Research On Differential Statistical Analysis On White-Box Aes

AES is considered to be the most effective block cipher at present,but side channel attack poses a great threat to the implementation of AES.Side channel attacks can be divided into non-profiling attacks and profiling attacks.Profiling attacks assume that attackers can choose plaintexts and keys without restrictions and collect unlimited traces.The classifiers of profiling attacks include mathematical methods and machine learning methods,especially the deep learning classifier tend to be mature.However,if the time to get the cloned device is limited,or the device does not support multiple key modifications,it will affect the success rate of the attack.Therefore,it is very necessary to analyze and study the side channel attack with a small amount of information.Some researches use unsupervised clustering classifier to choose template of TA,which needs known information for leakage points selection,which is called semi supervised template attack method.But this attack method is under the condition of absolute ideal noise,which is not very practical.Other studies use semi supervised machine learning method to improve the supervised learning model.This method still can not relax the premise of template attack.Considering the premise assumption of limited information collection in the modeling stage,this paper researches from three aspects:interest point selection,pre-processing of traces and discriminator selection.And we propose three questions,what method should be selected for interest point leakage analysis,what method of data pre-processing can improve information utilization,and how the selection of classifier can adapt to the prerequisite of limited information.By studying these three problems,this paper deeply studies four typical interest point selection methods,PCA dimensionality reduction technology,and side channel attack of clustering classifier.This paper has three contributions.Firstly,it explores the differences of interest point selection methods and their impact on the attack effect.Finally,it comes to the conclusion that CPA can produce better interest points under limited known traces.Secondly,this paper studies the dimensionality reduction method of principal component analysis,its impact on clustering classification methods and template attacks,and finally finds its invalidity to template attacks and the optimization effect on data with higher dimensions of clustering model.Finally,the side channel attack method of semi-supervised machine learning proposed by predecessors is analyzed.It is found that the accuracy of interest point selection is unstable under large noise,which will lead to the decline of clustering accuracy.In this paper,we use PCA to reduce the dimension of inputs and we use Gaussian mixture clustering to strengthen the utilization of information,so that the accuracy of single trace prediction is improved to 75%.Under the same assumption,only 100 modeling traces and three attack traces are needed when the guessing entropy is five.while ten thousand traces are required for the method used in other research.Thus,we increase the utilization rate of information to reduce the amount of known information to be collected in practice.