Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                

Paper 2024/124

Perceived Information Revisited II: Information-Theoretical Analysis of Deep-Learning Based Side-Channel Attacks

Akira Ito, NTT Social Informatics Laboratories
Rei Ueno, Kyoto University
Naofumi Homma, Tohoku University
Abstract

Previous studies on deep-learning-based side-channel attacks (DL-SCAs) have shown that traditional performance evaluation metrics commonly used in DL, like accuracy and F1 score, are not effective in evaluating DL-SCA performance. Therefore, some previous studies have proposed new alternative metrics for evaluating the performance of DL-SCAs. Notably, perceived information (PI) and effective perceived information (EPI) are major metrics based on information theory. While it has been experimentally confirmed that these metrics can give the attack success rate (SR) for DL-SCAs, their theoretical validity remains unclear. In this paper, we propose a new theoretically valid performance evaluation metric called latent perceived information (LPI), which serves as an alternative to the existing metrics. LPI is defined as the mutual information between the output of the feature extractor of a neural network (NN) model and the intermediate value, representing the potential attack performance of the trained model. First, we prove that LPI provides an upper bound on the SR of a DL-SCA by modeling and formulating DL-SCA as a communication channel. Additionally, we clarify the conditions under which PI and EPI theoretically provide an upper bound on the SR from the perspective of LPI. For practical computation of LPI, we present two methods. One utilizes the Kraskov (KSG) estimator, a common mutual information estimator, and the other is based on the logistic regression. While the KSG estimator is computationally intensive, it yields accurate LPI values. In contrast, the logistic regression is faster but provides a lower bound for LPI. Through experimental attacks on AES software and hardware implementations with masking countermeasures, we demonstrate that the LPI values estimated by these two methods are significantly similar, indicating the reliability and soundness of our proposed estimation techniques. Furthermore, we present the use of a classifier based on logistic regression to improve the attack performance of the trained model. We experimentally demonstrate that an NN model with the logistic regression-based classifier can achieve the upper bound of attack performance predicted by LPI, meaning a significant improvement in attack performance from the original NN. Thus, our study contributes to realizing the optimal distinguisher using the trained model in terms of attack performance.

Note: We have modified the definition of LPI, and proposed two new estimation methods for LPI in this revision.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Preprint.
Keywords
Profiled side-channel attacksPerceived informationSuccess rateDeep learningInformation theory
Contact author(s)
akira itoh @ ntt com
ueno rei 2e @ kyoto-u ac jp
naofumi homma c8 @ tohoku ac jp
History
2024-07-23: last of 2 revisions
2024-01-29: received
See all versions
Short URL
https://ia.cr/2024/124
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/124,
      author = {Akira Ito and Rei Ueno and Naofumi Homma},
      title = {Perceived Information Revisited {II}: Information-Theoretical Analysis of Deep-Learning Based Side-Channel Attacks},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/124},
      year = {2024},
      url = {https://eprint.iacr.org/2024/124}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.