Wei Yang,Hailong Zhang,Yansong Gao,Anmin Fu,Songjie Wei

DOI: https://doi.org/10.1109/iccd50377.2020.00098

2020-01-01

Abstract:Side-channel analysis (SCA) becomes a serious realistic threat to crypto devices, it is thus imperative to evaluate the resistance of a device to SCA. Side-channel leakage detection aiming to identify the leakage points potentially revealing secrets in side channel signals, is considered as a preliminary step before further security assessment. This work proposes a novel black-box leakage detection approach, which views the side channel as a constant parameter communication channel when it outputs leakage points. The approach distinguishes leakage points by utilizing the kurtosis-based consistency check for channel parameter estimators. To examine the efficiency of this approach, false negative and false positive rates were first quantitatively analyzed by comprehensive experiments. Considering the fact that side-channel leakage can be from multiple channels in practice, we further investigated the applicability of the proposed approach to multi-channel leakage detection. Interestingly, equipped with the proposed detection approach, we correspondingly devised a novel side-channel attack exploiting a kurtosis-based distinguisher. Overall, extensive experiments have validated the efficiencies of our proposed leakage detection method and the novel SCA attack.

Wei Yang,Yuchen Cao,Yongbin Zhou,Hailong Zhang,Qian Zhang

DOI: https://doi.org/10.1109/lsp.2016.2521441

2016-01-01

IEEE Signal Processing Letters

Abstract:Side Channel Attack (SCA) recovers secret information from an embedded device with implementation of cryptographic algorithm by exploiting its physical leakages. For most SCA methods to achieve good performance, the measured leakages are often desired to be well aligned. However, due to some specific reasons such as inaccurate measurements or carefully designed countermeasures, misalignment of leakages frequently occurs in practice. Misalignment significantly reduces the efficiency of SCA methods, or even makes them fail. To address this issue, two alignment approaches are proposed: a local alignment based on shotgun distance and a global alignment based on weighted edit distance. Compared with previous methods, the proposed methods are capable of keeping the secret dependant leakages, while not introducing any redundant information. In addition, the proposed methods could also reduce the negative effects of noise, which is another factor seriously decreasing the efficiency of SCA methods. Interestingly, it is pretty easy to set appropriate parameters for these two methods. Practical experiments show that the proposed methods outperform previous methods in three different circumstances and different noise levels.

Anni Jia,Wei Yang,Gongxuan Zhang

DOI: https://doi.org/10.1109/bigdatase50710.2020.00025

2020-01-01

Abstract:Side channel attacks (SCA) are powerful tools to recover the secret keys of cryptographic devices by employing physical leakages of the devices. In practice, numerous countermeasures (e.g.random process interrupts) and unintentional factors (e.g.imprecise triggering) are able to significantly degrade the performance of side channel attacks (SCA) by producing misaligning leakage measurements. The main solution to over-coming influences of misalignment is to align these traces before mounting an attack. According to this view, this paper proposes a novel leakage alignment method based on the longest common subsequence (LCS) algorithm. Initially, the misaligned traces are preprocessed by non-uniform quantification to remove part of the noise and retain the key-dependent information. Subsequently, the quantified traces are converted into symbols for sequence comparison. Finally, the aligned traces are obtained by inserting and deleting operations. Experiments for different cryptographic implementations with different levels of noise are carried out on several different devices. The experimental results show that the proposed method is effective for countering leakage misalignment and robust under high noise. Especially, it is still effective for multi-channel leakage alignment.

Yufeng Tang,Zheng Gong,Tao Sun,Jinhai Chen,Fan Zhang

DOI: https://doi.org/10.1007/978-3-030-88323-2_22

2021-01-01

Abstract:White-box block cipher (WBC) aims at protecting the secret key of a block cipher even if an adversary has full control over the implementations. At CHES 2016, Bos et al. proved that WBC are also threatened by side-channel analysis (SCA), e.g., differential fault analysis (DFA) and differential computation analysis (DCA). Therefore, advanced countermeasures have been proposed by Lee et al. for resisting DFA and DCA, such as table redundancy and improved masking methods, respectively. In this paper, we introduce a new adaptive side-channel analysis model which assumes that an adversary adaptively collects the intermediate values of a specific function and can mount the DFA/DCA attack with chosen inputs. In the adaptive SCA model, both theoretical analysis and experimental results show that Lee et al.’s proposed methods are vulnerable to DFA and DCA attacks. Moreover, a negative proposition is also demonstrated on the corresponding high-order countermeasures under our new model.

Xinjie Zhao,Fan Zhang,Shize Guo,Tao Wang,Zhijie Shi,Huiying Liu,Keke Ji

DOI: https://doi.org/10.1007/978-3-642-29912-4_17

2012-01-01

Abstract:Algebraic side-channel attack (ASCA) is a powerful cryptanalysis technique different from conventional side-channel attacks. This paper studies ASCA from three aspects: enhancement, analysis and application. To enhance ASCA, we propose a generic method, called Multiple Deductions-based ASCA (MDASCA), to cope the multiple deductions caused by inaccurate measurements or interferences. For the first time, we show that ASCA can exploit cache leakage models. We analyze the attacks and estimate the minimal amount of leakages required for a successful ASCA on AES under different leakage models. In addition, we apply MDASCA to attack AES on an 8-bit microcontroller under Hamming weight leakage model, on two typical microprocessors under access driven cache leakage model, and on a 32-bit ARM microprocessor under trace driven cache leakage model. Many better results are achieved compared to the previous work. The results are also consistent with the theoretical analysis. Our work shows that MDASCA poses great threats with its excellence in error tolerance and new leakage model exploitation.

Max Panoff,Honggang Yu,Haoqi Shan,Yier Jin

DOI: https://doi.org/10.1145/3517810

2024-02-04

Abstract:Side Channel Analysis (SCA) presents a clear threat to privacy and security in modern computing systems. The vast majority of communications are secured through cryptographic algorithms. These algorithms are often provably-secure from a cryptographical perspective, but their implementation on real hardware introduces vulnerabilities. Adversaries can exploit these vulnerabilities to conduct SCA and recover confidential information, such as secret keys or internal states. The threat of SCA has greatly increased as machine learning, and in particular deep learning, enhanced attacks become more common. In this work, we will examine the latest state-of-the-art deep learning techniques for side channel analysis, the theory behind them, and how they are conducted. Our focus will be on profiling attacks using deep learning techniques, but we will also examine some new and emerging methodologies enhanced by deep learning techniques, such as non-profiled attacks, artificial trace generation, and others. Finally, different deep learning enhanced SCA schemes attempted against the ANSSI SCA Database (ASCAD) and their relative performance will be evaluated and compared. This will lead to new research directions to secure cryptographic implementations against the latest SCA attacks.

Cryptography and Security,Machine Learning

Shan Jin,Minghua Xu,Yiwei Cai

2023-10-25

Abstract:Side-channel attacks (SCAs), which infer secret information (for example secret keys) by exploiting information that leaks from the implementation (such as power consumption), have been shown to be a non-negligible threat to modern cryptographic implementations and devices in recent years. Hence, how to prevent side-channel attacks on cryptographic devices has become an important problem. One of the widely used countermeasures to against power SCAs is the injection of random noise sequences into the raw leakage traces. However, the indiscriminate injection of random noise can lead to significant increases in energy consumption in device, and ways must be found to reduce the amount of energy in noise generation while keeping the side-channel invisible. In this paper, we propose an optimal energy-efficient design for artificial noise generation to prevent side-channel attacks. This approach exploits the sparsity among the leakage traces. We model the side-channel as a communication channel, which allows us to use channel capacity to measure the mutual information between the secret and the leakage traces. For a given energy budget in the noise generation, we obtain the optimal design of the artificial noise injection by solving the side-channel's channel capacity minimization problem. The experimental results also validate the effectiveness of our proposed scheme.

