|
|
基于Stacking的侧信道攻击
|
Abstract:
传统侧信道模版攻击已经被基于神经网络的侧信道攻击给代替,一个原因是因为模板攻击假设能耗泄露是服从多元高斯分布,但这种分布并不适合某些情况。并且模板攻击需要构建方阵,会出现矩阵非满秩也就是其不可逆的问题进而影响计算,另外一个原因是不能有效攻击高阶防御。当前有学习的侧信道攻击研究主要聚焦于对单个神经网络模型的结构进行修改或者采用数据增强来提高攻击效果,模型通过局部搜索进行工作,往往陷入局部最优状态。本文提出了一种基于Stacking的侧信道攻击新方法,该方法通过多个不同结构初级模型结合,堆叠出的新模型性能要优于初级模型。本文实施了三个实验来对该方法进行测试,实验一和二是分别在ASCAD v1和ASCAD v2上的攻击,两个实验结果显示Stacking模型在一阶成功率为1时的所需攻击曲线数比初级模型至多减少了66.7%,其攻击效果证明了Stacking方法的普适性。在前面实验基础上进一步对Stacking测试了其采用同样结构初级模型的效果,其效果与初级模型持平甚至还要次于初级模型,所以初级模型在选择上应该更加偏向于不同结构的,使各个模型有着一定差异化。这些实验的结果证明了Stacking通过结合不同结构的神经网络模型最终的攻击效果是明显优于初级模型的。
The traditional side channel template attack has been replaced by the side channel attack based on the neural network. One reason is that the template attack assumes that the energy leakage is subject to the multivariate Gaussian distribution, but this distribution is not suitable for some sit-uations. Moreover, template attacks need to build a square matrix, which will lead to the problem that the matrix is not full rank, that is, its irreversibility, and then affect the calculation. Another reason is that it cannot effectively attack high-order defense. The current research on learning side channel attack mainly focuses on modifying the structure of a single neural network model or using data enhancement to improve the attack effect. The model works through local search and often falls into a local optimal state. This paper proposes a new side channel attack method based on Stacking. This method combines several primary models with different structures, and the per-formance of the stacked new model is better than the primary model. Three experiments are car-ried out to test this method. Experiment 1 and Experiment 2 are attacks on ASCAD v1 and ASCAD v2 respectively. The results of the two experiments show that the number of attack curves required by the Stacking model when the first order success rate is 1 is at most 66.7% less than that of the primary model. The attack effect proves the universality of the Stacking method. On the basis of the previous experiments, we further tested the effect of Stacking using the primary model with the same structure, and its effect is equal to or even inferior to the primary model. Therefore, the primary model should be more biased towards different structures in selection, so that each model has a definite difference. The results of these experiments prove that Stacking’s final attack effect by combining neural network models with different structures is obviously superior to the primary model.
| [1] | Kocher, P., Jaffe, J. and Jun, B. (1999) Differential Power Analysis. In: Wiener, M., Ed., Advances in Cryptolo-gy—CRYPTO ’99. Lecture Notes in Computer Science, Vol. 1666, Springer, Berlin, 388-397.
https://doi.org/10.1007/3-540-48405-1_25 |
| [2] | Chari, S., Rao, J.R. and Rohatgi, P. (2002) Template Attacks. In: Kaliski, B.S., Ko?, ?.K. and Paar, C., Eds., Cryptographic Hardware and Embedded Systems—CHES 2002. Lecture Notes in Computer Science, Vol. 2523, Springer, Berlin, 13-28. https://doi.org/10.1007/3-540-36400-5_3 |
| [3] | Hospodar, G., Gierlichs, B., De Mulder, E., Verbauwhede, I. and Vandewalle, J, (2011) Machine Learning in Side-Channel Analysis: A First Study. Journal of Cryptographic Engineer-ing, 1, Article No. 293.
