Paper 2018/1123

When Theory Meets Practice: A Framework for Robust Profiled Side-channel Analysis

Stjepan Picek, Annelie Heuser, Lichao Wu, Cesare Alippi, and Francesco Regazzoni


Profiling side-channel attacks are considered the most potent form of side-channel attacks. They consist of two steps. First, the adversary builds a leakage model using a device similar to the target one. This leakage model is then exploited to extract the secret information from the victim's device. These attacks can be seen as a classification problem, where the adversary needs to decide to what class (and consequently, the secret key) the traces collected from the victim's device belong. The research community investigated profiling attacks in-depth, primarily by using an empirical approach. As such, it emerges that a theoretical framework to analyze profiling side-channel attacks comprehensively is still missing. In this paper, we propose a theory-grounded framework capable of modeling and evaluating profiling side-channel analysis. The framework is based on the expectation estimation problem that has strong theoretical foundations. We quantify the effects of perturbations injected at different points in our framework through the robustness analysis, where the perturbations represent sources of uncertainty associated with measurements, non-optimal classifiers, and countermeasures. Finally, we use our framework to evaluate the performance of different classifiers using publicly available traces.

Available format(s)
Publication info
Preprint. MINOR revision.
Machine LearningRobustness AnalysisSupervised LearningFramework
Contact author(s)
picek stjepan @ gmail com
2021-06-09: last of 4 revisions
2018-11-20: received
See all versions
Short URL
Creative Commons Attribution


      author = {Stjepan Picek and Annelie Heuser and Lichao Wu and Cesare Alippi and Francesco Regazzoni},
      title = {When Theory Meets Practice: A Framework for Robust Profiled Side-channel Analysis},
      howpublished = {Cryptology ePrint Archive, Paper 2018/1123},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.