Cryptography and Security,Signal Processing

Shize Guo,Xinjie Zhao,Fan Zhang,Tao Wang,Zhijie Jerry Shi,Francois-Xavier Standaert,Chujiao Ma

DOI: https://doi.org/10.1109/tifs.2014.2315534

IF: 7.231

2014-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Algebraic side-channel attack (ASCA) is a typical technique that relies on a general solver to solve the equations of a cipher and its side-channel leaks. It falls under analytical side-channel attack and can recover the entire key at once. Many ASCAs are proposed against the AES, and they utilize the Grobner basis-based, SAT-based, or optimizer-based solver. The advantage of the general solver approach is its generic feature, which can be easily applied to different cryptographic algorithms. The disadvantage is that it is difficult to take into account the specialized properties of the targeted cryptographic algorithms. The results vary depending on what type of solver is used, and the time complexity is quite high when considering the error-tolerant attack scenarios. Thus, we were motivated to find a new approach that would lessen the influence of the general solver and reduce the time complexity of ASCA. This paper proposes a new analytical side-channel attack on AES by exploiting the incomplete diffusion feature in one AES round. We named our technique incomplete diffusion analytical side-channel analysis (IDASCA). Different from previous ASCAs, IDASCA adopts a specialized approach to recover the secret key of AES instead of the general solver. Extensive attacks are performed against the software implementation of AES on an 8-bit microcontroller. Experimental results show that: 1) IDASCA can exploit the side-channel leaks in all AES rounds using a single power trace; 2) it has less time complexity and more robustness than previous ASCAs, especially when considering the error-tolerant attack scenarios; and 3) it can calculate the reduced key search space of AES for the given amount of side-channel leaks. IDASCA can also interpret the mechanism behind previous ASCAs on AES from a quantitative perspective, such as why ASCA can work under unknown plaintext/ciphertext scenarios and what are the extreme cases in ASCAs.

Tao Zhang,Xiao-Yu Zheng,Ming-Yu Fan,Jian-Bo Yao

2009-01-01

Abstract:Side-channel analysis (SCA) is a powerful physical cryptanalysis. However, traditional SCA security evaluation is time-consuming, error prone and expensive. In order to improve the efficiency of security evaluation, a design-time SCA analysis method is proposed. Firstly, a general SCA leakage model is presented, and the analysis flow of design-time SCA is described. Secondly, a flexible simulation and analysis environment is built to evaluate the security of different SCA leakages. Finally, an illustrative experiment, which performs a design-time SCA evaluation on the crypto-chip with AES-128 core, is given. Compared with traditional SCA analysis method, our approach can detect SCA vulnerability and evaluate the quality of SCA countermeasures at design time, and thus it reduces time-to-market greatly.

Jianbo Yao,Tao Zhang

DOI: https://doi.org/10.1109/auteee60196.2023.10407457

2023-01-01

Abstract:SCA is an influential method used in physical cryptanalysis. Generally, the assessment of SCA security is carried out post-production in typical industrial procedures. This post-production analysis, however, is prone to errors, costly, and time intensive. Thus, to heighten efficiency, it has been proposed to carry out SCA analysis during design-time, drawing inspiration from the ethos of hardware/software co-design. This paper first introduces the limitations of traditional embedded system software/hardware design and the process of software/hardware co-design and a general SCA leakage model, followed by an overview of the process behind a design-time security analysis. Next, we establish a versatile simulation and analytical framework to evaluate various SCA leakages. In conclusion, we provide a demonstrated experiment that carries out a design data SCA analysis for the crypto-chip integrated having an AES-128 core.

