Léo Weissbart - PhD Student at TU Delft and Radboud University
Léo Weissbart [--cv] [--gh] [--mail] [-l]
Léo Weissbart is a PhD student at EEMCS INSY of TU Delft and the Digital Security group of the Radboud University,
working in the area of physical attacks and machine learning under the
supervision of Stepjan Picek and Lejla Batina.
Before that, he was an engineering student at the
Grenoble INP-Esisar (National Institute of advanced systems and networks, France).
λ x y.
x @ y.nl
Mercator 1, 03.11
6525 EC Nijmegen
Hardware Security, Deep Learning, Implementation of Cryptography, Physical Attacks and Countermeasures
PUB-2020-09877 -Screen Gleaning: A Screen Reading TEMPEST Attack on Mobile Devices Exploiting an Electromagnetic Side Channel [PDF]
Zhuoran Liu, Niels Samwel, Léo Weissbart, Zhengyu Zhao, Dirk Lauret, Lejla Batina and Martha LarsonWe introduce screen gleaning, a TEMPEST attack in which the screen of a mobile device is read without a visual line of sight, revealing sensitive information displayed on the phone screen. The screen gleaning attack uses an antenna and a software-defined radio (SDR) to pick up the electromagnetic signal that the device sends to the screen to display, e.g., a message with a security code. This special equipment makes it possible to recreate the signal as a gray-scale image, which we refer to as an emage. Here, we show that it can be used to read a security code. The screen gleaning attack is challenging because it is often impossible for a human viewer to interpret the emage directly. We show that this challenge can be addressed with machine learning, specifically, a deep learning classifier. Screen gleaning will become increasingly serious as SDRs and deep learning continue to rapidly advance. In this paper, we demonstrate the security code attack and we propose a testbed that provides a standard setup in which screen gleaning could be tested with different attacker models. Finally, we analyze the dimensions of screen gleaning attacker models and discuss possible countermeasures with the potential to address them.
JOU-2020-314-328 -Systematic Side-Channel Analysis of Curve25519 with Machine Learning [PDF]
Léo Weissbart, Łukasz Chmielewski, Stjepan Picek and Lejla BatinaProfiling attacks, especially those based on machine learning, proved to be very successful techniques in recent years when considering the side-channel analysis of symmetric-key crypto implementations. At the same time, the results for implementations of asymmetric-key cryptosystems are very sparse. This paper considers several machine learning techniques to mount side-channel attacks on two implementations of scalar multiplication on the elliptic curve Curve25519. The first implementation follows the baseline implementation with complete formulae as used for EdDSA in WolfSSl, where we exploit power consumption as a side-channel. The second implementation features several countermeasures, and in this case, we analyze electromagnetic emanations to find side-channel leakage. Most techniques considered in this work result in potent attacks, and especially the method of choice appears to be convolutional neural networks (CNNs), which can break the first implementation with only a single measurement in the attack phase. The same convolutional neural network demonstrated excellent performance for attacking AES cipher implementations. Our results show that some common grounds can be established when using deep learning for profiling attacks on very different cryptographic algorithms and their corresponding implementations.
PUB-2019-1476 -On the Performance of Multilayer Perceptron in Profiling Side-channel Analysis [PDF]
Léo Weissbart, Stjepan Picek and Lejla BatinaIn profiling side-channel analysis, machine learning-based attacks nowadays offer the most powerful performance. This holds especially for techniques stemming from the neural network family: multilayer perceptron and convolutional neural networks. Convolutional neural networks are often favored as state-of-the-art results suggest better performance, especially in scenarios where targets are protected with countermeasures. Multilayer perceptron receives much less attention and researchers seem less interested in this technique, narrowing the results in the literature to comparisons with convolutional neural networks. Yet, a multilayer perceptron has a much simpler structure, which enables easier hyperparameter tuning, and hopefully, could contribute to the explainability of this neural network inner working. In this paper, we investigate the behavior of a multilayer perceptron in detail in the context of the side-channel analysis of AES. By exploring the sensitivity of multilayer perceptron hyperparameters over the performance of the attack, we aim at providing a better understanding of successful hyperparameters tuning, and ultimately, the performance of this algorithm. Our results show that MLP (with a proper hyperparameter tuning) can easily break implementations having a random delay or masking countermeasures.
PUB-2019 -A Side-Channel Attack Using Order 8 Rational Points against Curve25519 on an 8-Bit Microcontroller [PDF]
Yoshinori Uetake, Keiji Yoshimoto, Yuta Kodera, Léo Weissbart, Takuya Kusaka, Yasuyuki Nogami
Seventh International Symposium on Computing and Networking - CANDAR 2019
Among the increasing evolution of IoT devices, practical applications need reliable secure protocols to communicate with each other. A major issue for modern cryptosystems is an implementation of secure and trustworthy mechanisms to rely on. A side-channel attack against these cryptosystems may overturn the guarantee of security against conventional cyber-attacks. Elliptic curve cryptography is public-key cryptography based on elliptic curves, and one of the well-known curves is Curve25519 which is used for TLS protocols as a recommended curve. This curve is mainly implemented on limited resource devices such as microcontrollers. However, this curve poses a weakness for low-order points during a Diffie-Hellman key exchange is employed. This research demonstrates possible exploitation of a threat of order 8 rational points of Curve25519 and shows results of the side-channel attacks using order 8 rational points on an embedded system. The results indicate the order 8 rational points might be applied to key extraction as attacker sides.
PUB-2019-358 -One trace is all it takes: Machine Learning-based Side-channel Attack on EdDSA [PDF]
Léo Weissbart, Stjepan Picek and Lejla BatinaProfiling attacks, especially those based on machine learning proved as very successful techniques in recent years when considering side-channel analysis of block ciphers implementations. At the same time, the results for implementations public-key cryptosystems are very sparse. In this paper, we consider several machine learning techniques in order to mount a power analysis attack on EdDSA using the curve Curve25519 as implemented in WolfSSL. The results show all considered techniques to be viable and powerful options. The results with convolutional neural networks (CNNs) are especially impressive as we are able to break the implementation with only a single measurement in the attack phase while requiring less than 500 measurements in the training phase. Interestingly, that same convolutional neural network was recently shown to perform extremely well for attacking the AES cipher. Our results show that some common grounds can be established when using deep learning for profiling attacks on distinct cryptographic algorithms and their corresponding implementations.
PUB-2018 -Side-Channel Attack using Order 4 Element against Curve25519 on ATMega328P [PDF]
Yoshinori Uetake, Akihiro Sanada, Takuya Kusaka, Yasuyuki Nogami, Léo Weissbart and Sylvain Duquesne
The International Symposium on Information Theory and Its Applications - ISITA 2018
With the matter of secure communication between devices, and especially for IoT devices, more and more applications need trustful protocols to communicate using public key cryptography. Elliptic curve cryptography is nowadays a very secure and efficient public key cryptography method. One of the most recent and secure curve is Curve25519 and one of its failure is attack on low-order elements during a Diffie-Hellman key exchange. This document demonstrates that an attack using an order 4 point is possible on an embedded system with a simple power analysis, pointing out every IoT using Curve255119 as a cryptographic method, a potential target to side-channel attacks.
2019 - June. Summer School on real-world crypto and privacy - Šibenik
Summer school jointly organized by the Digital Security (DiS) group, Radboud University (The Netherlands), ETH Zurich Information Security and Privacy Center (Switzerland) and Faculty of Electrical Engineering and Computing, University of Zagreb (Croatia).