Advertisement

Side-channel attacks and learning-vector quantization

  • Ehsan Saeedi
  • Yinan Kong
  • Md. Selim Hossain
Article
  • 92 Downloads

Abstract

The security of cryptographic systems is a major concern for cryptosystem designers, even though cryptography algorithms have been improved. Side-channel attacks, by taking advantage of physical vulnerabilities of cryptosystems, aim to gain secret information. Several approaches have been proposed to analyze side-channel information, among which machine learning is known as a promising method. Machine learning in terms of neural networks learns the signature (power consumption and electromagnetic emission) of an instruction, and then recognizes it automatically. In this paper, a novel experimental investigation was conducted on field-programmable gate array (FPGA) implementation of elliptic curve cryptography (ECC), to explore the efficiency of side-channel information characterization based on a learning vector quantization (LVQ) neural network. The main characteristics of LVQ as a multi-class classifier are that it has the ability to learn complex non-linear input-output relationships, use sequential training procedures, and adapt to the data. Experimental results show the performance of multi-class classification based on LVQ as a powerful and promising approach of side-channel data characterization.

Key words

Side-channel attacks Elliptic curve cryptography Multi-class classification Learning vector quantization 

CLC number

TP309 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bartkewitz, T., Lemke-Rust, K., 2013. Efficient template attacks based on probabilistic multi-class support vector machines. LNCS, 7771: 263–276. http://dx.doi.org/10.1007/978-3-642-37288-9_18Google Scholar
  2. Blake, I.F., Seroussi, G., Smart, N., 1999. Elliptic Curves in Cryptography. Cambridge University Press. http://dx.doi.org/10.1017/CBO9781107360211CrossRefGoogle Scholar
  3. Cybenko, G., 1989. Approximation by superpositions of a sigmoidal function. Math. Contr. Signals Syst., 2(4): 303–314. http://dx.doi.org/10.1007/BF02551274MathSciNetCrossRefGoogle Scholar
  4. de Mulder, E., Buysschaert, P., Ors, S.B., et al., 2005. Electromagnetic analysis attack on an FPGA implementation of an elliptic curve cryptosystem. Int. Conf. on Computer as a Tool, p.1879–1882. http://dx.doi.org/10.1109/EURCON.2005.1630348Google Scholar
  5. Duda, R.O., Hart, P.E., Stork, D.G., 2011. Pattern Classification. John Wiley & Sons.Google Scholar
  6. Flotzinger, D., Kalcher, J., Pfurtscheller, G., 1992. EEG classification by learning vector quantization. Biomed. Eng., 37(12): 303–309 (in German). http://dx.doi.org/10.1515/bmte.1992.37.12.303CrossRefGoogle Scholar
  7. Gersho, A., 1979. Asymptotically optimal block quantization. IEEE Trans. Inform. Theory, 25(4): 373–380. http://dx.doi.org/10.1109/TIT.1979.1056067MathSciNetCrossRefGoogle Scholar
  8. Haykin, S.S., 2009. Neural Networks and Learning Machines. Pearson Education, Upper Saddle River.Google Scholar
  9. Heuser, A., Zohner, M., 2012. Intelligent machine homicide. Int. Workshop on Constructive Side-Channel Analysis and Secure Design, p.249–264. http://dx.doi.org/10.1007/978-3-642-29912-4_18CrossRefGoogle Scholar
  10. Heyszl, J., Mangard, S., Heinz, B., et al., 2012a. Localized electromagnetic analysis of cryptographic implementations. Cryptographers’ Track at the RSA Conf., p.231–244. http://dx.doi.org/10.1007/978-3-642-27954-6_15Google Scholar
  11. Heyszl, J., Merli, D., Heinz, B., et al., 2012b. Strengths and limitations of high-resolution electromagnetic field measurements for side-channel analysis. Int. Conf. on Smart Card Research and Advanced Applications, p.248–262. http://dx.doi.org/10.1007/978-3-642-37288-9_17Google Scholar
  12. Itoh, K., Izu, T., Takenaka, M., 2002. Address-bit differential power analysis of cryptographic schemes OK-ECDH and OK-ECDSA. LNCS, 2523: 129–143. http://dx.doi.org/10.1007/3-540-36400-5_11zbMATHGoogle Scholar
  13. Koblitz, N., 1987. Elliptic curve cryptosystems. Math. Comput., 48(177): 203–209. http://dx.doi.org/10.1090/S0025-5718-1987-0866109-5MathSciNetCrossRefGoogle Scholar
  14. Kocher, P., Jaffe, J., Jun, B., 1999. Differential power analysis. Annual Int. Cryptology Conf., p.388–397. http://dx.doi.org/10.1007/3-540-48405-1_25Google Scholar
  15. Kohonen, T., 1988. An introduction to neural computing. Neur. Networks, 1(1): 3–16. http://dx.doi.org/10.1016/0893-6080(88)90020-2CrossRefGoogle Scholar
  16. Kohonen, T., 1990a. Improved versions of learning vector quantization. Int. Joint Conf. on Neural Networks, p.545–550. http://dx.doi.org/10.1109/IJCNN.1990.137622Google Scholar