Josef Danial,Debayan Das,Santosh Ghosh,Arijit Raychowdhury,Shreyas Sen

DOI: https://doi.org/10.1109/access.2020.3025022

IF: 3.9

2020-01-01

IEEE Access

Abstract:Electromagnetic (EM) side-channel analysis (SCA) is a prominent tool to break mathematically-secure cryptographic engines, especially on resource-constrained devices. Presently, to perform EM SCA on an embedded device, the entire chip is manually scanned and the MTD (Minimum Traces to Disclosure) analysis is performed at each point on the chip to reveal the secret key of the encryption algorithm. However, an automated end-to-end framework for EM leakage localization, trace acquisition, and attack has been missing. This work proposes SCNIFFER: a low-cost, automated EM Side Channel leakage SNIFFing platform to perform efficient end-to-end Side-Channel attacks. Using a leakage measure such as Test Vector Leakage Assessment (TVLA), or the signal to noise ratio (SNR), we propose a greedy gradient-search heuristic that converges to one of the points of highest EM leakage on the chip (dimension: $N times N$ ) within $O(N)$ iterations, and then perform Correlational EM Analysis (CEMA) at that point. This reduces the CEMA attack time by $sim N$ times compared to an exhaustive MTD analysis, and by $> 20times $ compared to choosing an attack location at random. We demonstrate SCNIFFER using a low-cost custom-built 3-D scanner with an H-field probe (<$500) compared to >$50, 000 commercial EM scanners, and a variety of microcontrollers as the devices under attack. The SCNIFFER framework is evaluated for several cryptographic algorithms (AES-128, DES, RSA) running on both an 8-bit Atmega microcontroller and a 32-bit ARM microcontroll-r to find a point of high leakage and then perform a CEMA at that point.

computer science, information systems,telecommunications,engineering, electrical & electronic

Tang, Ming

DOI: https://doi.org/10.1007/s10207-024-00874-4

2024-06-26

International Journal of Information Security

Abstract:Deep Learning-based Side-Channel Analysis (DL-SCA) has emerged as a powerful method in the field of side-channel analysis. Current works on DL-SCA primarily rely on publicly available datasets, which typically consist of well-organized and well-aligned training and attack sets. However, this disregards the challenges faced in real-world attacks, where the attack traces are not well-aligned with the training traces as attackers have different levels of control over profiling and attack devices. A network that is capable of identifying areas of leakage and subsequently predicting the leaked values can bypass such difficulty. Therefore, we proposed Arbitrary Trace Attacks, which are placed under the flexible scenario that provides training traces and attack traces with arbitrary sizes. To implement such attacks, we present the Arbitrary Convolutional Neural Network (ACNN), which scans the input trace of arbitrary sizes for leakage area identification and leakage value prediction using a sliding window. Experimental evaluation is conducted on two datasets DPAv4.2 and ASCAD to verify the effectiveness of our approach on unprotected and masked implementation respectively. As a result, the target leakage areas are detected with a significant frequency and the key recovery performance is on par with state-of-the-art. Moreover, the trained model shows the potential for detecting leakage in a general context, that is, detecting leakage of key bytes other than the target one.

computer science, information systems, theory & methods, software engineering

Dongyao Zhang,Changlin Zhou,Shuang Li,Daojie Yu,Kai He

DOI: https://doi.org/10.1109/lemcpa.2020.3044212

2020-01-01

IEEE Letters on Electromagnetic Compatibility Practice and Applications

Abstract:The cryptographic chip in system must be evaluated for side channel leakage detection before coming into service. However, the existing evaluation technology is too inefficient. This letter decomposes the variance of the traces of power consumption into variance of the sensitive variable and noise to estimate the signal-to-noise (SNR). According to the relationship between the success rate (SR) of the power analysis attack, SNR and conditional mutual information, the minimum number of traces is computable to evaluate the information leakage of the cryptographic chip. This method effectively estimates the minimum number of power traces when the SNR of power consumption is greater than 0.1. When the SNR is less than 0.1, the result calculated by this method is consistent with the change trend of the simulation, which means that the result also evaluates the ability of cryptographic chip to resist power analysis attacks. The method improves the evaluation efficiency by at least 60000 times compared with the simulation of CPA.

