- document
-
Perin, G. (author), Wu, L. (author), Picek, S. (author)The adoption of deep neural networks for profiling side-channel attacks opened new perspectives for leakage detection. Recent publications showed that cryptographic implementations featuring different countermeasures could be broken without feature selection or trace preprocessing. This success comes with a high price: an extensive...journal article 2023
- document
-
Mariot, L. (author), Picek, S. (author), R Yorgova, R.A. (author)One of the Round 3 Finalists in the NIST post-quantum cryptography call is the Classic McEliece cryptosystem. Although it is one of the most secure cryptosystems, the large size of its public key remains a practical limitation. In this work, we propose a McEliece-type cryptosystem using large minimum distance error-correcting codes derived from...journal article 2023
- document
-
Mercier, Arthur (author), Smolin, Nikita (author), Sihlovec, Oliver (author), Koffas, S. (author), Picek, S. (author)Outsourced training and crowdsourced datasets lead to a new threat for deep learning models: the backdoor attack. In this attack, the adversary inserts a secret functionality in a model, activated through malicious inputs. Backdoor attacks represent an active research area due to diverse settings where they represent a real threat. Still,...journal article 2023
- document
-
Picek, S. (author), Perin, G. (author), Mariot, L. (author), Wu, L. (author), Batina, Lejla (author)Side-channel attacks represent a realistic and serious threat to the security of embedded devices for already almost three decades. A variety of attacks and targets they can be applied to have been introduced, and while the area of side-channel attacks and their mitigation is very well-researched, it is yet to be consolidated. Deep learning...journal article 2023
- document
-
Wu, L. (author), Weissbart, L.J.A. (author), Krcek, M. (author), Li, H. (author), Perin, G. (author), Batina, Lejla (author), Picek, S. (author)The efficiency of the profiling side-channel analysis can be significantly improved with machine learning techniques. Although powerful, a fundamental machine learning limitation of being data-hungry received little attention in the side-channel community. In practice, the maximum number of leakage traces that evaluators/attackers can obtain is...journal article 2023
- document
-
Li, H. (author), Mentens, Nele (author), Picek, S. (author)SHA-3 is considered to be one of the most secure standardized hash functions. It relies on the Keccak-f[1 600] permutation, which operates on an internal state of 1 600 bits, mostly represented as a 5 x 5 x 64-bit matrix. While existing implementations process the state sequentially in chunks of typically 32 or 64 bits, the Keccak-f[1 600]...conference paper 2023
- document
-
Xu, J. (author), Koffas, S. (author), Ersoy, Oǧuzhan (author), Picek, S. (author)Graph Neural Networks (GNNs) have achieved promising performance in various real-world applications. Building a powerful GNN model is not a trivial task, as it requires a large amount of training data, powerful computing resources, and human expertise. Moreover, with the development of adversarial attacks, e.g., model stealing attacks, GNNs...conference paper 2023
- document
-
Carlet, Claude (author), Picek, S. (author)We derive necessary conditions related to the notions, in additive combinatorics, of Sidon sets and sum-free sets, on those exponents d ∈ Z/(2<sup>n</sup> − 1)Z, which are such that F (x) = x<sup>d</sup> is an APN function over F<sub>2</sub>n (which is an important cryptographic property). We study to what extent these new conditions may...journal article 2023
- document
-
Xu, J. (author), Abad, Gorka (author), Picek, S. (author)Backdoor attacks have been demonstrated as a security threat for machine learning models. Traditional backdoor attacks intend to inject backdoor functionality into the model such that the backdoored model will perform abnormally on inputs with predefined backdoor triggers and still retain state-of-the-art performance on the clean inputs. While...conference paper 2023
- document
-
Coello, Carlos Coello (author), Krcek, M. (author), Durasevic, Marko (author), Mariot, L. (author), Jakobovic, Domagoj (author), Picek, S. (author)Evolutionary algorithms have been successfully applied to attack Physically Unclonable Functions (PUFs). CMA-ES is recognized as the most powerful option for a type of attack called the reliability attack. In this paper, we take a step back and systematically evaluate several metaheuristics for the challenge-response pair-based attack on...conference paper 2023
