Auto-tune POIs: Estimation of distribution algorithms for efficient side-channel analysis
Rioja, U., Batina, L., Flores, J.L., Armendariz, I.
Due to the constant increase and versatility of IoT devices that should keep sensitive information private, Side-channel Analysis (SCA) attacks on embedded devices are gaining visibility in the industrial field. The integration and validation of countermeasures against SCA can be an expensive and cumbersome process, especially for the less experienced ones. Additionally, current certification procedures require to attack the devices under test using multiple SCA techniques and attack vectors, often implying a high degree of complexity. The goal of this paper is to introduce a new automatic way to ease one of the most crucial and tedious steps of profiling attacks i.e. the points of interest (POI) selection and hence assist the SCA evaluation process. To this end, we propose the usage of Estimation of Distribution Algorithms (EDAs) in the SCA field to perform the point of interest selection step together with the profiling and key recovery steps. This contribution allows an automated optimization of the attack, avoiding the need to manually perform various types of analyses with different POI combinations. We showcase our approach on several experimental use cases, including attacks on unprotected and protected AES implementations. In addition, we introduce a new public dataset containing power traces taken from distinct copies of the same device and perform attacks over this dataset using our method, dismissing in this way the portability issue.