Learning-based Approach to Analysis of Block Ciphers and Side-channel Attack

• Main Authors: Jung-Wei Chou, 周融瑋
• Other Authors: Shou-De Lin
• Format: Others
• Language: en_US
• Published: 2012
• Online Access: http://ndltd.ncl.edu.tw/handle/51577101849503476477

碩士 === 國立臺灣大學 === 資訊工程學研究所 === 100 === This paper aims to two problems – side-channel attack and identification of block ciphers. For the first problem a novel unsupervised learning approach is proposed for the task of Power Analysis – a form of side channel attack in Cryptanalysis. Different from some existing works that exploit supervised learning framework to this problem, our method does not require the labeled pairs which contains {X,Y}={key, power-trace} information for training, though is still capable of deciphering the secret key with high accuracy. A regression-based, unsupervised approach is proposed for this purpose. Later we further propose an enhanced model through exploiting the dependency of key bits between different rounds. Our experiment shows that the proposed method can outperform the state-of-the-art non-learning based decipherment methods. For the second problem we focus on cryptographic distinguishing attacks, in which the attacker is able to extract enough “information” from an encrypted message to distinguish it from a piece of random data, allow for powerful cryptanalysis both in theory and in practice. In this chapter, we report our experience of applying state-of-the-art machine learning techniques to launch cryptographic distinguishing attacks on several public datasets. We try several kinds of existing and new features on these datasets and found the ciphers’ “modes of operation” dominate the performance of classification tasks. When CBC mode is used with random initial vectors for each plaintext, the performance is extremely bad, while the performance for certain datasets is relatively good when ECB mode is used. We conclude that, in contrary to the findings of several existing works, the state-of-the-art machine learning techniques and cannot extract useful information from ciphertexts produced by modern ciphers operating in a reasonably secure mode such as CBC, let alone distinguish them from random data.