1 of 20

Review of AISY Research Paper

E/17/038 Anuruddha

E/17/101 Anjalee

E/17/292 Rilwan

2 of 20

Overview

  • a deep learning-based framework for profiling side-channel analysis
  • enables the users to run the analyses and report the results efficiently
  • Maintain results’ reproducible nature
  • Use supervised machine learning - multi class classification
  • Use deep neural network with softmax output layer

3 of 20

Advantages

  • Maintain results’ reproducible nature
  • Easy to use - built on top of Keras library
  • Integrated Database
  • Provide a web application
  • One-click Script Generation
  • State-of-the-art side-channel analysis
  • Team work

4 of 20

Profiling and Attacking

  • In SCA, the profiling phase is the same as the training in ML
  • In the attack phase, the goal is to make predictions about the classes
  • Aims to reveal the secret key k*. For this partial guessing entropy is used in AISY framework

5 of 20

General Design

  • Current framework version is 1.0
  • Open-source
  • Currently, the AISY framework supports deep learning-based SCA for the AES cipher with 128-bit key

6 of 20

Framework flow

7 of 20

Layout

8 of 20

Datasets

  • Currently 5 datasets are supported in the framework
  • only format currently supported is .h5, where datasets need to be generated according to the ASCAD database description

ASCAD Fixed Key

  • target - an 8-bit AVR microcontroller running a masked AES-128 implementation, where the side-channel is electromagnetic emanation
  • Profiling - 50 000 traces
  • Testing - 10 000 traces
  • Provides the preselected window of 700 samples to attack first masked byte

9 of 20

Datasets (Continued)

ASCAD Random Keys

  • Target - same as ASCAD Fixed Key dataset
  • Profiling - Has random keys, 200 000 traces
  • Testing - a fixed key, 100 000 traces
  • Provides the preselected window of 1 400 samples to attack first masked key byte

CHES CTF 2018

  • Target - masked AES-128 encryption running on a 32-bit STM microcontroller
  • Profiling - contains a fixed key, 45 000 traces
  • Testing - fixed key different from the key configured for training and validation set, 5 000 traces
  • Each trace consists of 2 200 samples

10 of 20

Datasets (Continued)

AES HD

  • Target - unprotected hardware implementation of AES-128 implemented on Xilinx Virtex-5 FPGA of a SASEBO GII evaluation board
  • Contains 50 000 traces
  • Each trace has 1250 samples

AES HD ext

  • AES HD extended dataset
  • Contains 500 000 traces
  • Each trace has 1250 samples

11 of 20

Standard Metrics

  • Guessing Entropy

To compute guessing entropy, a user must define the key rank calculation definition

  • Success Rate

Automatically computed together with guessing entropy

  • Accuracy
  • Loss

estimated for each epoch during training

12 of 20

Neural Network Models

  • Allows deep learning analysis with multilayer perceptron and convolution neural networks
  • To allow easier usage of the AISY framework, authors also implemented several state-of-the-art architectures

(1) ASCAD mlp

(2) ASCAD cnn

(3) methodology cnn ascad

(4) methodology cnn aeshd

(5) methodology cnn aesrd

(6) methodology cnn dpav4 [43]

13 of 20

Leakage Models

  • Supports 4 different leakage models

(01) Bit - results in 2 classes

(02) Hamming weight - results in 9 classes

(03) Hamming distance - results in 9 classes, need to consider 2 states that are XOR- ed to obtain the intermediate value

(04) Identity - considers value of intermediate state, results in 256 classes

14 of 20

Visualization

  • provides an input gradient visualization feature
  • allows the visual verification of main input samples learned from the input traces
  • Input gradient can be visualized as:

(01) the sum of input gradients, providing the sum of input gradients computed for all used profiling traces and all the processed epochs

(02) the input gradient computed for all used profiling traces for each epoch in a heatmap plot.

15 of 20

Data Augmentation

  • allows easy configuration of data augmentation techniques during model training
  • allows small modifications in side-channel traces during training - improves the model generalization
  • Implements two data augmentation techniques:

(01) Shifts - every trace is randomly shifted

(02) Gaussian noise - every trace is combined with the Gaussian noise with a specific mean and standard deviation values

16 of 20

Hyperparameter Search

  • Two options to conduct hyperparameter tuning in the AISY framework
  • Implements two data augmentation techniques:

(01) Random search - need to define the minimal, maximal, and step value for every hyperparameter

(02) Grid search - have to define all hyperparameter values to examine

17 of 20

Main Features of AISY framework

  • SCA Metrics (guessing entropy and success rate)
  • Gradient Visualization
  • Data Augmentation
  • Grid Search
  • Random Search
  • Early Stopping
  • Ensemble

18 of 20

…contd

  • Custom Callbacks
  • Confusion Matrix
  • Easy Neural Network Definitions
  • Data Augmentation
  • GUI - plots, tables
  • Automatically generate scripts
  • Fully reproducible scripts

19 of 20

Q & A

20 of 20

Thank You