https://doi.org/10.1007/s13389-011-0023-x |
| [4] | Lerman, L., Poussier, R., Bontempi, G., Markowitch, O. and Standaert, F.-X. (2015) Template Attacks vs. Machine Learning Revisited (and the Curse of Dimensionality in Side-Channel Analysis). In: Mangard, S. and Poschmann, A., Eds., Constructive Side-Channel Analysis and Secure De-sign, Lecture Notes in Computer Science, Vol. 9064, Springer, Cham, 20-33. https://doi.org/10.1007/978-3-319-21476-4_2 |
| [5] | Maghrebi, H., Portigliatti, T. and Prouff, E. (2016) Breaking Cryptographic Implementations Using Deep Learning Techniques. In: Carlet, C., Hasan, M. and Saraswat, V., Eds., Security, Privacy, and Applied Cryptography Engineering. Lecture Notes in Computer Science, Vol. 10076, Springer, Cham, 3-26.
https://doi.org/10.1007/978-3-319-49445-6_1 |
| [6] | Benadjila, R., Prouff, E., Strullu, R., Cagli, E. and Dumas, C. (2020) Deep Learning for Side-Channel Analysis and Introduction to ASCAD Database. Journal of Cryptographic En-gineering, 10, 163-188.
https://doi.org/10.1007/s13389-019-00220-8 |
| [7] | Benesty, J., Chen, J., Huang, Y. and Cohen, I. (2009) Pearson Correlation Coefficient. In: Noise Reduction in Speech Processing, Springer, Berlin, 1-4. https://doi.org/10.1007/978-3-642-00296-0_5 |
| [8] | Batina, L., Hogenboom, J. and Van Woudenberg, J.G. (2012) Getting More from PCA: First Results of Using Principal Component Analysis for Extensive Power Analysis. In: Dunkelman, O., Ed., Topics in Cryptology—CT-RSA 2012. Lecture Notes in Computer Science, Vol. 7178, Springer, Berlin, 383-397.
https://doi.org/10.1007/978-3-642-27954-6_24 |
| [9] | Bhasin, S., Danger, J.-L., Guilley, S. and Najm, Z. (2014) NICV: Normalized Inter-Class Variance for Detection of Side-Channel Leakage. 2014 International Symposium on Electromagnetic Compatibility, Tokyo, 12-16 May 2014, 310-313. |
| [10] | Mannor, S., Peleg, D. and Rubinstein, R. (2005) The Cross Entropy Method for Classification. Proceedings of the 22nd International Conference on Machine Learning, Bonn, 7-11 August 2005, 561-568.
https://doi.org/10.1145/1102351.1102422 |
| [11] | Martinasek, Z., Dzurenda, P. and Malina, L. (2016) Profiling Power Analysis Attack Based on MLP in DPA Contest V4.2. 2016 39th International Conference on Telecommunications and Signal Processing (TSP), Vienna, 27-29 June 2016, 223-226. https://doi.org/10.1109/TSP.2016.7760865 |
| [12] | Zaid, G., Bossuet, L., Habrard, A. and Venelli, A. (2021) Effi-ciency through Diversity in Ensemble Models Applied to Side-Channel Attacks: A Case Study on Public-Key Algo-rithms. ACR Transactions on Cryptographic Hardware and Embedded Systems, 2021, 60-96. https://doi.org/10.46586/tches.v2021.i3.60-96 |
| [13] | Wolpert, D.H. (1992) Stacked Generalization. Neural Networks, 5, 241-259.
https://doi.org/10.1016/S0893-6080(05)80023-1 |
| [14] | Ba?ak, V. and Kennedy, E.H. (2019) Principled Machine Learning Using the Super Learner: An Application to Predicting Prison Violence. Sociological Methods & Research, 48, 698-721. https://doi.org/10.1177/0049124117747301 |
| [15] | Xu, M., Wu, L. and Zhang, X. (2017) Side Channel Attack on SM4 Algorithm with Ensemble Method. 2017 13th International Conference on Computational Intelligence and Security, Hong Kong, 15-18 December 2017, 529-532.
https://doi.org/10.1109/CIS.2017.00123 |
| [16] | 黄洁, 王燚. 适用于侧信道分析的卷积神经网络结构的实验研究[J]. 成都信息工程学院学报, 2019, 34(5): 449-456. |
