Unveiling ECC Vulnerabilities: LSTM Networks for Operation Recognition in Side-Channel Attacks
This work addresses security vulnerabilities in cryptographic systems for users relying on elliptic curve cryptography, presenting a novel attack method that is incremental in improving side-channel analysis techniques.
The paper tackled side-channel attacks on elliptic curve cryptography by using an LSTM network to analyze power traces and recover private keys from ECDSA signatures, successfully compromising a real STM32F415 device and showing that current countermeasures like coordinate randomization are insufficient.
We propose a novel approach for performing side-channel attacks on elliptic curve cryptography. Unlike previous approaches and inspired by the ``activity detection'' literature, we adopt a long-short-term memory (LSTM) neural network to analyze a power trace and identify patterns of operation in the scalar multiplication algorithm performed during an ECDSA signature, that allows us to recover bits of the ephemeral key, and thus retrieve the signer's private key. Our approach is based on the fact that modular reductions are conditionally performed by micro-ecc and depend on key bits. We evaluated the feasibility and reproducibility of our attack through experiments in both simulated and real implementations. We demonstrate the effectiveness of our attack by implementing it on a real target device, an STM32F415 with the micro-ecc library, and successfully compromise it. Furthermore, we show that current countermeasures, specifically the coordinate randomization technique, are not sufficient to protect against side channels. Finally, we suggest other approaches that may be implemented to thwart our attack.