Side Channel Analysis: Instruction extraction and Information estimation

Side-channel usually aims at extracting cryptographic secrets from electronic devices through their physical leakages. However, these channels can leak other sensitive information. The first part of this talk will present a study of side channel-based disassembling (SCBD) that aims to recover instructions executed by a microcontroller. The main threat represented by SCBD is that it potentially allows to find a vulnerability in the executed code or to extract protected software IP.
In the second part, we take a step back and aboard the generic topics of the amount of information leaked by a system. Indeed, whatever the target variable (secret key, instructions.) and the utilized strategy, the amount of information one could gain from a side-channel trace is always bounded by the Mutual Information (MI) between the secret and the trace. This makes it, all punning aside, a key quantity for leakage evaluation. Unfortunately, traces are usually of too high dimension for existing statistical estimators to stay sound when computing the MI over full traces. However, recent works from the machine learning community have shown that it is possible to evaluate the MI in high dimensional space thanks to newest deep learning techniques. We will explore how this new estimator could impact the side-channel domain both for leakage assessment and for unsupervised mutual information-based attacks.