Scramble Suit: A Profile Differentiation Countermeasure to Prevent Template Attacks

Ensuring protection against side channel attacks (SCAs) is a crucial requirement in the design of modern secure embedded systems. Profiled SCAs, the class to which template attacks and machine learning attacks belong, derive a model of the side channel behavior of a device identical to the target one, and exploit the said model to extract the key from the target, under the hypothesis that the side channel behaviors of the two devices match. We propose an architectural countermeasure against cross-device profiled attacks which differentiates the side channel behavior of different instances of the same hardware design, preventing the reuse of a model derived on a device other than the target one. In particular, we describe an instance of our solution providing a protected hardware implementation of the advanced encryption standard (AES) block cipher and experimentally validate its resistance against both Bayesian templates and machine learning approaches based on support vector machines also considering different state-of-the-art feature reduction techniques to increase the effectiveness of the profiled attacks. Results show that our countermeasure foils the key retrieval attempts via profiled attacks ensuring a key derivation accuracy equivalent to a random guess.