Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

Profiled Attacks Against theĀ Elliptic Curve Scalar Point Multiplication Using Neural Networks

  • Conference paper
  • First Online:
Network and System Security (NSS 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 13041))

Included in the following conference series:

  • 1047 Accesses

Abstract

In recent years, machine learning techniques have been successfully applied to improve side-channel attacks against different cryptographic algorithms. In this work, we deal with the use of neural networks to attack elliptic curve-based cryptosystems. In particular, we propose a deep learning based strategy to retrieve the scalar from a double-and-add scalar-point multiplication. As a proof of concept, we conduct an effective attack against the scalar-point multiplication on NIST standard curve P-256 implemented in BearSSL, a timing side-channel hardened public library. The experimental results show that our attack strategy allows to recover the secret scalar value with a single trace from the attacked device and an exhaustive search over a set containing a few hundreds of the sought secret.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 64.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 84.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Agrawal, D., Archambeault, B., Rao, J.R., Rohatgi, P.: The EM sideā€”channel(s). In: Kaliski, B.S., KoƧ, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 29ā€“45. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36400-5_4

    ChapterĀ  Google ScholarĀ 

  2. Barthelmeh, J.: WolfSSL (formerly cyassl) library: a small, fast, portable implementation of TLS/SSL for embedded devices (2016). https://github.com/wolfSSL/wolfssl

  3. Batina, L., Hogenboom, J., van Woudenberg, J.G.J.: Getting more from PCA: first results of using principal component analysis for extensive power analysis. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 383ā€“397. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27954-6_24

    ChapterĀ  Google ScholarĀ 

  4. Bauer, A., Jaulmes, E., Prouff, E., Wild, J.: Horizontal collision correlation attack on elliptic curves. In: Lange, T., Lauter, K., Lisoněk, P. (eds.) SAC 2013. LNCS, vol. 8282, pp. 553ā€“570. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43414-7_28

    ChapterĀ  Google ScholarĀ 

  5. Bishop, C.: Pattern Recognition and Machine Learning. Information Science and Statistics, Springer, New York (2006)

    MATHĀ  Google ScholarĀ 

  6. Brumley, D., Boneh, D.: Remote timing attacks are practical. In: Proceedings of the 12th USENIX Security Symposium, Washington, D.C., USA, 4ā€“8 August 2003, pp. 1ā€“13. USENIX Association (2003). https://www.usenix.org/conference/12th-usenix-security-symposium/remote-timing-attacks-are-practical

  7. Cagli, E., Dumas, C., Prouff, E.: Convolutional neural networks with data augmentation against jitter-based countermeasures. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 45ā€“68. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66787-4_3

    ChapterĀ  Google ScholarĀ 

  8. Carbone, M., et al.: Deep learning to evaluate secure RSA implementations. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2019(2), 132ā€“161 (2019). https://doi.org/10.13154/tches.v2019.i2.132-161

    ArticleĀ  Google ScholarĀ 

  9. Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski, B.S., KoƧ, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13ā€“28. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36400-5_3

    ChapterĀ  Google ScholarĀ 

  10. Danger, J.-L., Guilley, S., Hoogvorst, P., Murdica, C., Naccache, D.: Improving the big mac attack on elliptic curve cryptography. In: Ryan, P.Y.A., Naccache, D., Quisquater, J.-J. (eds.) The New Codebreakers. LNCS, vol. 9100, pp. 374ā€“386. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49301-4_23

    ChapterĀ  MATHĀ  Google ScholarĀ 

  11. Denis, F.: The Sodium cryptography library. Libsodium (2013). https://doc.libsodium.org/

  12. Duchi, J.C., Hazan, E., Singer, Y.: Adaptive subgradient methods for online learning and stochastic optimization. In: Kalai, A.T., Mohri, M. (eds.) COLT 2010 - The 23rd Conference on Learning Theory, Haifa, Israel, 27ā€“29 June 2010, pp. 257ā€“269. Omnipress (2010). http://colt2010.haifa.il.ibm.com/papers/COLT2010proceedings.pdf#page=265

  13. Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: concrete results. In: KoƧ, Ƈ.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251ā€“261. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44709-1_21

    ChapterĀ  Google ScholarĀ 

  14. Gierlichs, B., Batina, L., Tuyls, P., Preneel, B.: Mutual information analysis. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 426ā€“442. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85053-3_27

    ChapterĀ  Google ScholarĀ 

  15. Gierlichs, B., Lemke-Rust, K., Paar, C.: Templates vs. stochastic methods. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 15ā€“29. Springer, Heidelberg (2006). https://doi.org/10.1007/11894063_2

    ChapterĀ  Google ScholarĀ 

  16. Gilmore, R., Hanley, N., Oā€™Neill, M.: Neural network based attack on a masked implementation of AES. In: IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2015, Washington, DC, USA, 5ā€“7 May 2015, pp. 106ā€“111. IEEE Computer Society (2015). https://doi.org/10.1109/HST.2015.7140247

  17. Hanley, N., Kim, H.S., Tunstall, M.: Exploiting collisions in addition chain-based exponentiation algorithms using a single trace. In: Nyberg, K. (ed.) CT-RSA 2015. LNCS, vol. 9048, pp. 431ā€“448. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-16715-2_23

    ChapterĀ  MATHĀ  Google ScholarĀ 

  18. Kingma, D.P., Ba, J.: Adam: a method for stochastic optimization. In: Bengio, Y., LeCun, Y. (eds.) 3rd International Conference on Learning Representations, ICLR 2015, Conference Track Proceedings, San Diego, CA, USA, 7ā€“9 May 2015 (2015). http://arxiv.org/abs/1412.6980

  19. Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104ā€“113. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-68697-5_9

    ChapterĀ  Google ScholarĀ 

  20. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388ā€“397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25

    ChapterĀ  Google ScholarĀ 

  21. Maas, A.L., Hannun, A.Y., Ng, A.Y.: Rectifier nonlinearities improve neural network acoustic models. In: ICML Workshop on Deep Learning for Audio, Speech and Language Processing (2013)

    Google ScholarĀ 

  22. Maghrebi, H.: Assessment of common side channel countermeasures with respect to deep learning based profiled attacks. In: 31st International Conference on Microelectronics, ICM 2019, Cairo, Egypt, 15ā€“18 December 2019, pp. 126ā€“129. IEEE (2019). https://doi.org/10.1109/ICM48031.2019.9021728

  23. Maghrebi, H., Portigliatti, T., Prouff, E.: Breaking cryptographic implementations using deep learning techniques. In: Carlet, C., Hasan, M.A., Saraswat, V. (eds.) SPACE 2016. LNCS, vol. 10076, pp. 3ā€“26. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-49445-6_1

    ChapterĀ  Google ScholarĀ 

  24. Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks - Revealing the Secrets of Smart Cards. Springer, Boston (2007). https://doi.org/10.1007/978-0-387-38162-6

    BookĀ  MATHĀ  Google ScholarĀ 

  25. Masure, L., Dumas, C., Prouff, E.: A comprehensive study of deep learning for side-channel analysis. IACR Cryptology ePrint Archive 2019/439 (2019). https://eprint.iacr.org/2019/439

  26. Perin, G., Chmielewski, L., Batina, L., Picek, S.: Keep it unsupervised: horizontal attacks meet deep learning. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2021(1), 343ā€“372 (2021). https://doi.org/10.46586/tches.v2021.i1.343-372

    ArticleĀ  Google ScholarĀ 

  27. Pornin, T.: BearSSL, a smaller SSL/TLS library (2016). https://bearssl.org/index.html

  28. Poussier, R., Zhou, Y., Standaert, F.-X.: A systematic approach to the side-channel analysis of ECC implementations with worst-case horizontal attacks. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 534ā€“554. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66787-4_26

    ChapterĀ  Google ScholarĀ 

  29. Quisquater, J.J., Samyde, D.: Eddy current for magnetic analysis with active sensor. In: Proceedings of Esmart 2002, Nice, France, pp. 185ā€“194, September 2002

