A Time Series Approach for Profiling Attack

  • Liran Lerman
  • Gianluca Bontempi
  • Souhaib Ben Taieb
  • Olivier Markowitch
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8204)


The goal of a profiling attack is to challenge the security of a cryptographic device in the worst case scenario. Though template attack is reputed as the strongest power analysis attack, they effectiveness is strongly dependent on the validity of the Gaussian assumption. This led recently to the appearance of nonparametric approaches, often based on machine learning strategies. Though these approaches outperform template attack, they tend to neglect the potential source of information available in the temporal dependencies between power values. In this paper, we propose an original multi-class profiling attack that takes into account the temporal dependence of power traces. The experimental study shows that the time series analysis approach is competitive and often better than static classification alternatives.


side-channel attack power analysis machine learning time series classification 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Aha, D.W.: Editorial. Artificial Intelligence Review 11, 7–10 (1997)CrossRefGoogle Scholar
  2. 2.
    Archambeau, C., Peeters, E., Standaert, F.-X., Quisquater, J.-J.: Template attacks in principal subspaces. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 1–14. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  3. 3.
    Bartkewitz, T., Lemke-Rust, K.: Efficient template attacks based on probabilistic multi-class support vector machines. In: Mangard, S. (ed.) CARDIS 2012. LNCS, vol. 7771, pp. 263–276. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  4. 4.
    Bellman, R.: Dynamic Programming, 1st edn. Princeton University Press, Princeton (1957)Google Scholar
  5. 5.
    Birattari, M., Bontempi, G.: Lazy: Lazy Learning for Local Regression, R package version 1.2-14 (2003)Google Scholar
  6. 6.
    Birattari, M., Bontempi, G., Bersini, H.: Lazy learning meets the recursive least squares algorithm. In: Proceedings of the 1998 Conference on Advances in Neural Information Processing Systems II, pp. 375–381. MIT Press, Cambridge (1999)Google Scholar
  7. 7.
    Bisgaard, S., Kulahci, M.: Time Series Analysis and Forecasting by Example. Wiley Series in Probability and Statistics. John Wiley Sons (2011)Google Scholar
  8. 8.
    Bontempi, G., Birattari, M., Bersini, H.: Lazy learners at work: The lazy learning toolbox. In: EUFIT 1999: The 7th European Congress on Intelligent Techniques and Soft Computing, Abstract Booklet with CD Rom, Aachen, Germany. ELITE Foundation (1999)Google Scholar
  9. 9.
    Bontempi, G., Birattari, M., Bersini, H.: Lazy Learning: A local method for supervised learning. In: Jain, L.C., Kacprzyk, J. (eds.) New Learning Paradigms in Soft Computing, pp. 97–137. Springer, Heidelberg (2001)Google Scholar
  10. 10.
    Breiman, L.: Random forests. Machine Learning 45, 5–32 (2001)CrossRefzbMATHGoogle Scholar
  11. 11.
    Chari, S., Rao, J., Rohatgi, P.: Template attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  12. 12.
    Coron, J.-S., Naccache, D., Kocher, P.: Statistics and secret leakage. ACM Trans. Embed. Comput. Syst. 3, 492–508 (2004)CrossRefGoogle Scholar
  13. 13.
    Cortes, C., Vapnik, V.: Support-vector networks. Machine Learning, 273–297 (1995)Google Scholar
  14. 14.
    Elaabid, M.A., Meynard, O., Guilley, S., Danger, J.-L.: Combined side-channel attacks. In: Chung, Y., Yung, M. (eds.) WISA 2010. LNCS, vol. 6513, pp. 175–190. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  15. 15.
    Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic Analysis: Concrete Results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  16. 16.
    Gierlichs, B., Batina, L., Tuyls, P., Preneel, B.: Mutual Information Analysis - A Generic Side-Channel Distinguisher. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 426–442. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  17. 17.
    Gierlichs, B., Lemke-Rust, K., Paar, C.: Templates vs. stochastic methods. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 15–29. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  18. 18.
    Hastie, T., Tibshirani, R., Friedman, J.: The elements of statistical learning: data mining, inference and prediction, 2nd edn. Springer (2009)Google Scholar
  19. 19.
    Heuser, A., Zohner, M.: Intelligent machine homicide - Breaking cryptographic devices using support vector machines. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 249–264. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  20. 20.
