Lowering the Bar: Deep Learning for Side Channel Analysis

Black Hat USA 2018

Presented by: Baris Ege, Jasper Van Woudenberg
Date: Thursday August 09, 2018
Time: 15:50 - 16:40
Location: Lagoon JKL

Deep learning can help automate the signal analysis process in power side channel analysis. So far, power side channel analysis relies on the combination of cryptanalytic science, and the art of signal processing. Deep learning is essentially a classification algorithm, but instead of training it on cats, we train it to recognize different leakages in a chip. Even more so, we do this such that typical signal processing problems such as noise reduction and re-alignment are automatically solved by the deep learning network. We show we can break a lightly protected AES, an AES implementation with masking countermeasures and a protected ECC implementation and show a live demo of the attack in action. These experiments show that where previously side channel analysis had a large dependency on the skills of the human, first steps are being developed that bring down the attacker skill required for such attacks. This talk is targeted at a technical audience that is interested in latest developments on the intersection of deep learning, side channel analysis and security.

Jasper Van Woudenberg

Jasper van Woudenberg (@jzvw) currently is CTO for Riscure North America. As CTO of Riscure North America, Jasper is principal security analyst and ultimately responsible for Riscure North America's technical activities. Jasper's interest in security matters was first sparked in his mid-teens by reverse engineering software. During his studies for a master's degree in both CS and AI, he worked for a penetration testing firm, where he performed source code review, binary reverse engineering and tested application and network security. At Riscure, Jasper's expertise has grown to include various aspects of hardware security; from design review and logical testing, to side channel analysis and perturbation attacks. He leads Riscure North America's pentesting teams and has a special interest in combining AI with security research. Jasper's eagerness to share knowledge is reflected by regular speaking appearances, specialized client training sessions, student supervision and academic publications. Jasper has spoken at many security conferences including Black Hat trainings, Intel Security Conference, RSA, EDSC, BSides SF, Shakacon, ICMC, Infiltrate, has presented scientific research at SAC, WISSEC, CT-RSA, FDTC, ESC Design {West,East}, ARM TechCon, has reviewed papers for CHES and JC(rypto)EN, and has given invited talks at Stanford, NPS, GMU and the University of Amsterdam. Specialties: side channel analysis, fault injection, binary code analysis, security evaluations of {mobile phones, smart cards, set-top-boxes}, network penetration testing, code reviews.

Baris Ege

Baris Ege is a security analyst at Riscure, with a PhD on hardware security from the Radboud university in Nijmegen, The Netherlands.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats