Machine Learning Power Side-Channel Attack on SNOW-V
Deepak, Rahul Balout, Anupam Golder, Suparna Kundu, Angshuman Karmakar, Debayan Das
TL;DR
The paper addresses the vulnerability of the SNOW-V 5G stream cipher to power-based side-channel attacks on embedded hardware. It implements end-to-end profiling attacks using LDA and FCN on an STM32 platform with ChipWhisperer, supported by TVLA that confirms exploitable leakage. FCN with PCA significantly outperforms traditional CPA+LDA, achieving lower minimum traces to disclosure and enabling multi-bit key recovery with relatively few traces. The findings emphasize the practical risk of ML-driven SCA for SNOW-V and advocate for robust countermeasures such as masking or hiding to strengthen future implementations.
Abstract
This paper demonstrates a power analysis-based Side-Channel Analysis (SCA) attack on the SNOW-V encryption algorithm, which is a 5G mobile communication security standard candidate. Implemented on an STM32 microcontroller, power traces captured with a ChipWhisperer board were analyzed, with Test Vector Leakage Assessment (TVLA) confirming exploitable leakage. Profiling attacks using Linear Discriminant Analysis (LDA) and Fully Connected Neural Networks (FCN) achieved efficient key recovery, with FCN achieving > 5X lower minimum traces to disclosure (MTD) compared to the state-of-the-art Correlational Power Analysis (CPA) assisted with LDA. The results highlight the vulnerability of SNOW-V to machine learning-based SCA and the need for robust countermeasures.
