Revealing leakage locationin side-channel attack based on convolutional neural network visualizing
-
摘要:
侧信道攻击中,泄露区间的定位对进一步提升攻击效果和芯片防护产生至关重要的作用.对于基于神经网络的模板攻击,由于神经网络是黑盒模型,使得泄露区间定位成为难题.本文通过改进加权梯度类激活映射(Grad-CAM),提出一种新的可以定位功耗或电磁曲线泄露位置的方法WAvg-Grad-CAM.该方法利用梯度计算进行区间定位,计算输入曲线的不同位置对攻击成功的影响程度,从而可以准确地定位输入曲线的泄露区间.通过实验对比其他常见的可视化方法在模板攻击中的应用效果,发现其拥有曲线平滑和噪音小的优势.实验证明在泄露情况未知且不进行二阶曲线处理的情况下,即使网络成功率较低,也可以直接对带掩码实现的曲线进行精准定位.
Abstract:Locating leakage plays a vital role in further improving the attack success rate and countermeasure in side-channel attacks. For template attacks based on convolutional neural network, it is difficult to locate the leakage due to the invisibility of the network. This paper proposed a new method named WAvg-Grad-CAM to locate the leakage spot of side-channel traces, based on the ideal of Gradient-weighted Class Activation Mapping(Grad-CAM). This method applies gradient mapping to compute the attacking effectiveness of different positions on the input trace. According to the attacking effectiveness, the leakage position of the input trace can be precisely located. The experiment shows that this new method has advantages of smooth result and lower noise, compared with other common visualization methods. The result shows that this attack method can be used to localize the masked implementations precisely, without leakages combination processing and without knowledge of the implemented protections, even on the condition of low successful rate.
-
Key words:
- template attack /
- neural network /
- visualization
-
[1] CAGLI E, DUMAS C, PROUFF E. Convolutional neural networks with data augmentation against jitter-based countermeasures: profiling attacks without pre-processing[C]//Proceedings of the 19th International Conference on Cryptographic Hardware and Embedded Systems.Taipei, China: Springer, 2017: 45-68. DOI: 10.1007/978-3-319-66787-4_3. [2] CHARI S, RAO J R, ROHATGI P. Template attacks[C]//Proceedings of the4th International Workshop Redwood Shores on Cryptographic Hardware and Embedded Systems.Redwood Shores, CA, USA: Springer, 2003: 13-28. DOI: 10.1007/3-540-36400-5_3. [3] GIERLICHS B, LEMKE-RUST K, PAAR C. Templates vs. stochastic methods: a performance analysis for side channel cryptanalysis[C]//Proceedings of the 8th International Workshopon Cryptographic Hardware and Embedded Systems.Yokohama, Japan: Springer, 2006: 15-29. DOI: 10.1007/11894063_2. [4] BHASIN S, DANGER J L, GUILLEY S, et al. NICV: normalized inter-class variance for detection of side-channel leakage[C]//Proceedings of the 2014International Symposium on Electromagnetic Compatibility. Tokyo, Japan: IEEE, 2014: 310-313. [5] ARCHAMBEAU C, PEETERS E, STANDAERT F X, et al.Template attacks in principal subspaces[C]//Proceedings of the 8th International Workshop on Cryptographic Hardware and Embedded Systems. Yokohama, Japan: Springer, 2006: 1-14. DOI: 10.1007/11894063_1. [6] TIMON B. Non-profiled deep learning-based side-channel attacks with sensitivity analysis[J]. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2019, 2019(2): 107-131. DOI: 10.13154/tches.v2019.i2.107-131. [7] SELVARAJU R R, COGSWELL M, DAS A, et al. GRAD-CAM: visual explanations from deep networks via gradient-based localization[C]//2017 IEEE International Conference on Computer Vision (ICCV). Venice, Italy: IEEE, 2017: 618-626. DOI: 10.1109/ICCV.2017.74. [8] ZEILER M D, FERGUS R. Visualizing and understanding convolutional networks[C]//Proceedings of the 13th European Conference on Computer Vision. Zurich, Switzerland: Springer, 2014: 818-833. DOI: 10.1007/978-3-319-10590-1_53. [9] MESSERGES T S. Using second-order power analysis to attack DPA resistant software[C]//Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems. Worcester, MA, USA: Springer, 2000: 238-251. DOI: 10.1007/3-540-44499-8_19. -