Similar operation template attack on RSA-CRT as a case study

A template attack, the most powerful side-channel attack methods, usually first builds the leakage profiles from a controlled profiling device, and then uses these profiles to recover the secret of the target device. It is based on the fact that the profiling device shares similar leakage characteristics with the target device. In this study, we focus on the similar operations in a single device and propose a new variant of the template attack, called the similar operation template attack (SOTA). SOTA builds the models on public variables (e.g., input/output) and recovers the values of the secret variables that leak similar to the public variables. SOTA’s advantage is that it can avoid the requirement of an additional profiling device. In this study, the proposed SOTA method is applied to a straightforward RSA-CRT implementation. Because the leakage is (almost) the same in similar operations, we reduce the security of RSA-CRT to a hidden multiplier problem (HMP) over GF(q), which can be solved byte-wise using our proposed heuristic algorithm. The effectiveness of our proposed method is verified as an entire prime recovery procedure in a practical leakage scenario

On the Use of Independent Component Analysis to Denoise Side-Channel Measurements

International audienceIndependent Component Analysis (ICA) is a powerful technique for blind source separation. It has been successfully applied to signal processing problems, such as feature extraction and noise reduction , in many different areas including medical signal processing and telecommunication. In this work, we propose a framework to apply ICA to denoise side-channel measurements and hence to reduce the complexity of key recovery attacks. Based on several case studies, we afterwards demonstrate the overwhelming advantages of ICA with respect to the commonly used preprocessing techniques such as the singular spectrum analysis. Mainly, we target a software masked implementation of an AES and a hardware unprotected one. Our results show a significant Signal-to-Noise Ratio (SNR) gain which translates into a gain in the number of traces needed for a successful side-channel attack. This states the ICA as an important new tool for the security assessment of cryptographic implementations

Blind Source Separation from Single Measurements using Singular Spectrum Analysis

Singular Spectrum Analysis (SSA) is a powerful data decomposition/recomposition technique that can be used to reduce the noise in time series. Compared to existing solutions aiming at similar purposes, such as frequency-based filtering, it benefits from easier-to-exploit intuitions, applicability in contexts where low sampling rates make standard frequency analyses challenging, and the (theoretical) possibility to separate a signal source from a noisy source even if both run at the same frequency. In this paper, we first describe how to apply SSA in the context of side-channel analysis, and then validate its interest in three different scenarios. Namely, we consider unprotected software, masked software, and unprotected hardware block cipher implementations. Our experiments confirm significant noise reductions in all three cases, leading to success rates improved accordingly. They also put forward the stronger impact of SSA in more challenging scenarios, e.g. masked implementations (because the impact of noise increases exponentially with the number of shares in this case), or noisy hardware implementations (because of the established connection between the amount of noise and the attacks' success rate in this case). Since noise is a fundamental ingredient for most countermeasures against side-channel attacks, we conclude SSA can be an important element in the toolbox of evaluation laboratories, in order to efficiently preprocess their measurements in a black box manner

Reduction of wind induced microphone noise using singular spectrum analysis technique

Wind induced noise in microphone signals is one of the major concerns of outdoor acoustic signal acquisition. It affects many field measurement and audio recording scenarios. Filtering such noise is known to be difficult due to its broadband and time varying nature. This thesis is presented in the context of handling microphone signals acquired outdoor for acoustic sensing and environmental noise monitoring or soundscapes sampling.Thethesis presents a new approach to wind noise problem. Instead of filtering, a separation technique is developed. Signals are separated into wanted sounds of specific interest and wind noise based on the statistical feature of wind noise. The new technique is based on the Singular Spectrum Analysis methodwhich has recently seen many successful paradigms in the separation of biomedical signals, e.g., separating heart soundfrom lung noise. It has also been successfully implemented to de-noise signals in various applications.The thesis set out with particular emphasison investigating the factor that determines and improves the separability towards obtaining satisfactory results in terms of separating wind noise components out from noisy acoustic signals. A systematicapproach has been established and developed within the framework of singular spectral separation of acoustic signals contaminated by wind noise. This approach, which utilisesa conceptual framework, has, in its final form, three key objectives; grouping, reconstruction and separability. This approach is offered through introducing new mathematical models particularly for window length optimisation along with new descriptive figures.The research question has therefore been addressed considering developing algorithms according to updated requirements from method justification to verification and validation of the developed system. This thesis follows suitable testing criteria by conducting several experiments and a case-study design, with in-depth analysis of the results using visual tools of the method and related techniques.For system verification, an empirical study using testing signals thatintroduces a large number of experiments has been conducted. Empirical study with real-world sounds has been introduced next in system validation phase after rigorously selecting and preparing the dataset whichis drawn from two main sources: freefield1010 dataset, internet-based Freesound recordings. Results show that microphone wind noise is separable in the singular spectrum domain after validating and critically evaluating the developed system objectively. The findings indicate the effectiveness of the developed grouping and reconstruction techniques with significant improvement in the separability evidenced by w-correlation matrix.The developed method might be generalised to other outdoor sound acquisition applications