Deep Learning Based Side Channel Attacks Across Devices In Frequency Domain

As a product that guarantees information security about users,smart card devices have implemented cryptographic algorithms internally such as DES,AES,RSA,etc.,which has meet theoretical security requirements to ensure that malicious attackers cannot obtain the secrets in the devices.These cryptographic algorithms have been proven safe after a series of theoretical verification and selection,as well as traditional cryptanalysis.However,when these cryptographic algorithms are implemented on specific physical devices,the leakage during the operation of the devices provides a priori knowledge about the secrets in the device,allowing the attackers to recover the secrets in the device through side-channel analysis.For smart card devices,side-channel analysis is one of the attacks that threaten device security.In recent years,the profiled side-channel analysis has become an important supplement to the traditional side-channel analysis.The combination with deep learning technology has further improved the general-purpose scenarios of attacks and simplified the attack process.In this paper,we introduce the general method of deep learning-based template attacks(DLTA),and analyze the advantages of DLTA in attack efficiency and applicable scenarios compared to traditional template attacks(TA)and Correlation power analysis(CPA).Compared with CPA,due to the introduction of additional prior knowledge from the profiling device when training the model,the performance of DLTA is improved by at least an order of magnitude.In addition,with the help of the neural network,DLTA can automatically extract the features of the power consumption data,without selecting the points of interests(POIs,also be regarded as features)of the original power consumption data,which simplifies the data preprocessing stage.And when there are many POIs on the power consumption data,DLTA can effectively reduce,through model training,the computational costs brought by the calculation of high-order matrices in TA.Since both TA and DLTA require the power consumption data of the profiling device and the target device to be independently and identically distributed,when TA and DLTA are implemented in practice,there will be decline on the attack performance.Based on this,we proposes a frequency domain and deep learning based cross-device template attacks(FLTA)solution.Firstly,we analyze the reasons for the inconsistency of the distribution between the profiling device and the target device,and smart card devices of different models and series were designed for verification.According to the degree of difference between the profiling device and the target device,the cross-device scenarios are divided into four types: same devices,identical devices,homogeneous devices,and heterogeneous devices.The theoretical verification of device variation is carried out from a statistical point of view.And it is further verified by performing practical TA and DLTA as tests.Finally,we proposes our FLTA scheme suitable for cross-device scenarios.Features are extracted from the frequency domain representation of power consumption to train the model,which improves the generalization ability of the model on different devices.In the experimental part,we implement the AES-128 algorithm on chips from ATMEL's ATmega series and chips from MICROCHIP's PIC series.Furthermore,we build a smart card power consumption capture platform and analyze the power consumptions captured during the encryption.We verify the impact of cross-device scenarios on the performance of TA and DLTA,and the advantages of FLTA in cross-device scenarios.The experiment includes:the implementation of the functional modules of different models of chips and the implementation of the AES-128 algorithm?the construction of the SAKURA-W-based smart card power consumption capture platform and data interaction framework among PC platform,the oscilloscope,and the target device?theoretical analysis and experimental verification of device variation(we implement statistical analysis of the power consumption data distribution of profiling devices and target devices and perform TA and DLTA to verify the existence of device variation and the impact of different cross-device scenarios on the performance of the attacks)?we introduces our feature selection strategy and how FLTA are implemented to achieve a successful crossdevice attack,proving the advantages of the FLTA in cross-device scenarios?we use the power consumptions captured locally to attack the public dataset which is captured and processed by someone else.When the chip model,algorithm implementation,acquisition environment and acquisition parameters between the public dataset and our local dataset are different,the correct secrets can still be successfully recovered through FLTA,which further reflects its robustness.The results of our paper show that in the cross-device scenario,FLTA can effectively overcome the device variation and ensure performance of the attack.Compared with DLTA and TA that use time domain features,the performance of FLTA is improved by at least two orders of magnitude,which improves the threat of profiled side-channel analysis to actual devices.