How to fool Machine Learning based side-channel attacks

Side-channel attack is defined as any attack taking advantage of information leaking from the physical implementation of a cryptographic system, like its power consumption, to retrieve the secret it hides. Several methods to exploit these information have been proposed in literature. Recently, new methods involving machine techniques have been presented. This work introduces a setup to mislead these ML-techniques in a side-channel context. In this setup, training data are composed of two parts : one part leaking information inside its mean value and controlled by a parameter δ and a second part leaking information in its variance. During the attack phase, a slight change of the parameter δ leads ML- techniques to retrieve the wrong key as these methods seems to prior the simplest model based on the mean over the second based on the variance. A parametric study is proposed, followed by implementation of this setup on FPGA. These results highlight the need to be in similar conditions between training and testing when using ML-techniques. Exploiting such differences and the lack of diversity of a training set in this way could be an interesting track to defeat ML-techniques in many others applications.