預訓練：跨向以深度學習為基礎的旁通道黑箱 AES 分析

Abstract

旁通道分析是一種竊取加解密金鑰的攻擊手法，透過裝置在加密過程中於物理媒介(如電磁波)產生的資訊洩漏，能夠繞過加密演算法本身的安全性，大幅降低攻擊複雜度。為因應此類型的攻擊，屏蔽防禦(masking)引進額外的隨機亂數，將攻擊標的拆分成統計上獨立於之的多個組成，以達到抵禦效果。由於此隨機亂數在一般情況下無法從裝置外部取得，故以攻擊者的角度而言，如何開發無須仰賴此亂數的黑箱攻擊，是攻擊能否作為實務運用的關鍵。 本文以黑箱攻擊為指導原則，於特徵分析攻擊的方法論之下，展示如何透過深度學習的預訓練方法，藉由事先訓練出仿照屏蔽防禦計算方式的模型，從而有效破解針對進階加密標準(AES)設計的屏蔽防禦。本文的實驗結果於標準資料集ASCADv1-f上的表現可媲美當前最先進的模型，並且額外具備超參數選擇的彈性以及更高的資源運用效率。如何將此預訓練方法有效運用到進階的屏蔽防禦類型，為未來的研究方向。

The side-channel attack, exploiting physical leakages such as electromagnetic radiation, steals secret keys from cryptographic devices, bypassing algorithmic robustness. Masking, a countermeasure, introduces extra randomness for secret sharing, often inaccessible in practical contexts. From an attacker’s point of view, black-box attack capability should be the guiding principle to develop attack packages concerning their applicability beyond the lab. Under the profiling attack framework, a black-box pretraining attack on AES is demonstrated how side-channel adversaries leverage prior knowledge of common arithmetic operations for masking. Constructed models mimic and overcome prevailing Boolean masking, yielding comparable results to the state-of-the-art on the benchmark dataset ASCADv1-f. Furthermore, this pretraining attack offers advantages such as hyperparameter flexibility and reduced resource consumption. Its extension to attack broader masking schemes is left for a more comprehensive exploration.