Deep Learning Side-Channel Collision Attack


  • Marvin Staib Ruhr University Bochum, Horst Görtz Institute for IT Security, Bochum, Germany
  • Amir Moradi Ruhr University Bochum, Horst Görtz Institute for IT Security, Bochum, Germany



Deep-Learning, Side-Channel Analysis, Side-Channel Collision Attack, Non-Profiled Attack, Masking


With the breakthrough of Deep Neural Networks, many fields benefited from its enormously increasing performance. Although there is an increasing trend to utilize Deep Learning (DL) for Side-Channel Analysis (SCA) attacks, previous works made specific assumptions for the attack to work. Especially the concept of template attacks is widely adapted while not much attention was paid to other attack strategies. In this work, we present a new methodology, that is able to exploit side-channel collisions in a black-box setting. In particular, our attack is performed in a non-profiled setting and requires neither a hypothetical power model (or let’s say a many-to-one function) nor details about the underlying implementation. While the existing non-profiled DL attacks utilize training metrics to distinguish the correct key, our attack is more efficient by training a model that can be applied to recover multiple key portions, e.g., bytes. In order to perform our attack on raw traces instead of pre-selected samples, we further introduce a DL-based technique that can localize input-dependent leakages in masked implementations, e.g., the leakages associated to one byte of the cipher state in case of AES. We validated our approach by targeting several publicly available power consumption datasets measured from implementations protected by different masking schemes. As a concrete example, we demonstrate how to successfully recover the key bytes of the ASCAD dataset with only a single trained model in a non-profiled setting.




How to Cite

Staib, M., & Moradi, A. (2023). Deep Learning Side-Channel Collision Attack. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2023(3), 422–444.