Skip to main content
SpringerLink
Log in

A machine learning approach against a masked AES

Reaching the limit of side-channel attacks with a learning model

  • Regular Paper
  • Published:
Journal of Cryptographic Engineering Aims and scope Submit manuscript

Abstract

Side-channel attacks challenge the security of cryptographic devices. A widespread countermeasure against these attacks is the masking approach. Masking combines sensitive variables with secret random values to reduce its leakage. In 2012, Nassar et al. (DATE, pp 1173–1178. IEEE, 2012) presented a new lightweight (low-cost) boolean masking countermeasure to protect the implementation of the Advanced Encryption Standard (AES) block-cipher. This masking scheme represents the target algorithm of the DPAContest V4 (http://www.dpacontest.org/home/, 2013). In this paper, we present the first machine learning attack against a specific masking countermeasure (more precisely the low-entropy boolean masking countermeasure of Nassar et al.), using the dataset of the DPAContest V4. We succeeded to extract each targeted byte of the key of the masked AES with \(7.8\) traces during the attacking phase with a strategy based solely on machine learning models. Finally, we compared our proposal with (1) a stochastic attack, (2) a strategy based on template attack and (3) a multivariate regression attack. We show that an attack based on a machine learning model reduces significantly the number of traces required during the attacking step compared to these profiling attacks when analyzing the same leakage information.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20
Fig. 21

Similar content being viewed by others

Notes

  1. The \(50\) instants are sorted in descending order with respect to their correlation coefficient in absolute value.

  2. Each sample of the trace is an 8-bit value. The limit of R—the used program language—is \(2^{31}\) bytes for a matrix.

  3. Note that the first four sizes represent 25, 50, 75 and 100 % of 1,500 traces.

  4. Support vector machine had a radial kernel with a gamma equals to the inverse of the data dimension and a cost of \(1\). Random forest had 500 trees.

  5. The significance level of the Gaussianity test equals \(0.05\).

References

  1. Akkar, M.-L., Giraud, C.: An implementation of DES and AES, secure against some attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES. LNCS, vol. 2162, pp. 309–318. Springer, Berlin (2001)

    Google Scholar 

  2. Bartkewitz, T., Lemke-Rust, K.: Efficient template attacks based on probabilistic multi-class support vector machines. In: Mangard, S. (ed.) CARDIS. LNCS, vol. 7771, pp. 263–276. Springer, Berlin (2012)

    Google Scholar 

  3. Breiman, L.: Random forests. Mach. Learn. 45, 5–32 (2001)

    Article  MATH  Google Scholar 

  4. Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M.J. (ed.) CRYPTO. LNCS, vol. 1666, pp. 398–412. Springer, Berlin (1999)

    Google Scholar 

  5. Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES. LNCS, vol. 2523, pp. 13–28. Springer, Berlin (2002)

  6. Coron, J.-S., Naccache, D., Kocher, P.: Statistics and secret leakage. ACM Trans. Embed. Comput. Syst. 3, 492–508 (2004)

    Article  Google Scholar 

  7. Cortes, C., Vapnik, V.: Support-vector networks. Mach. Learn. 20(3), 273–297 (1995)

    MATH  Google Scholar 

  8. Dash, M., Liu, H.: Feature selection for classification. Intell. Data Anal. 1(1–4), 131–156 (1997)

    Article  Google Scholar 

  9. Dimitriadou, E., Hornik, K., Leisch, F., Meyer, D., Weingessel, A.: e1071: Misc functions of the Department of Statistics (e1071), TU Wien. R package version 1.6 (2011)

  10. Doget, J., Prouff, E., Rivain, M., Standaert, F.-X.: Univariate side channel attacks and leakage modeling. J. Cryptogr. Eng. 1(2), 123–144 (2011)

    Article  Google Scholar 

  11. DPAContest V4. http://www.dpacontest.org/home/ (2014). Accessed 1 Feb 2014

  12. Durvaux, F., Standaert, F.-X., Veyrat-Charvillon, N.: How to certify the leakage of a chip? In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT. LNCS, vol. 8441, pp. 459–476. Springer, Berlin (2014)

    Google Scholar 

  13. Gonzalez Estrada, E., Villasenor Alva, J.A.: mvShapiroTest: generalized Shapiro–Wilk test for multivariate normality. R package version 0.0.1 (2009)

  14. Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES. LNCS, vol. 2162, pp. 251–261. Springer, Berlin (2001)

    Google Scholar 

  15. Gierlichs, B., Batina, L., Tuyls, P., Preneel, B.: Mutual information analysis—a generic side-channel distinguisher. In: CHES. LNCS, vol. 5154, pp. 426–442. Springer, Berlin (2008)

