Location, Location, Location: Revisiting Modeling and Exploitation for Location-Based Side Channel Leakages

Andrikos, Christos; Batina, Lejla; Chmielewski, Łukasz; Lerman, Liran; Mavroudis, Vasilios; Papagiannopoulos, Kostas; Perin, Guilherme; Rassias, Giorgos; Sonnino, Alberto

doi:10.1007/978-3-030-34618-8_10

Cited by 6 publications

(6 citation statements)

References 44 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The work of Schlösser et al, (2013) successfully demonstrates identification of the exact SRAM location accessed during the activation of the substitution box (SBox) lookup table during AES encryption operations. Andrikos et al, (2019) uses neural networks and an information-based approach to retrieve information about the AES encryption key after finding the SRAM location of the lookup table containing the key by using the framework given in (Schlösser et al, 2013). They demonstrate a successful attack using memory table exploitation.…”

Section: Previous Researchmentioning

confidence: 99%

Locality-based electromagnetic leakage assessment using CNN

Heffron

James²

2023

iccws

View full text Add to dashboard Cite

Deep learning side-channel analysis (SCA) attacks have recently gained in popularity. The ability of deep learning models to retrieve a key byte while minimizing the need for pre-processing steps in both cases of misaligned traces and when the leakage model is multivariate has contributed to the popularity gain. Near-field electromagnetic (EM) probes have enabled leakage capture with high spatial resolution, and the field of deep learning side-channel research looks to find models which reduce the required number of leakage traces to retrieve a key byte successfully. However, despite the many papers researching techniques to reduce the number of traces required for a successful attack, location-based research for EM SCA remains untouched. Due to the nature of EM probes and the architecture of different boards and chips, the location of the collection probe becomes important when attempting to extract the secret key within a reasonable timeframe and with a level of certainty in the result. Our contribution is a framework to determine the best location to assess localized EM leakage against a given chip platform. We use a raster scan to collect localized leakage results at 25 points in a 5x5 grid pattern on a ChipWhisperer Lite XMEGA board running an open-source implementation of the AES-128 encryption algorithm. We demonstrate the use of our framework to locate the best points for an attacker to execute a profiling attack by identifying the grid point with the most detectable leakage for a chip platform. We further execute a smaller localized 25-point raster scan in a grid over the identified location to further refine our estimate of the optimal collection location. We then demonstrate that this location can be used to execute a side-channel profiling attack against the same chip architecture and will result in a lower number of traces required to retrieve the key byte.

show abstract

Section: Previous Researchmentioning

confidence: 99%

Locality-based electromagnetic leakage assessment using CNN

Heffron

James²

2023

iccws

View full text Add to dashboard Cite

show abstract

“…Thus, the robustness of this countermeasure depends on the used platform. Since, our target, a Cortex-M4 on an STM32F407IGT6 board, does not have data caches, the memory access is expected to be constant-time as long as the same SRAM region is accessed; 9 as shown in [2] this target has 2 different regions with different characteristics. To increase the probability that the memory accesses are to the same region, we declare the alternating operands as global variables next to each other.…”

Section: Implementations Of the Ladder Stepmentioning

confidence: 99%

Protecting the Most Significant Bits in Scalar Multiplication Algorithms

Bock

Chmielewski

Miteloudi

2022

Security, Privacy, and Applied Cryptography Engineering

Self Cite

View full text Add to dashboard Cite

The Montgomery Ladder is widely used for implementing the scalar multiplication in elliptic curve cryptographic designs. This algorithm is efficient and provides a natural robustness against (simple) sidechannel attacks. Previous works however showed that implementations of the Montgomery Ladder using Lopez-Dahab projective coordinates easily leak the value of the most significant bits of the secret scalar, which led to a full key recovery in an attack known as LadderLeak [3]. In light of such leakage, we analyse further popular methods for implementing the Montgomery Ladder. We first consider open source software implementations of the X25519 protocol which implement the Montgomery Ladder based on the ladderstep algorithm from Düll et al. [15]. We confirm via power measurements that these implementations also easily leak the most significant scalar bits, even when implementing Z-coordinate randomisations. We thus propose simple modifications of the algorithm and its handling of the most significant bits and show the effectiveness of our modifications via experimental results. Particularly, our re-designs of the algorithm do not incurring significant efficiency penalties. As a second case study, we consider open source hardware implementations of the Montgomery Ladder based on the complete addition formulas for prime order elliptic curves, where we observe the exact same leakage. As we explain, the most significant bits in implementations of the complete addition formulas can be protected in an analogous way as we do for Curve25519 in our first case study.

show abstract

“…First, when using EM as a side-channel source, the type of probe as well as its exact position, i.e., location and angle, play a crucial role (see for example [1]). In some situations, an attacker may not be able to precisely replicate the measurement setup from training on the attacked device.…”

Section: Transferring Between Em Probe Position and Typementioning

confidence: 99%

Train or Adapt a Deeply Learned Profile?

Genevey-Metat

Heuser

Gérard

2021

Lecture Notes in Computer Science

View full text Add to dashboard Cite

In recent years, many papers have shown that deep learning can be beneficial for profiled side-channel analysis. However, to obtain good performance with deep learning, an evaluator or an attacker face the issue of data. Due to the context, he might be limited in the amount of data for training. This can be mitigated with classical Machine Learning (ML) techniques such as data augmentation. However, these mitigation techniques lead to a significant increase in the training time; first, by augmenting the data and second, by increasing the time to perform the learning of the neural network. Recently, weight initialization techniques using specific probability distributions have shown some impact on the training performances in sidechannel analysis. In this work, we investigate the advantage of using weights initialized from a previous training of a network in some different contexts. The idea behind this is that different side-channel attacks share common points in the sense that part of the network has to understand the link between power/electromagnetic signals and the corresponding intermediate variable. This approach is known as Transfer Learning (TL) in the Deep Learning (DL) literature and has shown its usefulness in various domains. We present various experiments showing the relevance and advantage of starting with a pretrained model In our scenarios, pretrained models are trained on different probe positions/channels/chips. Using TL, we obtain better accuracy and/or training speed for a fixed amount of training data from the target device.

show abstract

Location, Location, Location: Revisiting Modeling and Exploitation for Location-Based Side Channel Leakages

Cited by 6 publications

References 44 publications

Locality-based electromagnetic leakage assessment using CNN

Locality-based electromagnetic leakage assessment using CNN

Protecting the Most Significant Bits in Scalar Multiplication Algorithms

Train or Adapt a Deeply Learned Profile?

Contact Info

Product

Resources

About