combined in the profiling phase to build more realistic model about the attacking device

  32. Semi-supervised approach • Settings: 25k traces total – (100+24.9k): l = 100 , u = 24900 → 0.4% vs 99.6% – (500+24.5k): l = 500 , u = 24500 → 2% vs 98% – (1k+24k): l = 1000 , u = 24000 → 4% vs 96% – (10k+15k): l = 10000 , u = 15000 → 40% vs 60% – (20k+5k): l = 20000 , u = 5000 → 80% vs 20% • the smaller the training set the higher the influence • labeling strategies: • Self-training: classifier trained with labeled data, used to predict unlabelled data, label assigned when probability > threshold • label spreading: label spread according to their proximity

  33. Semi-supervised approach • Dataset 1: Low noise unprotected, HW model

  34. Semi-supervised approach • Dataset 2: High noise unprotected, HW model

  35. Semi-supervised approach • Dataset 2: High noise unprotected, HW model

  36. Semi-supervised approach • Dataset 3: High noise with random delay, intermediate value model

  37. Observations • works in cases of 9 and 256 classes and high and low noise!! • self-training most e ff ective in our studies • the higher the noise in the dataset the more labeled data is required: • Dataset 1: improvements for 100 and 500 labeled data • Dataset 2: improvements mostly for 1k labeled data • Dataset 3: improvements for 20k labeled data • More details in: Stjepan Picek, Annelie Heuser, Alan Jovic, Karlo Knezevic, Tania Richmond: Improving Side-Channel Analysis Through Semi-supervised Learning . CARDIS 2018: 35-50

  38. Learning with imbalanced data

  39. Imbalanced data • Hamming weight leakage model commonly used • may not reflect realistic leakage model, but reduces the complexity of learning • works (su ffi ciently good) in many scenarios for attacking • for example, occurrences of Hamming weights for 8-bit variables:

  40. Why do we care? • most machine learning techniques are “designed” to maximise accuracy • predicting always HW class 4 gives accuracy of 27% • is not related to secret key value and therefore does not give any information for SCA • in general: less populated classes give more information about key than higher populated

  41. Data sampling techniques • How to transform the data set size to achieve balancedness? • throw away => random under sampling • use data multiple times => random oversampling with replacement • add synthetic data => synthetic minority oversampling technique (SMOTE) • add synthetic data + clean “noisy” data: synthetic minority oversampling technique with edited nearest neighbour (SMOTE+ENN)

Recommend

The Curse of Class Imbalance and Conflicting Metrics with Machine Learning for Side-channel

The Curse of Class Imbalance and Conflicting Metrics with Machine Learning for Side-channel

The Curse of Class Imbalance and Conflicting Metrics with Machine Learning for Side-channel Evaluations Stjepan Picek, Annelie Heuser, Alan Jovic, Shivam Bhasin, and Francesco Regazzoni Big Picture side-channel measurements device classifier

822 views • 33 slides
Side Channel Analysis and Embedded Systems Impact and Countermeasures Job de Haas Black Hat DC

Side Channel Analysis and Embedded Systems Impact and Countermeasures Job de Haas Black Hat DC

Side Channel Analysis and Embedded Systems Impact and Countermeasures Job de Haas Black Hat DC February 21, 2008 Black Hat USA 2007 Agenda Advances in Embedded Systems Security From USB stick to game console Current

673 views • 42 slides
Profiled Side-Channel Analysis Guilherme Perin , Lukasz Chmielewski, Stjepan Picek In

Profiled Side-Channel Analysis Guilherme Perin , Lukasz Chmielewski, Stjepan Picek In

Conference on Cryptographic Hardware and Embedded Systems (CHES) 2020 Strength in Numbers: Improving Generalization with Ensembles in Machine Learning-based Profiled Side-Channel Analysis Guilherme Perin , Lukasz Chmielewski, Stjepan Picek In

468 views • 25 slides
Side Channel Analysis and Embedded Systems Impact and Countermeasures Job de Haas Black Hat

Side Channel Analysis and Embedded Systems Impact and Countermeasures Job de Haas Black Hat

Side Channel Analysis and Embedded Systems Impact and Countermeasures Job de Haas Black Hat Europe 2008 Black Hat Europe 2008 Agenda Advances in Embedded Systems Security From USB stick to game console Current attacks

653 views • 42 slides
Recent Advances in Machine Learning for Mathematical Reasoning Steven Van Vaerenbergh

Recent Advances in Machine Learning for Mathematical Reasoning Steven Van Vaerenbergh

Recent Advances in Machine Learning for Mathematical Reasoning Steven Van Vaerenbergh Universidad de Cantabria Symposium on Artificial Intelligence for Mathematics Education CIEM, Castro Urdiales, February 2020 Motivation Machine Learning

318 views • 31 slides
Glitching and Side-Channel Analysis for All Colin OFlynn NewAE Technology Inc. RECON 2015

Glitching and Side-Channel Analysis for All Colin OFlynn NewAE Technology Inc. RECON 2015

Glitching and Side-Channel Analysis for All Colin OFlynn NewAE Technology Inc. RECON 2015 Montreal, QC. Overview W.t.f is side-channel power analysis (again) Example: IEEE 802.15.4 Node Example: AES-256 Bootloader W.t.f.

