DL-LA: Deep Learning Leakage Assessment - A modern roadmap for SCA evaluations2021
Research Hub B: Eingebettete Sicherheit
RC 6: Next-Generation Implementation Security
In recent years, deep learning has become an attractive ingredient toside-channel analysis (SCA) due to its potential to improve the success probabilityor enhance the performance of certain frequently executed tasks. One task that iscommonly assisted by machine learning techniques is the profiling of a device’s leakagebehavior in order to carry out a template attack. At CHES 2019, deep learning hasalso been applied to non-profiled scenarios for the first time, extending its reachwithin SCA beyond template attacks. The proposed method, called DDLA, has sometempting advantages over traditional SCA due to merits inherited from (convolutional)neural networks. Most notably, it greatly reduces the need for pre-processing stepswhen the SCA traces are misaligned or when the leakage is of a multivariate nature.However, similar to traditional attack scenarios the success of this approach highlydepends on the correct choice of a leakage model and the intermediate value to target.In this work we explore, for the first time in literature, whether deep learning cansimilarly be used as an instrument to advance another crucial (non-profiled) disciplineof SCA which is inherently independent of leakage models and targeted intermediates,namely leakage assessment. In fact, given the simple classification-based natureof common leakage assessment techniques, in particular distinguishing two groupsfixed-vs-random or fixed-vs-fixed, it comes as a surprise that machine learning has notbeen brought into this context, yet. Our contribution is the development of the firstfull leakage assessment methodology based on deep learning. It gives the evaluator thefreedom to not worry about location, alignment and statistical order of the leakagesand easily covers multivariate and horizontal patterns as well. We test our approachagainst a number of case studies based on FPGA, ASIC andμC implementations ofthe PRESENT block cipher, equipped with state-of-the-art SCA countermeasures.Our results clearly show that the proposed methodology and network structures arerobust across all case studies and outperform the classical detection approaches (t-testandχ2-test) in all considered scenarios.