[go: up one dir, main page]

What a lovely hat

Is it made out of tin foil?

Paper 2023/093

Automated Side-Channel Attacks using Black-Box Neural Architecture Search

Pritha Gupta, Paderborn University
Jan Peter Drees, University of Wuppertal
Eyke Hüllermeier, MCML, LMU Munich
Abstract

The usage of convolutional neural networks (CNNs) to break cryptographic systems through hardware side-channels has enabled fast and adaptable attacks on devices like smart cards and TPMs. Current literature proposes fixed CNN architectures designed by domain experts to break such systems, which is time-consuming and unsuitable for attacking a new system. Recently, an approach using neural architecture search (NAS), which is able to acquire a suitable architecture automatically, has been explored. These works use the secret key information in the attack dataset for optimization and only explore two different search strategies using one-dimensional CNNs. We propose a NAS approach that relies only on using the profiling dataset for optimization, making it fully black-box. Using a large-scale experimental parameter study, we explore which choices for NAS, such as 1-D or 2-D CNNs and search strategy, produce the best results on 10 state-of-the-art datasets for Hamming weight and identity leakage models. We show that applying the random search strategy on 1-D inputs results in a high success rate and retrieves the correct secret key using a single attack trace on two of the datasets. This combination matches the attack efficiency of fixed CNN architectures, outperforming them in 4 out of 10 datasets. Our experiments also point toward the need for repeated attack evaluations of machine learning-based solutions in order to avoid biased performance estimates.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Preprint.
Keywords
Neural Architecture SearchParameter StudyConvolutional Neural NetworkSide-Channel AttackAES
Contact author(s)
prithag @ mail uni-paderborn de
jan drees @ uni-wuppertal de
eyke @ lmu de
History
2024-01-14: last of 5 revisions
2023-01-25: received
See all versions
Short URL
https://ia.cr/2023/093
License
Creative Commons Attribution-ShareAlike
CC BY-SA

BibTeX

@misc{cryptoeprint:2023/093,
      author = {Pritha Gupta and Jan Peter Drees and Eyke Hüllermeier},
      title = {Automated Side-Channel Attacks using Black-Box Neural Architecture Search},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/093},
      year = {2023},
      url = {https://eprint.iacr.org/2023/093}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.