633 views • 47 slides
Enhancing the Power of Deep Learning in Side-Channel Analysis? Breaking multiple layers of

Enhancing the Power of Deep Learning in Side-Channel Analysis? Breaking multiple layers of

Plaintext: A Missing Feature for Enhancing the Power of Deep Learning in Side-Channel Analysis? Breaking multiple layers of side-channel countermeasures Anh-Tuan Hoang, Neil Hanley and Mire ONeill CHES 2020 14-18 September 2020 Outline

622 views • 21 slides
Recent Advances in Adversarial Machine Learning Nicholas Carlini Google Research Recent

Recent Advances in Adversarial Machine Learning Nicholas Carlini Google Research Recent

Recent Advances in Adversarial Machine Learning Nicholas Carlini Google Research Recent Advances in Adversarial (Examples in) Machine Learning Nicholas Carlini Google Research The Year is 2014 Someone tells you they have a new algorithm to

1.52k views • 139 slides
Recent Advances in Photonic Recent Advances in Photonic effect employing IP- based distributed

Recent Advances in Photonic Recent Advances in Photonic effect employing IP- based distributed

Development of Photonic Network Optical burst switching Next Generation Enhancement of Networks Dynamic (Adaptive) Optical Path Control statistical >10Tb/s multiplexing Photonic MPLS Network Recent Advances in Photonic Recent Advances

762 views • 8 slides
A Comprehensive Study of Deep Learning for Side-Channel Analysis c Masure 1,3 ecile Dumas 1

A Comprehensive Study of Deep Learning for Side-Channel Analysis c Masure 1,3 ecile Dumas 1

A Comprehensive Study of Deep Learning for Side-Channel Analysis A Comprehensive Study of Deep Learning for Side-Channel Analysis c Masure 1,3 ecile Dumas 1 Emmanuel Prouff 2, 3 Lo C 1 Univ. Grenoble Alpes, CEA, LETI, DSYS, CESTI, F-38000

1.39k views • 86 slides
rol Re Recent Advances in Paper Machine Contro Q. Lu 1 , M.G. Forbes 2 , R.B. Gopaluni 1 , P.D.

rol Re Recent Advances in Paper Machine Contro Q. Lu 1 , M.G. Forbes 2 , R.B. Gopaluni 1 , P.D.

rol Re Recent Advances in Paper Machine Contro Q. Lu 1 , M.G. Forbes 2 , R.B. Gopaluni 1 , P.D. Loewen 1 , J.U. Backstrm 2 , G.A. Dumont 1 1 - University of British Columbia 2 - Honeywell Process Solutions Vancouver, Canada LCCC Process

546 views • 43 slides
The Best of Both Worlds Combining Recent Advances in Neural Machine Translation Mia Xu Chen*

The Best of Both Worlds Combining Recent Advances in Neural Machine Translation Mia Xu Chen*

The Best of Both Worlds Combining Recent Advances in Neural Machine Translation Mia Xu Chen* Orhan Firat * Ankur Bapna * Melvin Johnson Wolfgang Macherey George Foster Llion Jones Mike Schuster Noam Shazeer Niki Parmar

221 views • 19 slides
Em ploying Recent Advances in Machine Learning for Opinion Sum m arization Claire Cardie

Em ploying Recent Advances in Machine Learning for Opinion Sum m arization Claire Cardie

Em ploying Recent Advances in Machine Learning for Opinion Sum m arization Claire Cardie Department of Computer Science Cornell University CERATOPS Center for Extraction and Summarization of Events and Opinions in Text Janyce Wiebe, U.