Zhengguang Shi,Fan Huang,Mengce Zheng,Wenlong Cao,Ruizhe Gu,Honggang Hu,Nenghai Yu

DOI: https://doi.org/10.1007/978-981-15-7984-4_11

2020-01-01

Abstract:Leakage assessment is the most common approach applied for assessing side-channel information leakage and validating the effectiveness of side-channel countermeasures. Established evaluation approaches are usually based on Test Vector Leakage Assessment (TVLA) that deployed in a divide and conquer flow with offline computations, which causes two apparent shortcomings in required memory and time. In this paper, a lightweight framework of online leakage assessment is proposed. The problems were analyzed and the evaluation approach was further validated with a Field Programmable Gate Array (FPGA). The experimental results show that it can implement online processing on newly collected data, and instantly stop to give the result when detecting credible leakage. The online leakage assessment can significantly economize on memory and time. It has good performance when there is limited memory or real-time evaluations are needed.

Xinjie Zhao,Tao Wang,Shize Guo,Fan Zhang,Zhijie Shi,Huiying Liu,Kehui Wu

2011-01-01

Abstract:Introduced in 2009, Algebraic Side-Channel Attack (ASCA) has become a very effective cryptanalysis technique that is different from conventional side-channel attacks such as DPA and CPA. In this paper, we propose an innovative and generic attack framework named as SATETASCA (SAT based Error Tolerant Algebraic Side-Channel Attack). The proposed framework is effective even if the leakage information is not accurate and has large variants or errors. We show its generality by successfully launching SAT-ETASCA to AES on two different platforms, using different types of leakages. The first attack is to an AES implementation on an 8-bit microcontroller, using the Hamming weight leakage model. We demonstrate that SAT-ETASCA can recover the full key even when the obtained leakage information has about 60% errors. The second attack is based on an innovative idea of applying the external cache …

Xiaozhong Pan,Shuiyu He,Yuechuan Wei,Lipeng Chang

DOI: https://doi.org/10.3390/app12168246

2022-08-18

Applied Sciences

Abstract:With the in-depth integration of deep learning and side-channel analysis (SCA) technology, the security threats faced by embedded devices based on the Internet of Things (IoT) have become increasingly prominent. By building a neural network model as a discriminator, the correlation between the side information leaked by the cryptographic device, the key of the cryptographic algorithm, and other sensitive data can be explored. Then, the security of cryptographic products can be evaluated and analyzed. For the AES-128 cryptographic algorithm, combined with the CW308T-STM32F3 demo board on the ChipWhisperer experimental platform, a Correlation Power Analysis (CPA) is performed using the four most common deep learning methods: the multilayer perceptron (MLP), the convolutional neural network (CNN), the recurrent neural network (RNN), and the long short-term memory network (LSTM) model. The performance of each model is analyzed in turn when the samples are small data sets, sufficient data sets, and data sets of different scales. Finally, each model is comprehensively evaluated by indicators such as classifier accuracy, network loss, training time, and rank of side-channel attacks. The experimental results show that the convolutional neural network CNN classifier has higher accuracy, lower loss, better robustness, stronger generalization ability, and shorter training time. The rank value is 2, that is, only two traces can recover the correct key byte information. The comprehensive performance effect is better.

