The Neural Cryptanalyst: Machine Learning-Powered Side Channel Attacks -A Comprehensive Survey

Machine learning transforms side-channel attacks. Where once one needed an extensive background in cryptography to exploit vulnerabilities, the new level of expertise-and number of traces needed-significantly lowers for key recovery. We evaluate convolutional neural networks (CNNs), Long Short Term Memory (LSTM), and Transformers on power traces from side-channel attacks on AES, RSA and ECC. Deep learning only needs 80%-90% less traces than differential power analysis. CNNs can attack first-order masked AES with only 500-1000 traces (versus 5000-10000) with an accuracy of 70-85%. Second-order masked attempts fall victim to ensemble attacks needing only 3000-5000 traces. Transformers exceed 20-40% better than CNNs while LSTMs level off at 60-75% even though it's off by 1000 samples. The vulnerabilities we discover include constant-time implementations which leak information due to power variations; Montgomery ladder RSA leaks 60-70% of its exponent bits and even Curve25519 succumbs to transformer attacks. Mixed masking, shuffling, and hiding implementations do not hold up either. Our open-source implementations show that neural networks can find non-linear mapping patterns and automatically extract features without the need for cryptographic background. Our findings show that current defenses do not protect against machine learning based attacks. The capability to automate and widen the net of attack is a clear threat to all embedded cryptographic systems worldwide.