Cryptology ePrint Archive: Report 2020/902

Federated Learning in Side-Channel Analysis

Huanyu Wang and Elena Dubrova

Abstract: Recently introduced federated learning is an attractive framework for the distributed training of deep learning models with thousands of participants. However, it can potentially be used with malicious intent. For example, adversaries can use their smartphones to jointly train a classifier for extracting secret keys from the smartphones' SIM cards without sharing their side-channel measurements with each other. With federated learning, each participant might be able to create a strong model in the absence of sufficient training data. Furthermore, they preserve their anonymity. In this paper, we investigate this new attack vector in the context of side-channel attacks. We compare the federated learning, which aggregates model updates submitted by N participants, with two other aggregating approaches: (1) training on combined side-channel data from N devices, and (2) using an ensemble of N individually trained models. Our first experiments on 8-bit Atmel ATxmega128D4 microcontroller implementation of AES show that federated learning is capable of outperforming the other approaches.

Category / Keywords: Federated learning, side-channel attack, AES

Date: received 17 Jul 2020

Contact author: huanyu at kth se,dubrova@kth se

Available format(s): PDF | BibTeX Citation

Version: 20200718:161239 (All versions of this report)

Short URL: ia.cr/2020/902


[ Cryptology ePrint archive ]