472 views • 22 slides
Recent Advances in Machine Learning And Their Application to Networking David Meyer

Recent Advances in Machine Learning And Their Application to Networking David Meyer

Recent Advances in Machine Learning And Their Application to Networking David Meyer dmm@{brocade.com,uoregon.edu,1-4-5.net,..} http://www.1-4-5.net/~dmm/talks/2015/thursday_lunch_ietf93.pptx IETF 93 23 July 2015 Prague, Czech Republic Goals

386 views • 38 slides
SIDE-CHANNEL ATTACKS ON HARDWARE IMPLEMENTATIONS OF CRYPTOGRAPHIC ALGORITHMS Sddka Berna

SIDE-CHANNEL ATTACKS ON HARDWARE IMPLEMENTATIONS OF CRYPTOGRAPHIC ALGORITHMS Sddka Berna

SIDE-CHANNEL ATTACKS ON HARDWARE IMPLEMENTATIONS OF CRYPTOGRAPHIC ALGORITHMS Sddka Berna Ors Yal cn Istanbul Technical University Department of Electronics and Communication Engineering Introduction A side-channel analysis attack

1.81k views • 99 slides
Non-Profiled Deep Learning-based Side-Channel attacks with Sensitivity Analysis Benjamin Timon

Non-Profiled Deep Learning-based Side-Channel attacks with Sensitivity Analysis Benjamin Timon

Non-Profiled Deep Learning-based Side-Channel attacks with Sensitivity Analysis Benjamin Timon August 28, 2019 Python notebook presentation for CHES 2019 1 Introduction & Motivation Profiled vs Non-Profiled attacks Machine Learning trend

407 views • 14 slides
HOST SCA Countermeasures I ECE 525 Side-Channel Analysis (SCA) Countermeasures Reference

HOST SCA Countermeasures I ECE 525 Side-Channel Analysis (SCA) Countermeasures Reference

HOST SCA Countermeasures I ECE 525 Side-Channel Analysis (SCA) Countermeasures Reference Mangard et. al, "Power Analysis Attacks, Revealing the Secrets of Smart Cards", Springer, 2009 Power analysis attacks are effective because the

479 views • 19 slides
Introduction to Side-Channel Analysis Franois-Xavier Standaert UCL Crypto Group, Belgium

Introduction to Side-Channel Analysis Franois-Xavier Standaert UCL Crypto Group, Belgium

Introduction to Side-Channel Analysis Franois-Xavier Standaert UCL Crypto Group, Belgium Summer school on real-world crypto, 2016 Outline Link with linear cryptanalysis Standard Differential Power Analysis Noise-based security (is

1.17k views • 92 slides
Recent Advances in Biomolecular NMR Lucia Banci CERM University of Florence Recent Advances

Recent Advances in Biomolecular NMR Lucia Banci CERM University of Florence Recent Advances

Recent Advances in Biomolecular NMR Lucia Banci CERM University of Florence Recent Advances in Biomolecular NMR Protonless NMR for the characterization of Unfolded proteins, Large protein assemblies, Paramagnetic systems I n cell

1.23k views • 70 slides
Recent Advances in Biomolecular NMR Lucia Banci CERM University of Florence Recent Advances

Recent Advances in Biomolecular NMR Lucia Banci CERM University of Florence Recent Advances

Recent Advances in Biomolecular NMR Lucia Banci CERM University of Florence Recent Advances in Biomolecular NMR Protonless NMR for the characterization of Unfolded proteins, Large protein assemblies, Paramagnetic systems I n cell

635 views • 42 slides
Recent Advances in Software for Space-Time Data Analysis Sergio J. Rey GeoDa Center for

Recent Advances in Software for Space-Time Data Analysis Sergio J. Rey GeoDa Center for

Recent Advances in Software for Space-Time Data Analysis Sergio J. Rey GeoDa Center for Geospatial Analysis and Computation School of Geographical Sciences and Urban Planning Arizona State University Future Directions in Spatial Demography

849 views • 55 slides
Introduction to (profiled) side-channel analysis Annelie Heuser In this talk back to

Introduction to (profiled) side-channel analysis Annelie Heuser In this talk back to

Introduction to (profiled) side-channel analysis Annelie Heuser In this talk back to the basics!! details on power / EM leakage (low/high noise scenario) how/where to attack AES? di ff erent attacker models overview of

1.28k views • 74 slides
+ Side Channel and Covert Channel A1acks on Microkernel

+ Side Channel and Covert Channel A1acks on Microkernel

+ Side Channel and Covert Channel A1acks on Microkernel Architectures WAMOS 2015 Advanced Opera3ng Systems Hochschule RheinMain Alexander Baumgrtner and

539 views • 25 slides
Recent Advances and Key Challenges Russ Salakhutdinov Machine Learning Department Carnegie Mellon

Recent Advances and Key Challenges Russ Salakhutdinov Machine Learning Department Carnegie Mellon

Recent Advances and Key Challenges Russ Salakhutdinov Machine Learning Department Carnegie Mellon University Canadian Institute for Advanced Research Key Challenges Multimodal Learning Reasoning, Attention and Memory Natural Language

749 views • 37 slides

More recommend