Skip to main content
SpringerLink
Log in

On the Use of Independent Component Analysis to Denoise Side-Channel Measurements

  • Conference paper
  • First Online:
Constructive Side-Channel Analysis and Secure Design (COSADE 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10815))

Abstract

Independent Component Analysis (ICA) is a powerful technique for blind source separation. It has been successfully applied to signal processing problems, such as feature extraction and noise reduction, in many different areas including medical signal processing and telecommunication. In this work, we propose a framework to apply ICA to denoise side-channel measurements and hence to reduce the complexity of key recovery attacks. Based on several case studies, we afterwards demonstrate the overwhelming advantages of ICA with respect to the commonly used preprocessing techniques such as the singular spectrum analysis. Mainly, we target a software masked implementation of an AES and a hardware unprotected one. Our results show a significant Signal-to-Noise Ratio (SNR) gain which translates into a gain in the number of traces needed for a successful side-channel attack. This states the ICA as an important new tool for the security assessment of cryptographic implementations.

H. Maghrebi and E. Prouff—This work has been done when the authors was working at Safran Identity and Security.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Note that we used the notation \(\mathbf {s}_1^{(m)}\) to alert on the fact that the signal \(s_1\) corresponds to the plaintext m.

  2. 2.

    Another option could consist in only using a few number of measurements (e.g. 100) for each value m in order to speed up the execution of our algorithm.

  3. 3.

    This threshold is defined for one m value (e.g. \(m=0\)) and then applied for the other ones. We stress the fact that other approaches could be applied to distinguish the genuine signal from the noise. For instance, one can (1) compute the correlation between the noisy signal and the obtained source signals or (2) apply a dimensionality reduction algorithm (e.g. PCA or LDA).

  4. 4.

    A LeCroy WavePro 725Zi oscilloscope with maximum 40 GS/s sampling rate and an active differential probe Lecroy ZD1500 have been used to measure the voltage drop over a \(1\varOmega \) resistor in the VDD path.

  5. 5.

    It merely consists in replacing the fifth step in Algorithm 1 by an averaging of the traces in \(\mathbf {X}^{(m)}\).

  6. 6.

    We recall that other filtering techniques exist, e.g. the wavelet [18], but are not considered in our work since are heuristic methods.

  7. 7.

    We stress the fact that same results were obtained when targeting the other SBoxes and are not shown here for lack of room.

  8. 8.

    Particular attention has been paid on the implementation to ensure that no first-order leakage occurred.

  9. 9.

    On other protected implementations, we observed that the gain with ICA techniques is more important. However, we cannot communicate information related to these implementations and the tested chips since these are confidential IPs.

References

  1. Python implementation of FastICA algorithm. http://scikit-learn.org/stable/modules/generated/sklearn.decomposition.FastICA.html

  2. Archambeau, C., Peeters, E., Standaert, F.-X., Quisquater, J.-J.: Template attacks in principal subspaces. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 1–14. Springer, Heidelberg (2006). https://doi.org/10.1007/11894063_1

    Chapter  Google Scholar 

  3. Balasch, J., Gierlichs, B., Reparaz, O., Verbauwhede, I.: DPA, bitslicing and masking at 1 GHz. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 599–619. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48324-4_30

    Chapter  Google Scholar 

  4. Batina, L., Hogenboom, J., van Woudenberg, J.G.J.: Getting more from PCA: first results of using principal component analysis for extensive power analysis. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 383–397. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27954-6_24

    Chapter  Google Scholar 

  5. Bell, A.J., Sejnowski, T.J.: An information-maximization approach to blind separation and blind deconvolution. Neural Comput. 7(6), 1129–1159 (1995)

    Article  Google Scholar 

  6. Bhasin, S., Danger, J.-L., Guilley, S., Najm, Z.: NICV: normalized inter-class variance for detection of side-channel leakage. In: International Symposium on Electromagnetic Compatibility (EMC 2014/Tokyo). Session OS09: EM Information Leakage. Hitotsubashi Hall (National Center of Sciences), Chiyoda, Tokyo, Japan. IEEE, 12–16 May 2014

    Google Scholar 

  7. Bhasin, S., Danger, J.-L., Guilley, S., Najm, Z.: Side-channel leakage and trace compression using normalized inter-class variance. In: Proceedings of the Third Workshop on Hardware and Architectural Support for Security and Privacy, HASP 2014, pp. 7:1–7:9. ACM, New York (2014)

    Google Scholar 

  8. Bohy, L., Neve, M., Samyde, D., Quisquater, J.J.: Principal and independent component analysis for crypto-systems with hardware unmasked units. In: Proceedings of e-Smart 2003 (2003)

    Google Scholar 

  9. Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-28632-5_2

    Chapter  Google Scholar 

  10. Cagli, E., Dumas, C., Prouff, E.: Kernel discriminant analysis for information extraction in the presence of masking. In: Lemke-Rust, K., Tunstall, M. (eds.) CARDIS 2016. LNCS, vol. 10146, pp. 1–22. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-54669-8_1

    Chapter  Google Scholar 

  11. Cardoso, J.F.: Python and Matlab implementations of JADE algorithm. https://github.com/camilleanne/pulse/blob/master/jade.py and http://perso.telecom-paristech.fr/~cardoso/Algo/Jade/jadeR.m

  12. Cardoso, J.F.: Infomax and maximum likelihood for blind source separation. IEEE Sig. Process. Lett. 4(4), 112–114 (1997)

    Article  Google Scholar 

  13. Cardoso, J.F., Souloumiac, A.: Blind beamforming for non-Gaussian signals. IEE Proc. F - Radar Sig. Process. 140(6), 362–370 (1993)

    Article  Google Scholar 

  14. Choudary, O., Kuhn, M.G.: Efficient template attacks. In: Francillon, A., Rohatgi, P. (eds.) CARDIS 2013. LNCS, vol. 8419, pp. 253–270. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08302-5_17

    Chapter  Google Scholar 

  15. Comon, P.: Independent component analysis, a new concept? Sig. Process. 36(3), 287–314 (1994)

    Article  Google Scholar 

  16. Comon, P., Jutten, C.: Handbook of Blind Source Separation: Independent Component Analysis and Applications. Academic Press, Cambridge (2010)

    Google Scholar 

  17. China Consulting Consortium: Common Criteria (aka CC) for Information Technology Security Evaluation (ISO/IEC 15408) (2013). http://www.commoncriteriaportal.org/

  18. Debande, N., Souissi, Y., Elaabid, M.A., Guilley, S., Danger, J.-L.: Wavelet transform based pre-processing for side channel analysis. In: HASP, Vancouver, British Columbia, Canada, pp. 32–38. IEEE, 2 December 2012. https://doi.org/10.1109/MICROW.2012.15

  19. Ding, A.A., Chen, C., Eisenbarth, T.: Simpler, faster, and more robust t-test based leakage detection. In: Standaert, F.-X., Oswald, E. (eds.) COSADE 2016. LNCS, vol. 9689, pp. 163–183. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-43283-0_10

    Chapter  Google Scholar 

  20. Durvaux, F., Standaert, F.-X.: From improved leakage detection to the detection of points of interests in leakage traces. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 240–262. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49890-3_10

    Chapter  MATH  Google Scholar 

  21. Fisher, R.A.: The use of multiple measurements in taxonomic problems. Ann. Eugenics 7(7), 179–188 (1936)

    Article  Google Scholar 

  22. Friedman, J.H., Tukey, J.W.: A projection pursuit algorithm for exploratory data analysis. IEEE Trans. Comput. 23(9), 881–890 (1974)

    Article  Google Scholar 

  23. Gao, S., Chen, H., Wu, W., Fan, L., Cao, W., Ma, X.: My traces learn what you did in the dark: recovering secret signals without key guesses. In: Handschuh, H. (ed.) CT-RSA 2017. LNCS, vol. 10159, pp. 363–378. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-52153-4_21

    Chapter  Google Scholar 

  24. Genkin, D., Pachmanov, L., Pipman, I., Tromer, E., Yarom, Y.: ECDSA key extraction from mobile devices via nonintrusive physical side channels. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS 2016, pp. 1626–1638. ACM, New York (2016)

    Google Scholar 

  25. Georgiev, P., Theis, F.J.: Blind source separation of linear mixtures with singular matrices. In: Puntonet, C.G., Prieto, A. (eds.) ICA 2004. LNCS, vol. 3195, pp. 121–128. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30110-3_16

    Chapter  Google Scholar 

  26. Gierlichs, B., Batina, L., Tuyls, P., Preneel, B.: Mutual information analysis. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 426–442. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85053-3_27

    Chapter  Google Scholar 

  27. Gierlichs, B., Lemke-Rust, K., Paar, C.: Templates vs. stochastic methods. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 15–29. Springer, Heidelberg (2006). https://doi.org/10.1007/11894063_2

    Chapter  Google Scholar 

  28. Goodwill, G., Jun, B., Jaffe, J., Rohatgi, P.: A testing methodology for side-channel resistance validation. In: NIST Non-Invasive Attack Testing Workshop, September 2011. http://csrc.nist.gov/news_events/non-invasive-attack-testing-workshop/papers/08_Goodwill.pdf

  29. Huber, P.J.: Projection pursuit. Ann. Stat. 13(2), 435–475 (1985)

    Article  MathSciNet  Google Scholar 

  30. Hyvärinen, A.: New approximations of differential entropy for independent component analysis and projection pursuit. In: Jordan, M.I., Kearns, M.J., Solla, S.A. (eds.) Advances in Neural Information Processing Systems 10, pp. 273–279. MIT Press (1998)

    Google Scholar 

  31. Hyvarinen, A.: Fast and robust fixed-point algorithms for independent component analysis. Trans. Neur. Netw. 10(3), 626–634 (1999)

    Article  Google Scholar 

  32. Hyvärinen, A.: Sparse code shrinkage: denoising of nongaussian data by maximum likelihood estimation. Neural Comput. 11(7), 1739–1768 (1999)

    Article  Google Scholar 

  33. Hyvärinen, A., Oja, E.: A fast fixed-point algorithm for independent component analysis. Neural Comput. 9(7), 1483–1492 (1997)

    Article  Google Scholar 

  34. Hyvärinen, A., Oja, E.: Independent component analysis: algorithms and applications. Neural Netw. 13, 411–430 (2000)

    Article  Google Scholar 

  35. Jolliffe, I.T.: Principal Component Analysis. Springer Series in Statistics. Springer, Heidelberg (2002). ISBN 0387954422

    MATH  Google Scholar 

  36. Jutten, C., Herault, J.: Blind separation of sources, part i: an adaptive algorithm based on neuromimetic architecture. Sig. Process. 24(1), 1–10 (1991)

    Article  Google Scholar 

  37. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25

    Chapter  Google Scholar 

  38. Le, T.-H., Cledière, J., Servière, C., Lacoume, J.-L.: Noise reduction in side channel attack using fourth-order cumulant. IEEE Trans. Inf. Forensics Secur. 2(4), 710–720 (2007). https://doi.org/10.1109/TIFS.2007.910252

    Article  Google Scholar 

  39. Longo, J., De Mulder, E., Page, D., Tunstall, M.: SoC it to EM: electromagnetic side-channel attacks on a complex system-on-chip. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 620–640. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48324-4_31

    Chapter  Google Scholar 

  40. Maghrebi, H., Servant, V., Bringer, J.: There is wisdom in harnessing the strengths of your enemy: customized encoding to thwart side-channel attacks. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 223–243. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-52993-5_12

    Chapter  Google Scholar 

  41. Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer, Heidelberg (2006). https://doi.org/10.1007/978-0-387-38162-6. http://www.dpabook.org/. ISBN 0-387-30857-1

    Book  MATH  Google Scholar 

  42. Merino Del Pozo, S., Standaert, F.-X.: Blind source separation from single measurements using singular spectrum analysis. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 42–59. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48324-4_3