    Google ScholarĀ 

  30. Reed, R.D., Marks, R.J.: Neural Smithing: Supervised Learning in Feedforward Artificial Neural Networks. MIT Press, Cambridge (1998)

    Google ScholarĀ 

  31. Roelofs, N., Samwel, N., Batina, L., Daemen, J.: Online template attack on ECDSA: extracting keys via the other side. In: Nitaj, A., Youssef, A. (eds.) AFRICACRYPT 2020. LNCS, vol. 12174, pp. 323ā€“336. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-51938-4_16

    ChapterĀ  Google ScholarĀ 

  32. Srivastava, N., Hinton, G.E., Krizhevsky, A., Sutskever, I., Salakhutdinov, R.: Dropout: a simple way to prevent neural networks from overfitting. J. Mach. Learn. Res. 15(1), 1929ā€“1958 (2014)

    MathSciNetĀ  MATHĀ  Google ScholarĀ 

  33. Weissbart, L., Chmielewski, Ł, Picek, S., Batina, L.: Systematic side-channel analysis of Curve25519 with machine learning. J. Hardw. Syst. Secur. 4(4), 314ā€“328 (2020). https://doi.org/10.1007/s41635-020-00106-w

    ArticleĀ  Google ScholarĀ 

  34. Weissbart, L., Picek, S., Batina, L.: One trace is all it takes: machine learning-based side-channel attack on EdDSA. In: Bhasin, S., Mendelson, A., Nandi, M. (eds.) SPACE 2019. LNCS, vol. 11947, pp. 86ā€“105. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-35869-3_8

    ChapterĀ  Google ScholarĀ 

  35. Witteman, M.F., van Woudenberg, J.G.J., Menarini, F.: Defeating RSA multiply-always and message blinding countermeasures. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 77ā€“88. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19074-2_6

    ChapterĀ  MATHĀ  Google ScholarĀ 

  36. Zhou, Y., Standaert, F.X.: Simplified single-trace side-channel attacks on elliptic curve scalar multiplication using fully convolutional networks. In: 40th WIC Symposium on Information Theory in the Benelux (2019). https://dial.uclouvain.be/pr/boreal/object/boreal:226275

  37. Zotkin, Y., Olivier, F., Bourbao, E.: Deep learning vs template attacks in front of fundamental targets: experimental study. IACR Cryptology ePrint Archive 2018/1213 (2018). https://eprint.iacr.org/2018/1213

Download references

Author information

Authors and Affiliations

  1. Politecnico di Milano, Milan, Italy

    Alessandro BarenghiĀ &Ā Gerardo Pelosi

  2. STMicroelectronics, Agrate Brianza, Italy

    Diego Carrera,Ā Silvia Mella,Ā Andrea PaceĀ &Ā Ruggero Susella

  3. RadBoud University, Nijmegen, The Netherlands

    Silvia Mella

Authors
  1. Alessandro Barenghi
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

  2. Diego Carrera
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

  3. Silvia Mella
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

  4. Andrea Pace
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

  5. Gerardo Pelosi
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

  6. Ruggero Susella
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

Corresponding author

Correspondence to Gerardo Pelosi .

Editor information

Editors and Affiliations

  1. Fudan University, Shanghai, China

    Min Yang

  2. James Cook University, Townsville, QLD, Australia

    Chao Chen

  3. Nanyang Technological University, Singapore, Singapore

    Yang Liu

A Details ofĀ Double-and-Add Algorithm

A Details ofĀ Double-and-Add Algorithm

figure c
figure d

Rights and permissions

Reprints and permissions

Copyright information

Ā© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Barenghi, A., Carrera, D., Mella, S., Pace, A., Pelosi, G., Susella, R. (2021). Profiled Attacks Against theĀ Elliptic Curve Scalar Point Multiplication Using Neural Networks. In: Yang, M., Chen, C., Liu, Y. (eds) Network and System Security. NSS 2021. Lecture Notes in Computer Science(), vol 13041. Springer, Cham. https://doi.org/10.1007/978-3-030-92708-0_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-92708-0_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-92707-3

  • Online ISBN: 978-3-030-92708-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics