Advances in Breaking AES Encryption using Power-Based Side Channel Attacks and Machine Learning

Abstract

The proliferation of embedded devices has led to ubiquitous communication, sharing of information, and much more. Unfortunately, the security of information transmission is constantly under attack by adversaries, with new vulnerabilities and attacks being constantly discovered. Cryptography primitives are essential to secure an embedded device by encrypting sensitive information, which makes it more challenging for an adversary to breach the system or access the secure information. The cryptography security primitives depend on the hardware used to implement them. While AES encryption, an industry standard, is resilient against brute force attacks and has wide compatibility across systems, a clever adversary can use physical artifacts emitted from the device, known as side channels, to profile and train machine learning-based models to retrieve sensitive information from a device. In this dissertation, we empirically show that AES implementations running on embedded devices are vulnerable to power-based side channel attacks (SCA). Firstly, we propose a multi-architecture data aggregation technique to profile power traces for a system with an embedded processor that is based on three types of deep neural networks (NN), namely, multi-layer perceptrons (MLP), convolutional neural networks (CNN), and recurrent neural networks (RNN). This is one of the first works to explore the inter-architecture portability of NNs for SCAs. With the proposed data aggregation methodology, the ANNs trained on one device can predict the AES key on an architecturally different device with a performance ranging between 98.1% and 99.9%. Secondly, we successfully target a 32-bit AES implementation (MbedTLS) using different 32-bit ARM Cortex (Cortex-M4 and Cortex-M0) microcontrollers (STM32F303, STM32L443, and STM32F051) via a power-based side channel attack (SCA). This is also one of the first works that quantitatively shows 32-bit microcontrollers running a 32-bit AES implementation are vulnerable to power-based SCAs. Another novelty of the research is that it uses complete power traces during training. Compared to previous approaches that specifically target the first SBox AES operation, our approach reduces data acquisition and preprocessing requirements by eliminating the need to isolate the SBox operations within the power trace. We further introduce several techniques to improve the performance of the ANNs using multiple power traces during evaluation. The trained ANNs performance to predict the correct AES key is between 94.6% and 100%.