Sana Boussam
LIX, INRIA, CNRS, École Polytechnique, Institut Polytechnique de Paris, Palaiseau, France; Thales ITSEF, Toulouse, France

Mathieu Carbone
Thales ITSEF, Toulouse, France

Benoît Gérard
ANSSI, Paris, France

Guénaël Renault
ANSSI, Paris, France; LIX, INRIA, CNRS, École Polytechnique, Institut Polytechnique de Paris, Palaiseau, France

Gabriel Zaid
Thales ITSEF, Toulouse, France

Keywords: Side-Channel Attacks, Deep Learning, Optimal Dimensionality Reduction, Optimal Attacks, Generative Models, Variational AutoEncoder

Abstract

The benefits of using Deep Learning techniques to enhance side-channel attacks performances have been demonstrated over recent years. Most of the work carried out since then focuses on discriminative models. However, one of their major limitations is the lack of theoretical results. Indeed, this lack of theoretical results, especially concerning the choice of neural network architecture to consider or the loss to prioritize to build an optimal model, can be problematic for both attackers and evaluators. Recently, Zaid et al. addressed this problem by proposing a generative model that bridges conventional profiled attacks and deep learning techniques, thus providing a model that is both explicable and interpretable. Nevertheless the proposed model has several limitations. Indeed, the architecture is too complex, higher-order attacks cannot be mounted and desynchronization is not handled by this model. In this paper, we address the first limitation namely the architecture complexity, as without a simpler model, the other limitations cannot be treated properly. To do so, we propose a new generative model that relies on solid theoretical results. This model is based on conditional variational autoencoder and converges towards the optimal statistical model i.e. it performs an optimal attack. By building on and extending the state-of-the-art theoretical works on dimensionality reduction, we integrate into this neural network an optimal dimensionality reduction i.e. a dimensionality reduction that is achieved without any loss of information. This results in a gain of O(D), with D the dimension of traces, compared to Zaid et al. neural network in terms of architecture complexity, while at the same time enhancing the explainability and interpretability. In addition, we propose a new attack strategy based on our neural network, which reduces the attack complexity of generative models from O(N) to O(1), with N the number of generated traces. We validate all our theoretical results experimentally using extensive simulations and various publicly available datasets covering symmetric, asymmetric pre and post-quantum cryptography implementations.