Tandem Deep Learning Side-Channel Attack on FPGA Implementation of AES

• Published in: SN computer science Vol. 2; no. 5; p. 373
• Main Authors: Wang, Huanyu, Dubrova, Elena
• Format: Journal Article
• Language: English
• Published: Singapore Springer Singapore 01.09.2021; Springer Nature B.V
• Subjects: Algorithms; Classifiers; Computer Imaging; Computer Science; Computer Systems Organization and Communication Networks; Cryptography; Data encryption; Data Structures and Information Theory; Datasets; Deep learning; Efficiency; Hardware for AI; Information Systems and Communication Service; Machine learning; Machine Learning and Emerging Electronic Systems; Neural networks; Original Research; Pattern Recognition and Graphics; Software; Software Engineering/Programming and Operating Systems; Vision; Deep learning; Tandem model; FPGA; Side-channel attack; AES
• ISSN: 2662-995X; 2661-8907; 2661-8907
• DOI: 10.1007/s42979-021-00755-w

Side-channel attacks have become a realistic threat to implementations of cryptographic algorithms, especially with the help of deep-learning techniques. The majority of recently demonstrated deep-learning side-channel attacks use a single neural network classifier to extract the secret from implementations of cryptographic algorithms. The potential benefits of combining multiple classifiers using the ensemble learning method have not been fully explored in the side-channel attack’s context. In this paper, we propose a tandem approach for the attack in which multiple models are trained on different attack points but are used in parallel to recover the key. Such an approach allows us to considerably reduce (33.5% on average) the number of traces required to recover the key from an FPGA implementation of AES by power analysis. We also show that not all combinations of classifiers improve the attack efficiency.