Engineering,Computer Science

Wei Yang,Anmin Fu,Hailong Zhang,Chanying Huang

DOI: https://doi.org/10.1109/TrustCom50675.2020.00021

2020-01-01

Abstract:Side-channel analysis (SCA) is usually used for analyzing the side-channel resistance of a crypto device. However, it does not mean "practical secure" when a SCA attack fails since SCA only provides a success or failure conclusion. On the basis of the SCA data about scores and ranks of all candidates for each subkey, it is still possible to apply key enumeration (KE) algorithms to search the correct master key at an affordable overhead. Nevertheless, the efficiency of KE is limited by the SCA data in essence. To address the issue, we proposed two methods to exploit the SCA data and Riemann integral of the rank curves of all subkey candidates to update each correct subkey rank before carrying out KE. We applied the proposed methods for different crypto implementations running on different devices to verify their performance. Experimental studies for both mono-channel and multi-channel leakages verified that the proposed methods were effective in improving the efficiency of KE to recover the correct key. The proposed methods are designed for processing the SCA data and can be deemed as a preliminary before executing KE. The work of this paper bridges the gap between SCA and KE.

Qi Chen,Dongyan Zhao,Liang Liu,Xuesong Yan,Yidong Yuan,Xige Zhang,Hongmei Wu,Zhe Wang

DOI: https://doi.org/10.1016/j.csi.2021.103569

IF: 3.721

2022-01-01

Computer Standards & Interfaces

Abstract:Side-channel attacks (SCAs) have become a significant threat nowadays to cryptographic devices, especially central processing units (CPUs). Based on the implementation of AES-128, the side-channel information leakage analysis is carried out in a 32-bit CPU microarchitecture in this work. Correlation power analysis (CPA) results show that it is obvious to reveal the secret key by using only 30 power traces based on the net-list simulation. Three flexibly configurable hardware-based countermeasures are proposed to prevent information leakage in the arithmetic and logic unit (ALU), register file (RF) and load/store unit (LSU), respectively, which are the most sensitive components according to our analysis. The proposed countermeasures have different protection effects on the CPU since the required trace number to reveal the secret key has increased from 30 to 100 similar to 120,000. Moreover, the anti-attack capability of the CPU is improved by 4000 times using the three countermeasures simultaneously. The proposed countermeasures can be freely combined while considering the CPU security and implementation overhead. In practice, the anti-attack capability of the CPU can be further improved when the proposed countermeasures are implemented in real-world measurements, because additional noise will be introduced during the measurements.

Hong Li,Yunhua He,Limin Sun,Xiuzhen Cheng,Jiguo Yu

DOI: https://doi.org/10.1109/INFOCOM.2016.7524621

2016-01-01

Abstract:Video surveillance has been widely adopted to ensure home security in recent years. Most video encoding standards such as H.264 and MPEG-4 compress the temporal redundancy in a video stream using difference coding, which only encodes the residual image between a frame and its reference frame. Difference coding can efficiently compress a video stream, but it causes side-channel information leakage even though the video stream is encrypted, as reported in this paper. Particularly, we observe that the traffic patterns of an encrypted video stream are different when a user conducts different basic activities of daily living, which must be kept private from third parties as obliged by HIPAA regulations. We also observe that by exploiting this side-channel information leakage, attackers can readily infer a user's basic activities of daily living based on only the traffic size data of an encrypted video stream. We validate such an attack using two off-the-shelf cameras, and the results indicate that the user's basic activities of daily living can be recognized with a high accuracy.

Lianbo Yao,Tao Zhang

DOI: https://doi.org/10.1109/ICCSIT.2010.5563592

2010-01-01

Abstract:Side channel analysis (SeA) is a powerful physical cryptanalysis. In common industrial practice, the SeA security evaluation is performed after the devices are manufactured. However, the post-manufactured analysis is time consuming, error prone and expensive. Motivated by the spirit of hardware/software co-design, a design-time SeA analysis is proposed to improve the efficiency. Firstly, a general SeA leakage model is presented, and then the flow of design-time security analysis is described. After that, a flexible simulation and analytical environment is built to assess the different SeA leakage. Finally, an illustrative experiment, which performs a design-time SeA analysis on the crypto-chip with AES-128 core, is given. © 2010 IEEE.