Power side-channel leakage localization through adversarial training of deep neural networks

TL;DR

This paper introduces an adversarial training method using deep neural networks to localize power side-channel leakage points, outperforming existing techniques on synthetic data and highlighting challenges on real data.

Contribution

It presents a novel adversarial approach for identifying leakage points in power traces, advancing the understanding of deep learning defenses in side-channel analysis.

Findings

Outperforms existing techniques on synthetic datasets with countermeasures

Highly sensitive to hyperparameters and early stopping on real datasets

Provides an open-source implementation for further research

Abstract

Supervised deep learning has emerged as an effective tool for carrying out power side-channel attacks on cryptographic implementations. While increasingly-powerful deep learning-based attacks are regularly published, comparatively-little work has gone into using deep learning to defend against these attacks. In this work we propose a technique for identifying which timesteps in a power trace are responsible for leaking a cryptographic key, through an adversarial game between a deep learning-based side-channel attacker which seeks to classify a sensitive variable from the power traces recorded during encryption, and a trainable noise generator which seeks to thwart this attack by introducing a minimal amount of noise into the power traces. We demonstrate on synthetic datasets that our method can outperform existing techniques in the presence of common countermeasures such as Boolean masking and trace desynchronization. Results on real datasets are weak because the technique is highly sensitive to hyperparameters and early-stop point, and we lack a holdout dataset with ground truth knowledge of leaking points for model selection. Nonetheless, we believe our work represents an important first step towards deep side-channel leakage localization without relying on strong assumptions about the implementation or the nature of its leakage. An open-source PyTorch implementation of our experiments is provided.