- document
-
Koffas, S. (author), Pajola, Luca (author), Picek, S. (author), Conti, M. (author)This work explores stylistic triggers for backdoor attacks in the audio domain: dynamic transformations of malicious samples through guitar effects. We first formalize stylistic triggers – currently missing in the literature. Second, we explore how to develop stylistic triggers in the audio domain by proposing JingleBack. Our experiments confirm...conference paper 2023
- document
-
Kerkhof, Maikel (author), Wu, L. (author), Perin, G. (author), Picek, S. (author)Deep learning is a powerful direction for profiling side-channel analysis as it can break targets protected with countermeasures even with a relatively small number of attack traces. Still, it is necessary to conduct hyperparameter tuning to reach strong attack performance, which can be far from trivial. Besides many options stemming from the...journal article 2023
- document
-
Li, H. (author), Rieger, Phillip (author), Zeitouni, Shaza (author), Picek, S. (author), Sadeghi, Ahmad Reza (author)Federated Learning (FL) has become very popular since it enables clients to train a joint model collaboratively without sharing their private data. However, FL has been shown to be susceptible to backdoor and inference attacks. While in the former, the adversary injects manipulated updates into the aggregation process; the latter leverages...conference paper 2023
- document
-
Batina, Lejla (author), Bhasin, Shivam (author), Jap, Dirmanto (author), Picek, S. (author)This paper was selected for Top Picks in Hardware and Embedded Security 2020 and it presents a physical side-channel attack aiming at reverse engineering neural networks implemented on an edge device. The attack does not need access to training data and allows for neural network recovery by feeding known random inputs. We successfully reverse...journal article 2022
- document
-
Li, H. (author), Mentens, Nele (author), Picek, S. (author)This paper uses RISC-V vector extensions to speed up lattice-based operations in architectures based on HW/SW co-design. We analyze the structure of the number-theoretic transform (NTT), inverse NTT (INTT), and coefficient-wise multiplication (CWM) in CRYSTALS-Kyber, a lattice-based key encapsulation mechanism. We propose 12 vector extensions...conference paper 2022
- document
- Jin, Yier (author), Ho, Tsung Yi (author), Picek, S. (author), Garg, Siddharth (author) contribution to periodical 2022
- document
-
Conti, M. (author), Li, Jiaxin (author), Picek, S. (author), Xu, J. (author)Graph Neural Networks (GNNs), inspired by Convolutional Neural Networks (CNNs), aggregate the message of nodes' neighbors and structure information to acquire expressive representations of nodes for node classification, graph classification, and link prediction. Previous studies have indicated that node-level GNNs are vulnerable to Membership...conference paper 2022
- document
-
Xu, J. (author), Picek, S. (author)Graph Neural Networks (GNNs) have achieved impressive results in various graph learning tasks. They have found their way into many applications, such as fraud detection, molecular property prediction, or knowledge graph reasoning. However, GNNs have been recently demonstrated to be vulnerable to backdoor attacks. In this work, we explore a...conference paper 2022
- document
-
Picek, S. (author), Heuser, Annelie (author), Perin, G. (author), Guilley, Sylvain (author)Profiled side-channel attacks represent the most powerful category of side-channel attacks. There, the attacker has access to a clone device to profile its leaking behavior. Additionally, it is common to consider the attacker unbounded in power to allow the worst-case security analysis. This paper starts with a different premise where we are...conference paper 2022
- document
-
Swaminathan, Sudharshan (author), Chmielewski, Łukasz (author), Perin, G. (author), Picek, S. (author)Side-channel attacks (SCA) focus on vulnerabilities caused by insecure implementations and exploit them to deduce useful information about the data being processed or the data itself through leakages obtained from the device. There have been many studies exploiting these leakages, and most of the state-of-the-art attacks have been shown to...conference paper 2022