On The Research And Application Of Pattern Recognition Technologies In Template Attacks Against Cryptographic System

Template Attack is a new type of Side-Channel Attack which rises in recent years. It draws on Pattern Recognition and Machine Learning technologies, and turns the detection of information leakages and the attack of intermediate values into a pattern recognition and classification problem. Due to the application of pattern recognition methods, the strength of power analysis for the extraction and identification of cipher key associated intermediate values is greatly enhanced, and the matching of templates with the actual leakages of cryptographic devices is significantly improved. It increases the success rate and computing efficiency, but reduces the size of training data and computing resources required for this attack.The process of a template attack can be divided into three phases, namely the feature selection, template building and template matching. In the feature selection phase, we introduce a selection method based on the Pearson’s correlation coefficients. In the template building and template matching phase, we introduce the Support Vector Machine technology, and designed a template attack method based on this technology. On the basis of the classical Gaussian template attacks, we introduce the priori probabilities for intermediate values, and designed a template attack method based on Bayes Classification. In order to verify the actual attack effect of these new types of template attacks based on pattern recognition methods, we conducted several experiments using power traces provided by the DPA Contest V4. Since these traces are acquired from a masked AES cipher protected by the RSM countermeasure, we designed a solution using template attacks to break this countermeasure. In terms of strategies to build templates, we propose to use templates targeting masks based on data values directly, and use the Hamming Weight power model to attack the input and output of S-Boxes. We suggest using Bit power model to attack the output of S-Boxes directly. Using the combination of partial results of all intermediate values, we propose an approach to recover the round key of AES cipher, and finally break the complete master key. In order to compare the effects of these new types of template attacks based on pattern recognition methods and the classical Gaussian template attacks, we carried out a number of comparative experiments. We also explored the impact of model parameters and the size of training data for the effect of template attacks, and we proposed a solution to handle the problem of uneven distributed samples and some relevant numerical problems.