Advanced Side-Channel Analysis of USIMs, Bluetooth SoCs and MCUs

Brisfors, Martin

January 2021

The use of deep learning for side channel analysis has shown a lot of success in recent years. Impressive results have been presented by many researchers. However, critics of this approach have voiced concerns about the ad hoc methodologies and bespoke neural network designs used in many presented approaches. This thesis first analyzes a possibility of generalizing the selection of neural network architecture for side channel analysis. Then, it presents a simple model for a multilayer perceptron network that does not need to be altered for different targets. Experiments are conducted on three different data sets; power consumption measurements of USIMs, far-field electromagnetic measurements of a Bluetooth device, and power consumption measurements of dedicated XMega victim boards. For each of these sets a model is presented with equivalent or better than state-of-the art results for secret key recovery. Training and testing are done on separate devices in each case. One of the models achieves a classification accuracy of 94.5% from a single measurement. Furthermore, the target and the training device do not even share the same printed circuit board layout. Another model achieves a 47.4% classification accuracy from measurements captured in a manner that is possible in a real-world attack. The thesis also investigates if three different numerical ways of determining the leakage point in unprotected implementations of AES agree. The tests are applied to all three data sets. Finally the thesis evaluates whether the popular transformer architecture is beneficial for side channel analysis. / Användande av djupinlärning för sidokanalsanalys har haft stora framgångar de senaste åren. Imponerande resultat har presenterats av många forskare. Men kritiker av detta tillvägagångssätt har uttryckt oro över att metoderna är ad hoc, och att specialanpassade neuronnätverksdesigner används i många presenterade rapporter. Detta examensarbete undersöker först möjligheten att generalisera valet av neuronnätverksarkitekturer för sidokanalsanalys. Sedan presenterar jag en enkel modell för ett multilayer perceptron-nätverk som inte behöver anpassas för olika enheter. Experiment genomförs på tre olika dataset; strömförbrukningsmätningar av USIMs, elektromagnetiska mätningar i fjärrfält av en Bluetooth-enhet, och strömförbrukningsmätningar av dedikerade XMega sidokanalsanalys-enheter. För var och en av dessa enheter presenteras en modell med likvärdiga eller bättre resultat som tidigare publicerad forskning. Träning och testning görs på separata enheter i varje fall. En av modellerna uppnår en klassificeringsprecision på 94,5% från en enda mätning. Dessutom delar attackenheten och träningsenheten inte ens samma kretskortslayout. En annan modell uppnår en klassificeringsprecision på 47,4% från mätningar som gjorts på ett sätt som ar realistiskt i en verklig attack. Examensarbetet undersöker också om tre olika numeriska sätt att bestämma läckagepunkten i oskyddade implementeringar av AES överensstämmer. Testerna tillämpas på alla tre dataset. Slutligen utvärderar examensarbetet om den populära transformer-arkitekturen ar passande för sidokanalsanalys.

Side Channel Attack

Deep Learning

AES

USIM

Milenage

Screaming Channels

Transformer

Security

Sidokanalsattack

Djupinlärning

AES

USIM

Milenage

Screaming Channels

Transformer

Säkerhet

Computer and Information Sciences

Data- och informationsvetenskap

Influência de protocolos de segurança sobre o desempenho de redes UMTS. / Influence of security protocols on the performance of UMTS networks.

Wagner, Marcel Stefan

05 March 2009

Este trabalho analisa a influência de mecanismos de segurança, incluindo autenticação de assinante, confidencialidade e integridade de dados, sobre o desempenho do sistema celular de terceira geração Universal Mobile Communication System (UMTS). Em função do serviço e do tamanho das chaves utilizadas foram medidos, através de simulação, o nível de potência gasto pelos equipamentos de usuário (UE) e o tempo de resposta em aplicações do tipo Web. Verificou-se que os efeitos negativos produzidos pelos mecanismos de segurança são pequenos em relação à proteção maior que é obtida nos sistemas UMTS Terrestrial Radio Access Network (UTRAN) e Core Network (CN). / This work is aimed at analyzing the influence of security mechanisms, including user authentication, data confidentiality and integrity, related to system cellular performance of third generation named Universal Mobile Telecommunication System (UMTS). By the service and the size of the used keys, there has been measured through simulation, the power level spent by the user equipments and the response time at web applications usage. It is seen that negative results produced by security mechanisms are small related to the greater protection that is get on UMTS Terrestrial Radio Access Network (UTRAN) systems and Core Network (CN).

Algorithm MILENAGE

Engenharia elétrica

kernel KASUMI

Security

Telecomunicações

Telefonia celular

Telefonia móvel

UMTS

UTRAN

Influência de protocolos de segurança sobre o desempenho de redes UMTS. / Influence of security protocols on the performance of UMTS networks.

Marcel Stefan Wagner

05 March 2009

Este trabalho analisa a influência de mecanismos de segurança, incluindo autenticação de assinante, confidencialidade e integridade de dados, sobre o desempenho do sistema celular de terceira geração Universal Mobile Communication System (UMTS). Em função do serviço e do tamanho das chaves utilizadas foram medidos, através de simulação, o nível de potência gasto pelos equipamentos de usuário (UE) e o tempo de resposta em aplicações do tipo Web. Verificou-se que os efeitos negativos produzidos pelos mecanismos de segurança são pequenos em relação à proteção maior que é obtida nos sistemas UMTS Terrestrial Radio Access Network (UTRAN) e Core Network (CN). / This work is aimed at analyzing the influence of security mechanisms, including user authentication, data confidentiality and integrity, related to system cellular performance of third generation named Universal Mobile Telecommunication System (UMTS). By the service and the size of the used keys, there has been measured through simulation, the power level spent by the user equipments and the response time at web applications usage. It is seen that negative results produced by security mechanisms are small related to the greater protection that is get on UMTS Terrestrial Radio Access Network (UTRAN) systems and Core Network (CN).

Engenharia elétrica

Telecomunicações

Telefonia celular

Telefonia móvel

Algorithm MILENAGE

kernel KASUMI

Security

UMTS

UTRAN

Současné bezpečnostní trendy v mobilních sítích / Current security trends in mobile networks

Jirkovská, Šárka

January 2010

This master's thesis deals with the issue of the security of GSM and UMTS mobile communication systems. In the thesis the principles of the authentication and encryption of both the mobile systems are described. Further, the constituent algorithms used for identity verification, key generation and encryption are mentioned. The commonly used algorithms are described along with their weaknesses. In the following part of this thesis, well-known attacks on GSM system are mentioned. In the part where UMTS system is dealt with one can find the algorithms used in this system to increase the security of transmitted data and authentication in comparison with GSM system. Therefore the whole process of authentication and encryption is described separately. In the last part the creation of programming models of authentication and encryption in GSM and encryption in UMTS is described. These models are created in the environment of Matlab version 2009b.