    Hospodar, G., Gierlichs, B., Mulder, E.D., Verbauwhede, I., Vandewalle, J.: Machine learning in side-channel analysis: a first study. J. Cryptographic Engineering 1(4), 293–302 (2011)CrossRefGoogle Scholar
  21. 21.
    Hospodar, G., Mulder, E.D., Gierlichs, B., Vandewalle, J., Verbauwhede, I.: Least Squares Support Vector Machines for Side-Channel Analysis, pp. 99–104. Center for Advanced Security Research Darmstadt (2011)Google Scholar
  22. 22.
    Hsu, C.-W., Lin, C.-J.: A comparison of methods for multiclass support vector machines. Trans. Neur. Netw. 13(2), 415–425 (2002)CrossRefGoogle Scholar
  23. 23.
    Kocher, P.C.: Timing attacks on implementations of diffie-hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
  24. 24.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  25. 25.
    KreBel, U.H.-G.: Pairwise classification and support vector machines. In: Advances in Kernel Methods, pp. 255–268. MIT Press, Cambridge (1999)Google Scholar
  26. 26.
    Lerman, L., Bontempi, G., Markowitch, O.: Side Channel Attack: an Approach Based on Machine Learning, pp. 29–41. Center for Advanced Security Research Darmstadt (2011)Google Scholar
  27. 27.
    Lerman, L., Bontempi, G., Markowitch, O.: Power analysis attack: an approach based on machine learning. International Journal of Applied Cryptography (to appear, 2013)Google Scholar
  28. 28.
    Lerman, L., Bontempi, G., Markowitch, O.: sideChannelAttack: Side Channel Attack, R package version 1.0-7 (2013)Google Scholar
  29. 29.
    Lerman, L., Fernandes Medeiros, S., Veshchikov, N., Meuter, C., Bontempi, G., Markowitch, O.: Semi-supervised template attack. In: Prouff, E. (ed.) COSADE 2013. LNCS, vol. 7864, pp. 184–199. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  30. 30.
    Makridakis, S., Wheelwright, S., Hyndman, R.J.: Forecasting: Methods and Applications. Wiley series in management. Wiley (1998)Google Scholar
  31. 31.
    Mangard, S., Oswald, E., Popp, T.: Power analysis attacks - revealing the secrets of smart cards. Springer (2007)Google Scholar
  32. 32.
    Oren, Y., Renauld, M., Standaert, F.-X., Wool, A.: Algebraic side-channel attacks beyond the hamming weight leakage model. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 140–154. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  33. 33.
    Oswald, E., Mangard, S.: Template Attacks on Masking-Resistance Is Futile. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 243–256. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  34. 34.
    Peng, H., Long, F., Ding, C.: Feature selection based on mutual information criteria of max-dependency, max-relevance, and min-redundancy. IEEE Transactions on Pattern Analysis and Machine Intelligence 27(8), 1226–1238 (2005)CrossRefzbMATHGoogle Scholar
  35. 35.
    Rechberger, C., Oswald, E.: Practical template attacks. In: Lim, C.H., Yung, M. (eds.) WISA 2004. LNCS, vol. 3325, pp. 440–456. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  36. 36.
    Reparaz, O., Gierlichs, B., Verbauwhede, I.: Selecting time samples for multivariate DPA attacks. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 155–174. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  37. 37.
    Rivain, M., Dottax, E., Prouff, E.: Block ciphers implementations provably secure against second order side channel analysis. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 127–143. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  38. 38.
    DPAContest V1 (February 2013),
  39. 39.
    Wallace, B.C., Dahabreh, I.J.: Class probability estimates are unreliable for imbalanced data (and how to fix them). In: Zaki, M.J., Siebes, A., Yu, J.X., Goethals, B., Webb, G.I., Wu, X. (eds.) ICDM, pp. 695–704. IEEE Computer Society (2012)Google Scholar
  40. 40.
    Whitnall, C., Oswald, E., Mather, L.: An exploration of the kolmogorov-smirnov test as a competitor to mutual information analysis. In: Prouff, E. (ed.) CARDIS 2011. LNCS, vol. 7079, pp. 234–251. Springer, Heidelberg (2011)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Liran Lerman
    • 1
    • 2
  • Gianluca Bontempi
    • 2
  • Souhaib Ben Taieb
    • 2
  • Olivier Markowitch
    • 1
  1. 1.Quality and Security of Information Systems, Département d’informatiqueUniversité Libre de BruxellesBelgium
  2. 2.Machine Learning Group, Département d’informatiqueUniversité Libre de BruxellesBelgium

Personalised recommendations