    Chapter  Google Scholar 

  43. Nadal, J.-P., Parga, N.: Nonlinear neurons in the low-noise limit: a factorial code maximizes information transfer. Netw.: Comput. Neural Syst. 5(4), 565–581 (1994)

    Article  Google Scholar 

  44. Naik, G.R., Wang, W.: Blind Source Separation: Advances in Theory, Algorithms and Applications. Springer Publishing Company, Heidelberg (2014). Incorporated

    Book  Google Scholar 

  45. O’Flynn, C., Chen, Z.D.: ChipWhisperer: an open-source platform for hardware embedded security research. In: Prouff, E. (ed.) COSADE 2014. LNCS, vol. 8622, pp. 243–260. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10175-0_17

    Chapter  Google Scholar 

  46. Prouff, E., Rivain, M., Bévan, R.: Statistical analysis of second order differential power analysis. IEEE Trans. Comput. 58(6), 799–811 (2009)

    Article  MathSciNet  Google Scholar 

  47. Schneider, T., Moradi, A.: Leakage assessment methodology. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 495–513. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48324-4_25

    Chapter  Google Scholar 

  48. Souissi, Y., Guilley, S., Danger, J.-L., Duc, G., Mekki, S.: Improvement of power analysis attacks using Kalman filter. In: ICASSP, IEEE Signal Processing Society, Dallas, TX, USA, 14–19 March 2010, pp. 1778–1781. IEEE (2010). https://doi.org/10.1109/ICASSP.2010.5495428

  49. Standaert, F.-X., Archambeau, C.: Using subspace-based template attacks to compare and combine power and electromagnetic information leakages. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 411–425. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85053-3_26

    Chapter  Google Scholar 

  50. Standaert, F.-X., Malkin, T.G., Yung, M.: A unified framework for the analysis of side-channel key recovery attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01001-9_26

    Chapter  Google Scholar 

  51. TELECOM ParisTech SEN research group. DPA Contest (\(2^\text{nd}\) edition) 2009–2010. http://www.DPAcontest.org/v2/

  52. van Woudenberg, J.G.J., Witteman, M.F., Bakker, B.: Improving differential power analysis by elastic alignment. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 104–119. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19074-2_8

    Chapter  Google Scholar 

  53. Wang, R., Ma, H.-G., Liu, G.-Q., Zuo, D.-G.: Selection of window length for singular spectrum analysis. J. Franklin Inst. 352(4), 1541–1560 (2015)

    Article  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Underwriters Laboratories, La Ciotat, France

    Houssem Maghrebi

  2. ANSSI, Paris, France

    Emmanuel Prouff

  3. CNRS, Inria, Laboratoire d’Informatique de Paris 6 (LIP6), Équipe PolSys, Sorbonne Universités, UPMC Univ Paris 06, 4 place Jussieu, 75252, Paris, France

    Emmanuel Prouff

Authors
  1. Houssem Maghrebi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Emmanuel Prouff
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Houssem Maghrebi .

Editor information

Editors and Affiliations

  1. Open Security Research, Shenzhen, China

    Junfeng Fan

  2. KU Leuven, Leuven, Belgium

    Benedikt Gierlichs

A Example of Trace Denoising Based on the FastICA Method

A Example of Trace Denoising Based on the FastICA Method

For illustration, an exemplary power trace and the resulting filtered trace after applying ICA are shown in Fig. 4.

Fig. 4.
figure 4

Unprotected AES implementation: original power trace, noise signal and filtered trace.

Full size image

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Maghrebi, H., Prouff, E. (2018). On the Use of Independent Component Analysis to Denoise Side-Channel Measurements. In: Fan, J., Gierlichs, B. (eds) Constructive Side-Channel Analysis and Secure Design. COSADE 2018. Lecture Notes in Computer Science(), vol 10815. Springer, Cham. https://doi.org/10.1007/978-3-319-89641-0_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-89641-0_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-89640-3

  • Online ISBN: 978-3-319-89641-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation