Recently a new type of side channels was discovered, called amplitude-modulated electromagnetic (EM) emanations from mixed-signal circuits. Unlike power analysis or near field EM analysis, attacks based on amplitude-modulated EM emanations do not require the close physical access to the victim device, which makes the attack particularly threatening. However, all existing amplitude-modulated EM attacks on AES focus on implementations of unprotected TinyAES, which is less likely to be used when the implementation is not overly resource constrained. This paper presents the first deep learning based side-channel attack on AES-128 with a Rivain–Prouff masking scheme by using amplitude-modulated EM emanations as the side channel. Rivian–Prouff masking scheme is a provably secure higher-order masking scheme for AES. To bypass the theoretical strength of the addition-chain based Boolean masked SBox, we train neural networks on trace segments corresponding to the MixColumns operation in which the data loading instructions for SBox output leak information. By comparing two different training strategies, we show that it is feasible to recover the key from an ARM Cortex-M4 CPU implementation of AES-128 with a Rivain–Prouff masking scheme by using the amplitude-modulated EM emanations leaked from the victim device, which has a Bluetooth module embedded on the board.

Axial-flux electrical machines are ideal candidates as in-wheel motors for electrical vehicles (EVs). Due to their characteristics of high power density and compact structure, thermal management is vital for them. Lowering the temperature of the stator windings can protect the insulation material from rapid degradation and reduce the extra copper losses by decreasing their electrical resistance. Contrary to the widely reported axial-flux permanent magnet synchronous machines, thermal modeling methods of axial-flux induction machines are rarely seen in previous literature. Hence, the present work aims at investigating their thermal response based on both the finite element method (FEM) and computational fluid dynamics (CFD) techniques. In addition, a test rig is built to validate the computed results of these two thermal models with the experimental measurement. The CFD conjugate heat transfer analysis is found to be more accurate than the FEM thermal analysis in predicting the temperature distribution of different components in the machine and the temperature rise of the airflow, with lower than 5 ∘C average errors deviating from the corresponding measured data at three rotation speeds. Additionally, the CFD simulation is able to capture the backflow occurring near the outlets of the casing that has been found during the experiments.

The majority of recently demonstrated Deep-Learning Side-Channel Analysis (DLSCA) use neural networks trained on a segment of traces containing operations only related to the target subkey. However, when the size of the training set is limited, as in this paper with only 5K power traces, the deep learning (DL) model cannot effectively learn the internal features of the data due to insufficient training data. In this paper, we propose a cross-subkey training approach that acts as a trace augmentation. We train deep-learning models not only on a segment of traces containing the SBox operation of the target subkey of AES-128 but also on segments for other 15 subkeys. Experimental results show that the accuracy of the subkey combination training model is 28.20% higher than that of the individual subkey training model on traces captured in the microcontroller implementation of the STM32F3 with AES-128. And validation is performed on two additional publicly available datasets. At the same time, the number of traces that need to be captured when the model is trained is greatly reduced, demonstrating the effectiveness and practicality of the method.

Deep Learning Side-Channel Attacks (DLSCAs) have become a realistic threat to implementations of cryptographic algorithms, such as Advanced Encryption Standard (AES). By utilizing deep-learning models to analyze side-channel measurements, the attacker is able to derive the secret key of the cryptographic algorithm. However, when traces have multiple leakage intervals for a specific attack point, the majority of existing works train neural networks on these traces directly, without a appropriate preprocess step for each leakage interval. This degenerates the quality of profiling traces due to the noise and non-primary components. In this paper, we first divide the multi-leaky traces into leakage intervals and train models on different intervals separately. Afterwards, we concatenate these neural networks to build the final network, which is called multi-input model. We test the proposed multi-input model on traces captured from STM32F3 microcontroller implementations of AES-128 and show a 2-fold improvement over the previous single-input attacks.

Several attacks on AES using far field electromagnetic (EM) emission as a side channel have been recently presented. Unlike power analysis or near filed EM analysis, far field EM attacks do not require a close physical proximity to the device under attack. However, in all previous attacks traces for the profiling stage are also captured at a distance (fixed or variable) from the profiling devices. This degenerates the quality of profiling traces due to noise and interference. In this paper, we train deep learning models on "clean"traces, captured through a coaxial cable. Our experiments show that the resulting models can extract the AES key from less than 500 traces on average captured at 15 m from the victim device without repeating each encryption more than once. This is a 20-fold improvement over the previous attacks which require about 10K traces for the same conditions. 

Deep-Learning Side-Channel Attacks (DLSCAs) have become a realistic threat to cryptographic algorithms, such as Advanced Encryption Standard (AES). Since the encryption has to run in hardware at some point to actually do things, there might be some unintentional physical leakage, such as the different amount of power consumed by the victim device. By using deep-learning models to analyze the power traces, the attacker is able to derive the secret key. In this project, we implement a real deep-learning based attack to against a STM32 implementation of AES. We apply four different types of neural networks, MLP, CNN, LSTM and RNN, to classify traces. Afterwards, we evaluate to which extent different types of models could make the attack more efficient.

Recently introduced federated learning is an attractive framework for the distributed training of deep learning models with thousands of participants. However, it can potentially be used with malicious intent. For example, adversaries can use their smartphones to jointly train a classifier for extracting secret keys from the smartphones’ SIM cards without sharing their side-channel measurements with each other. With federated learning, each participant might be able to create a strong model in the absence of sufficient training data. Furthermore, they preserve their anonymity. In this paper, we investigate this new attack vector in the context of side-channel attacks. We compare the federated learning, which aggregates model updates submitted by N participants, with two other aggregating approaches: (1) training on combined side-channel data from N devices, and (2) using an ensemble of N individually trained models. Our first experiments on 8-bit Atmel ATxmega128D4 microcontroller implementation of AES show that federated learning is capable of outperforming the other approaches. 

Side-channel attacks have become a realistic threat to implementations of cryptographic algorithms, especially with the help of deep-learning techniques. The majority of recently demonstrated deep-learning side-channel attacks use a single neural network classifier to extract the secret from implementations of cryptographic algorithms. The potential benefits of combining multiple classifiers using the ensemble learning method have not been fully explored in the side-channel attack’s context. In this paper, we propose a tandem approach for the attack in which multiple models are trained on different attack points but are used in parallel to recover the key. Such an approach allows us to considerably reduce (33.5% on average) the number of traces required to recover the key from an FPGA implementation of AES by power analysis. We also show that not all combinations of classifiers improve the attack efficiency.

We present the first deep learning-based side-channel attack on AES-128 using far field electromagnetic emissions as a side channel. Our neural networks are trained on traces captured from five different Bluetooth devices at five different distances to target and tested on four other Bluetooth devices. We can recover the key from less than 10K traces captured in an office environment at 15 m distance to target even if the measurement for each encryption is taken only once. Previous template attacks required multiple repetitions of the same encryption. For the case of 1K repetitions, we need less than 400 traces on average at 15 m distance to target. This improves the template attack presented at CHES'2020 which requires 5K traces and key enumeration up to 223.

Recently, several deep-learning side-channel attacks on cryptographic algorithms were demonstrated. With the help of a trained deep-learning model, the attacker extracts the key from a few power traces captured from a victim device. However, previous works have shown that the inter-chip variation may significantly reduce the attack success probability. In this paper, we quantify the effect of inter-chip variation on the classification accuracy of Multi-Layer Perceptron (MLP) models. We show that, by training on multiple chips, we can increase the probability of recovering the key from a single trace from 39.95% to 86.07% on average. We also evaluate how the printed circuit board diversity affects the classification accuracy.