Accelerating Correlation Power Analysis Using Graphics Processing Units

TL;DR

This paper demonstrates how leveraging GPU parallel processing significantly accelerates Correlation Power Analysis (CPA) attacks on AES, reducing attack time from hours to under a minute, thus impacting cryptographic security verification.

Contribution

The paper introduces a GPU-based algorithm for CPA on AES, achieving over 1300x speedup compared to single-threaded CPU implementations.

Findings

GPU implementation is 1300x faster than single-threaded CPU

CPA attack time reduced from hours to less than a minute on GPU

GPU-based CPA enables rapid verification of cryptographic countermeasures

Abstract

Correlation Power Analysis (CPA) is a type of power analysis based side channel attack that can be used to derive the secret key of encryption algorithms including DES (Data Encryption Standard) and AES (Advanced Encryption Standard). A typical CPA attack on unprotected AES is performed by analysing a few thousand power traces that requires about an hour of computational time on a general purpose CPU. Due to the severity of this situation, a large number of researchers work on countermeasures to such attacks. Verifying that a proposed countermeasure works well requires performing the CPA attack on about 1.5 million power traces. Such processing, even for a single attempt of verification on commodity hardware would run for several days making the verification process infeasible. Modern Graphics Processing Units (GPUs) have support for thousands of light weight threads, making them ideal for parallelizable algorithms like CPA. While the cost of a GPU being lesser than a high performance multicore server, still the GPU performance for this algorithm is many folds better than that of a multicore server. We present an algorithm and its implementation on GPU for CPA on 128-bit AES that is capable of executing 1300x faster than that on a single threaded CPU and more than 60x faster than that on a 32 threaded multicore server. We show that an attack that would take hours on the multicore server would take even less than a minute on a much cost effective GPU.