Deep learning side-channel analysis on large-scale traces: A Case Study on a Polymorphic AES
Autor: | Masure, Loïc, Belleville, Nicolas, Cagli, Eleonora, Cornélie, Marie-Angela, Couroussé, Damien, Dumas, Cécile, Maingault, Laurent |
---|---|
Přispěvatelé: | Département Systèmes (DSYS), Commissariat à l'énergie atomique et aux énergies alternatives - Laboratoire d'Electronique et de Technologie de l'Information (CEA-LETI), Direction de Recherche Technologique (CEA) (DRT (CEA)), Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Direction de Recherche Technologique (CEA) (DRT (CEA)), Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Commissariat à l'énergie atomique et aux énergies alternatives (CEA), Polynomial Systems (PolSys), LIP6, Sorbonne Université (SU)-Centre National de la Recherche Scientifique (CNRS)-Sorbonne Université (SU)-Centre National de la Recherche Scientifique (CNRS), Laboratoire Fonctions Innovantes pour circuits Mixtes (LFIM), Université Grenoble Alpes (UGA)-Département Systèmes et Circuits Intégrés Numériques (DSCIN), Laboratoire d'Intégration des Systèmes et des Technologies (LIST), Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Laboratoire d'Intégration des Systèmes et des Technologies (LIST), ANR-10-AIRT-0005,NANOELEC,NANOELEC(2010) |
Jazyk: | angličtina |
Rok vydání: | 2020 |
Předmět: | |
Zdroj: | Computer Security – ESORICS 2020 ESORICS 2020: Computer Security ESORICS 2020: Computer Security, Sep 2020, Guildford, United Kingdom. pp.440-460, ⟨10.1007/978-3-030-58951-6_22⟩ |
Popis: | ESORICS 2020 - European Symposium on Research in Computer Security; International audience; $Code\ polymorphism$ is a way to efficiently address the challenge of automatically applying the hiding of sensitive information leakage, as a way to protect cryptographic primitives against side-channel attacks (SCA) involving layman adversaries. Yet, recent improvements in SCA, involving more powerful threat models, e.g., using deep learning, emphasized the weaknesses of some hiding countermeasures. This raises two questions. On the one hand, the security of code polymorphism against more powerful attackers, which has never been addressed so far, might be affected. On the other hand, using deep learning SCA on code polymorphism would require to scale the state-ofthe-art models to much larger traces than considered so far in the literature. Such a case typically occurs with code polymorphism due to the unknown precise location of the leakage from one execution to another. We tackle those questions through the evaluation of two polymorphic implementations of AES, similar to the ones used in a recent paper published in TACO 2019 [6]. We show on our analysis how to efficiently adapt deep learning models used in SCA to scale on traces 32 folds larger than what has been done so far in the literature. Our results show that the targeted polymorphic implementations are broken within 20 queries with the most powerful threat models involving deep learning, whereas 100,000 queries would not be sufficient to succeed the attacks previously investigated against code polymorphism. As a consequence, this paper pushes towards the search of new polymorphic implementations secured against state-of-the-art attacks, which currently remains to be found. |
Databáze: | OpenAIRE |
Externí odkaz: |