Cryptology ePrint Archive: Report 2020/899

Everything is Connected: From Model Learnability to Guessing Entropy

Lichao Wu and Léo Weissbart and Marina Krček and Huimin Li and Guilherme Perin and Lejla Batina and Stjepan Picek

Abstract: Guessing entropy is a common choice for a side-channel analysis metric, and it represents the average rank position of a key candidate among all possible key guesses. In the profiled side-channel analysis, the guessing entropy behavior can be very informative about the trained or profiled model. However, to achieve reliable conclusions about the profiled model's performance, guessing entropy behavior should be stable to avoid misleading conclusions in the attack phase.

In this work, we investigate this problem of misleading conclusions from the entropy behavior, and we define two new concepts, simple and generalized guessing entropy. We demonstrate that the first one needs only a limited amount of attack traces but can lead to wrong interpretations about leakage detection. The second concept requires a large (sometimes unavailable) amount of attack traces, but it represents the optimal way of calculating guessing entropy. To quantify the profiled model's learnability, we first define a leakage distribution metric to estimate the underlying leakage model. This metric, together with the generalized guessing entropy results for all key candidates, can estimate the leakage learning or detection when a necessary amount of attack traces are available in the attack phase. By doing so, we provide a tight estimation of profiled side-channel analysis model learnability. We confirm our observations with a number of experimental results.

Category / Keywords: implementation / Side-channel Analysis, Deep Learning, Guessing Entropy, Model Learnability

Date: received 16 Jul 2020, last revised 21 Jul 2020

Contact author: picek stjepan at gmail com,lejla@cs ru nl,guilhermeperin7@gmail com,h li-7@tudelft nl,l weissbart@cs ru nl,lichao wu9@gmail com,m krcek@tudelft nl

Available format(s): PDF | BibTeX Citation

Version: 20200721:163853 (All versions of this report)

Short URL: ia.cr/2020/899


[ Cryptology ePrint archive ]