  17. Kohonen, T., 1990b. Statistical pattern recognition revisited. In: Eckmiller, R. (Ed.), Advanced Neural Computers. North-Holland, Amsterdam, p.137–144. http://dx.doi.org/10.1016/B978-0-444-88400-8.50020-0Google Scholar
  18. Kopf, B., Durmuth, M., 2009. A provably secure and efficient countermeasure against timing attacks. 22nd IEEE Computer Security Foundations Symp., p.324–335. http://dx.doi.org/10.1109/CSF.2009.21Google Scholar
  19. Li, C., Lee, C., 2011. A robust remote user authentication scheme using smart card. Inform. Technol. Contr., 40(3): 236–245. http://dx.doi.org/10.5755/j01.itc.40.3.632Google Scholar
  20. Ma, C., Wang, D., Zhang, Q., 2012. Cryptanalysis and improvement of Sood et al.’s dynamic ID-based authentication scheme. Int. Conf. on Distributed Computing and Internet Technology, p.141–152. http://dx.doi.org/10.1007/978-3-642-28073-3_13CrossRefGoogle Scholar
  21. Ma, C., Wang, D., Zhao, S., 2014. Security flaws in two improved remote user authentication schemes using smart cards. Int. J. Commun. Syst., 27(10): 2215–2227. http://dx.doi.org/10.1002/dac.2468CrossRefGoogle Scholar
  22. Mangard, S., Oswald, E., Popp, T., 2007. Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer Science & Business Media. http://dx.doi.org/10.1007/978-0-387-38162-6zbMATHGoogle Scholar
  23. Mäntysalo, J., Torkkolay, K., Kohonen, T., 1992. LVQbased speech recognition with high-dimensional context vectors. Int. Conf. on Spoken Language Processing, p.539–542.Google Scholar
  24. Miller, V.S., 1986. Use of elliptic curves in cryptography. Conf. on the Theory and Application of Cryptographic Techniques, p.417–426. http://dx.doi.org/10.1007/3-540-39799-X_31Google Scholar
  25. Msgna, M., Markantonakis, K., Mayes, K., 2014. Precise instruction-level side channel profiling of embedded processors. Int. Conf. on Information Security Practice and Experience, p.129–143. http://dx.doi.org/10.1007/978-3-319-06320-1_11CrossRefGoogle Scholar
  26. Orlando, J., Mann, R., Haykin, S., 1990. Radar Classification of Sea-Ice Using Traditional and Neural Classifiers. Proc. Int. Joint Conf. on Neural Networks, II-263.Google Scholar
  27. Pregenzer, M., Pfurtscheller, G., Flotzinger, D., 1996. Automated feature selection with a distinction sensitive learning vector quantizer. Neurocomputing, 11(1): 19–29. http://dx.doi.org/10.1016/0925-2312(94)00071-9CrossRefGoogle Scholar
  28. Prouff, E., 2014. Constructive Side-Channel Analysis and Secure Design. Springer Berlin Heidelberg. http://dx.doi.org/10.1007/978-3-319-10175-0Google Scholar
  29. Saeedi, E., Kong, Y., 2014. Side channel information analysis based on machine learning. 8th Int. Conf. on Signal Processing and Communication Systems, p.1–7. http://dx.doi.org/10.1109/ICSPCS.2014.7021075Google Scholar
  30. Saeedi, E., Hossain, M.S., Kong, Y., 2015. Multi-class SVMs analysis of side-channel information of elliptic curve cryptosystem. Int. Symp. on Performance Evaluation of Computer and Telecommunication Systems, p.1–6. http://dx.doi.org/10.1109/SPECTS.2015.7285297Google Scholar
  31. Tillich, S., Herbst, C., 2008. Attacking state-of-the-art software countermeasures: a case study for AES. Int. Workshop on Cryptographic Hardware and Embedded Systems, p.228–243. http://dx.doi.org/10.1007/978-3-540-85053-3_15Google Scholar
  32. Wang, D., Wang, P., 2015. Offline dictionary attack on password authentication schemes using smart cards. LNCS, 7807: 221–237. http://dx.doi.org/10.1007/978-3-319-27659-5_16CrossRefGoogle Scholar
  33. Wang, D., Ma, C., Zhang, Q., et al., 2013. Secure passwordbased remote user authentication scheme against smart card security breach. J. Networks, 8(1): 148–155.Google Scholar
  34. Wang, D., He, D., Wang, P., et al., 2015a. Anonymous twofactor authentication in distributed systems: certain goals are beyond attainment. IEEE Trans. Depend. Sec. Comput., 12(4): 428–442. http://dx.doi.org/10.1109/TDSC.2014.2355850CrossRefGoogle Scholar
  35. Wang, D., Wang, N., Wang, P., et al., 2015b. Preserving privacy for free: efficient and provably secure two-factor authentication scheme with user anonymity. Inform. Sci., 321: 162–178. http://dx.doi.org/10.1016/j.ins.2015.03.070CrossRefGoogle Scholar
  36. Yeh, K., 2015. A lightweight authentication scheme with user untraceability. Front. Inform. Technol. Electron. Eng., 16(4): 259–271. http://dx.doi.org/10.1631/FITEE.1400232CrossRefGoogle Scholar
  37. Zador, P.L., 1982. Asymptotic quantization error of continuous signals and the quantization dimension. IEEE Trans. Inform. Theory, 28(2): 139–149. http://dx.doi.org/10.1109/TIT.1982.1056490MathSciNetCrossRefGoogle Scholar

Copyright information

© Zhejiang University and Springer-Verlag GmbH Germany, part of Springer Nature 2017

Authors and Affiliations

  1. 1.Department of EngineeringMacquarie UniversitySydneyAustralia

Personalised recommendations