Applying Horizontal Clustering Side-Channel Attacks on Embedded ECC Implementations

Nascimento, Erick; Chmielewski, Łukasz

doi:10.1007/978-3-319-75208-2_13

Cited by 30 publications

(34 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the more general unsupervised setting (see e.g. [8][9][10][11][12]17]), the access to a training device is not possible. The attacker acquires as many traces as possible and induces a maximal value for b that can be handled through the attack.…”

Section: Overall Attack Processmentioning

confidence: 99%

Side-Channel Attacks on Blinded Scalar Multiplications Revisited

Roche¹,

Imbert

Lomné³

2020

Smart Card Research and Advanced Applications

View full text Add to dashboard Cite

In a series of recent articles (from 2011 to 2017), Schindler et al. show that exponent/scalar blinding is not as effective a countermeasure as expected against side-channel attacks targeting RSA modular exponentiation and ECC scalar multiplication. Precisely, these works demonstrate that if an attacker is able to retrieve many randomizations of the same secret, this secret can be fully recovered even when a significative proportion of the blinded secret bits are erroneous. With a focus on ECC, this paper improves the best results of Schindler et al. in both the generic case of random-order elliptic curves and the specific case of structured-order elliptic curves. Our results show that larger blinding material and higher error rates can be successfully handled by an attacker in practice. This study also opens new directions in this line of work by the proposal of a three-steps attack process that isolates the attack critical path (in terms of complexity and success rate) and hence eases the development of future solutions.

show abstract

Section: Overall Attack Processmentioning

confidence: 99%

Side-Channel Attacks on Blinded Scalar Multiplications Revisited

Roche¹,

Imbert

Lomné³

2020

Smart Card Research and Advanced Applications

View full text Add to dashboard Cite

show abstract

“…The traces used to analyze this implementation are obtained from a publicly available dataset [11]. All details on this implementation, including the additional countermeasures, are described in [27].…”

Section: Elliptic Curve Scalar Multiplicationmentioning

confidence: 99%

“…4 Furthermore, all these cut traces (5997 × 255 = 1, 529, 235) are aligned to exploit the leakage efficiently. Details about the implementation and how the traces are aligned are in [27]. Figure 3 represents the SNR of the dataset for the bit model.…”

Section: Protected Implementation Datasetmentioning

confidence: 99%

“…Their approach to side-channel is similar to ours, but they do not use deep learning in the analysis [28]. Note that approach was extended to unsupervised settings using clustering [27]. Poussier et al used horizontal attacks and linear regression to conduct an attack on ECC implementations, but their approach cannot be classified as deep learning [38].…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Systematic Side-Channel Analysis of Curve25519 with Machine Learning

et al. 2020

Self Cite

View full text Add to dashboard Cite

Profiling attacks, especially those based on machine learning, proved to be very successful techniques in recent years when considering the side-channel analysis of symmetric-key crypto implementations. At the same time, the results for implementations of asymmetric-key cryptosystems are very sparse. This paper considers several machine learning techniques to mount side-channel attacks on two implementations of scalar multiplication on the elliptic curve Curve25519. The first implementation follows the baseline implementation with complete formulae as used for EdDSA in WolfSSl, where we exploit power consumption as a side-channel. The second implementation features several countermeasures, and in this case, we analyze electromagnetic emanations to find side-channel leakage. Most techniques considered in this work result in potent attacks, and especially the method of choice appears to be convolutional neural networks (CNNs), which can break the first implementation with only a single measurement in the attack phase. The same convolutional neural network demonstrated excellent performance for attacking AES cipher implementations. Our results show that some common grounds can be established when using deep learning for profiling attacks on very different cryptographic algorithms and their corresponding implementations.

show abstract

“…Analyses with clustering methods [12][13][14] are researched. Recently, horizontal attacks [7] have been succeeding with clustering algorithms [15,16]. These attacks exploiting clustering algorithms and horizontal attacks have so far fixed the dimension (length) of the segment/subsignal of power trace as trace_length key_bits when treating segments.…”

mentioning

confidence: 99%

An Automated End-to-End Side Channel Analysis Based on Probabilistic Model

Hwang

Yoon

2020

Applied Sciences

View full text Add to dashboard Cite

In this paper, we propose a new automated way to find out the secret exponent from a single power trace. We segment the power trace into subsignals that are directly related to recovery of the secret exponent. The proposed approach does not need the reference window to slide, templates nor correlation coefficients compared to previous manners. Our method detects change points in the power trace to explore the locations of the operations and is robust to unexpected noise addition. We first model the change point detection problem to catch the subsignals irrelevant to the secret and solve this problem with Markov Chain Monte Carlo (MCMC) which gives a global optimal solution. After separating the relevant and irrelevant parts in signal, we extract features from the segments and group segments into clusters to find the key exponent. Using single power trace indicates the weakest power level of attacker where there is a very slight chance of acquiring as many power traces as needed for breaking the key. We empirically show the improvement in accuracy even with presence of high level of noise.

show abstract

Applying Horizontal Clustering Side-Channel Attacks on Embedded ECC Implementations

Cited by 30 publications

References 32 publications

Side-Channel Attacks on Blinded Scalar Multiplications Revisited

Side-Channel Attacks on Blinded Scalar Multiplications Revisited

Systematic Side-Channel Analysis of Curve25519 with Machine Learning

An Automated End-to-End Side Channel Analysis Based on Probabilistic Model

Contact Info

Product

Resources

About