  16. Gierlichs, B., Janussen, K.: Template attacks on masking: an interpretation. In: Lucks, S., Sadeghi, A.-R., Wolf, C. (eds.) WEWoRC (2007)

  17. Gierlichs, B., Lemke-Rust, K., Paar, C.: Templates vs. stochastic methods. In: Proceedings of the 8th International Conference on Cryptographic Hardware and Embedded Systems. LNCS, vol. 4249, pp. 15–29. Springer, Berlin (2006)

  18. Golic, J.Dj., Tymen, C.: Multiplicative masking and power analysis of AES. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES. LNCS, vol. 2523, pp. 198–212. Springer, Berlin (2002)

  19. Hajra, S., Mukhopadhyay, D.: SNR to success rate: reaching the limit of non-profiling DPA. Cryptology ePrint Archive, Report 2013/865 (2013). http://eprint.iacr.org/

  20. Hastie, T., Tibshirani, R., Friedman, J.: The Elements of Statistical Learning: Data Mining, Inference and Prediction, 2nd edn. Springer, Berlin (2009)

    Book  Google Scholar 

  21. Heuser, A., Zohner, M.: Intelligent machine homicide—breaking cryptographic devices using support vector machines. In: Proceedings of the Third International Conference on Constructive Side-Channel Analysis and Secure Design. LNCS, vol. 7275, pp. 249–264. Springer, Berlin (2012)

  22. Hospodar, G., Gierlichs, B., Mulder, E.D., Verbauwhede, I., Vandewalle, J.: Machine learning in side-channel analysis: a first study. J. Cryptogr. Eng. 1(4), 293–302 (2011)

    Article  Google Scholar 

  23. Hospodar, G., Mulder, E.D., Gierlichs, B., Vandewalle, J., Verbauwhede, I.: Least squares support vector machines for side-channel analysis. In: Second International Workshop on Constructive SideChannel Analysis and Secure Design, pp. 99–104. Center for Advanced Security Research, Darmstadt (2011)

  24. Japkowicz, N., Stephen, S.: The class imbalance problem: a systematic study. Intell. Data Anal. J. 6(5), 429–449 (2002)

    MATH  Google Scholar 

  25. Kocher, P.C.: Timing attacks on implementations of Diffie–Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO. LNCS, vol. 1109, pp. 104–113. Springer, Berlin (1996)

    Google Scholar 

  26. Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: CRYPTO. LNCS, pp. 388–397. Springer, Berlin (1999)

  27. Lerman, L., Bontempi, G., Markowitch, O.: Side channel attack: an approach based on machine learning. In: Second International Workshop on Constructive SideChannel Analysis and Secure Design, pp. 29–41. Center for Advanced Security Research, Darmstadt (2011)

  28. Lerman, L., Bontempi, G., Markowitch, O.: Power analysis attack: an approach based on machine learning. Int. J. Appl. Cryptogr. 3(2), 97–115 (2014)

    Article  MATH  Google Scholar 

  29. Lerman, L., Bontempi, G., Ben Taieb, S., Markowitch, O.: A time series approach for profiling attack. In: Gierlichs, B., Guilley, S., Mukhopadhyay, D. (eds.) SPACE. LNCS, vol. 8204, pp. 75–94. Springer, Berlin (2013)

  30. Lerman, L., Fernandes Medeiros, S., Bontempi, G., Markowitch, O.: A machine learning approach against a masked AES. In: Francillon, A., Rohatgi, P. (eds.) International Conference on Smart Card Research and Advanced Applications (CARDIS). LNCS. Springer, Berlin (2013)

  31. Liaw, A., Wiener, M.: Classification and regression by randomforest. R News 2(3), 18–22 (2002)

    Google Scholar 

  32. Lomné, V., Prouff, E., Roche, T.: Behind the scene of side channel attacks. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT. LNCS, vol. 8269, pp. 506–525. Springer, Berlin (2013)

    Google Scholar 

  33. Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks—Revealing the Secrets of Smart Cards. Springer, Berlin (2007)

    MATH  Google Scholar 

  34. Mardia, K.V.: Measures of multivariate skewness and kurtosis with applications. Biometrika 57(3), 519–530 (1970)

    Article  MATH  MathSciNet  Google Scholar 

  35. Martinasek, Z., Zeman, V.: Innovative method of the power analysis. Radioengineering 22(2), 586–594 (2013)

    Google Scholar 

  36. Messerges, T.S.: Securing the AES finalists against power analysis attacks. In: Goos, G., Hartmanis, J., Leeuwen, J., Schneier, B. (eds.) FSE. LNCS, vol. 1978, pp. 150–164. Springer, Berlin (2001)

    Google Scholar 

  37. Montminy, D.P., Baldwin, R.O., Temple, M.A., Laspe, E.D.: Improving cross-device attacks using zero-mean unit-variance normalization. J. Cryptogr. Eng. 3(2), 99–110 (2013)

    Article  Google Scholar 

  38. Moradi, A., Guilley, S., Heuser, A.: Detecting hidden leakages. Cryptology ePrint Archive, Report 2013/842 (2013). http://eprint.iacr.org/

  39. Nassar, M., Souissi, Y., Guilley, S., Danger, J.-L.: RSM: a small and fast countermeasure for AES, secure against 1st and 2nd-order zero-offset SCAs. In: Rosenstiel, W., Thiele, L. (eds.) DATE, pp. 1173–1178. IEEE (2012)

  40. Oswald, E., Mangard, S.: Template attacks on masking-resistance is futile. In: Abe, M. (ed.) Topics in Cryptology—CT-RSA 2007. LNCS, vol. 4377, pp. 243–256. Springer, Berlin (2006)

    Chapter  Google Scholar 

  41. Pearson, K.: On lines and planes of closest fit to systems of points in space. Philos. Mag. 2(6), 559–572 (1901)

    Article  Google Scholar 

  42. Peng, H., Long, F., Ding, C.: Feature selection based on mutual information criteria of max-dependency, max-relevance, and min-redundancy. IEEE Trans. Pattern Anal. Mach. Intell. 27(8), 1226–1238 (2005)

    Article  Google Scholar 

  43. Prouff, E.: DPA attacks and S-boxes. In: Gilbert, H., Handschuh, H. (eds.) Fast Software Encryption. LNCS, vol. 3557, pp. 424–441. Springer, Berlin (2005)

    Chapter  Google Scholar 

  44. Rivain, M., Dottax, E., Prouff, E.: Block ciphers implementations provably secure against second order side channel analysis. In: Nyberg, K. (ed.) FSE. LNCS, vol. 5086, pp. 127–143. Springer, Berlin (2008)

    Google Scholar 

  45. Schindler, W.: Advanced stochastic methods in side channel analysis on block ciphers in the presence of masking. J. Math. Cryptol. 2(3), 291–310 (2008)

    Article  MATH  MathSciNet  Google Scholar 

  46. Schindler, W., Lemke, K., Paar, C.: A stochastic model for differential side channel cryptanalysis. In: Rao, J.R., Sunar, B. (eds.) CHES. LNCS, vol. 3659, pp. 30–46. Springer, Berlin (2005)

    Google Scholar 

  47. Standaert, F.-X., Archambeau, C.: Using subspace-based template attacks to compare and combine power and electromagnetic information leakages. In: Oswald, E., Rohatgi, P. (eds.) CHES. LNCS, vol. 5154, pp. 411–425. Springer, Berlin (2008)

    Google Scholar 

  48. Standaert, F.-X., Veyrat-Charvillon, N., Oswald, E., Gierlichs, B., Medwed, M., Kasper, M., Mangard, S.: The world is not enough: another look on second-order DPA. In: Abe, M. (ed.) ASIACRYPT. LNCS, vol. 6477, pp. 112–129. Springer, Berlin (2010)

    Google Scholar 

  49. Sugawara, T., Homma, N., Aoki, T., Satoh, A.: Profiling attack using multivariate regression analysis. IEICE Electron. Express 7(15), 1139–1144 (2010)

    Article  Google Scholar 

  50. von Willich, M.: A technique with an information-theoretic basis for protecting secret data from differential power attacks. In: Honary, B. (ed.) IMA International Conference. LNCS, vol. 2260, pp. 44–62. Springer, Berlin (2001)

    Google Scholar 

  51. Whitnall, C., Oswald, E.: Profiling DPA: efficacy and efficiency trade-offs. In: Bertoni, G., Coron, J.-S. (eds.) CHES. LNCS, vol. 8086, pp. 37–54. Springer, Berlin (2013)

    Google Scholar 

  52. Whitnall, C., Oswald, E., Mather, L.: An exploration of the Kolmogorov–Smirnov test as a competitor to mutual information analysis. In: Prouff, E. (ed.) CARDIS. LNCS, vol. 7079, pp. 234–251. Springer, Berlin (2011)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Quality and Security of Information Systems, Département d’informatique, Université Libre de Bruxelles, Brussels, Belgium

    Liran Lerman & Olivier Markowitch

  2. Machine Learning Group, Département d’informatique, Université Libre de Bruxelles, Brussels, Belgium

    Liran Lerman & Gianluca Bontempi

Authors
  1. Liran Lerman
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gianluca Bontempi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Olivier Markowitch
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Liran Lerman.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Lerman, L., Bontempi, G. & Markowitch, O. A machine learning approach against a masked AES. J Cryptogr Eng 5, 123–139 (2015). https://doi.org/10.1007/s13389-014-0089-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13389-014-0089-3

Keywords

Search

Navigation