Large Language Models in side-channel cryptanalysis

• Autorzy: Waligóra Witold

Identyfikatory

DOI

10.24425/ijet.2025.153590

• Języki publikacji: EN

Abstrakty

EN

Recent advancements in large language models (LLMs) have demonstrated their potential beyond conventional natural language processing tasks. This study demonstrates that GPT-4, a state-of-the-art large language model, can semi-autonomously generate and execute side-channel attacks, specifically Correlation Power Analysis (CPA) and timing attacks. By letting the model build and execute code on physical hardware as well as collect and analyze power traces and timing information I’ll show that a non-expect operator equipped with an LLM can execute CPAs against industry-standard embedded encryption libraries. The findings suggest that LLMs’ capabilities present both opportunities for accelerated research and challenges related to the potential misuse of such technologies.

Słowa kluczowe

EN

Side channel analysis; Large Language Models; GPT-4

• Wydawca: Polish Academy of Sciences, Committee of Electronics and Telecommunication
• Czasopismo: International Journal of Electronics and Telecommunications
• Rocznik: 2025
• Tom: Vol. 71, No. 2
• Strony: 437--442
• Opis fizyczny: Bibliogr. 20 p., tab.

Twórcy

autor

Waligóra Witold

• Laboratories Myre

Bibliografia

• [1] N. Papernot, P. McDaniel, and A. Swami, “The limitations of deep learning in adversarial settings,” 2016 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 372-387, 2016. [Online]. Available: https://doi.org/10.1109/EuroSP.2016.36
• [2] J. Li, T. Zhang, and S. Xu, “The ai-based cyber threat landscape: A survey,” ACM Computing Surveys, vol. 53, no. 3, pp. 1-34, 2020.
• [3] S. Picek, A. Heuser, S. Guilley, L. Batina, and N. Mentens, “On the performance of convolutional neural networks for side-channel analysis,” in International Conference on Security, Privacy, and Applied Cryptography Engineering (SPACE 2018). Springer, 2018, pp. 157-176. [Online]. Available: https://doi.org/10.1007/978-3-030-05072-6 10
• [4] H. Maghrebi, “Deep learning based side channel attacks in practice,” IACR Cryptol. ePrint Arch., vol. 2019, p. 578, 2019. [Online]. Available: https://api.semanticscholar.org/CorpusID:174779461
• [5] G. Apruzzese, P. Laskov, E. Montes de Oca, W. Mallouli, L. Brdalo Rapa, A. V. Grammatopoulos, and F. Di Franco, “The role of machine learning in cybersecurity,” Digital Threats, vol. 4, no. 1, Mar. 2023. [Online]. Available: https://doi.org/10.1145/3545574
• [6] I. Rosenberg, A. Shabtai, Y. Elovici, and L. Rokach, “Adversarial machine learning attacks and defense methods in the cyber security domain,” ACM Computing Surveys, vol. 54, pp. 1-36, 05 2021.
• [7] E. Brier, C. Clavier, and F. Olivier, “Correlation power analysis with a leakage model,” in Cryptographic Hardware and Embedded Systems—CHES 2004. Springer, 2004, pp. 16-29. [Online]. Available: https://doi.org/10.1007/978-3-540-28632-5 2
• [8] P. C. Kocher, “Timing attacks on implementations of diffiehellman, rsa, dss, and other systems,” in Advances in Cryptology—CRYPTO’96. Springer, 1996, pp. 104-113. [Online]. Available: https://doi.org/10.1007/3-540-68697-5 9
• [9] P. Kocher, J. Jaffe, and B. Jun, “Differential power analysis,” in Advances in Cryptology—CRYPTO’99. Springer, 1999, pp. 388-397. [Online]. Available: https://doi.org/10.1007/3-540-48405-1 25
• [10] A. Vaswani, N. Shazeer, N. Parmar, J. Uszkoreit, L. Jones, A. N. Gomez, Ł. Kaiser, and I. Polosukhin, “Attention is all you need,” in Advances in Neural Information Processing Systems, 2017, pp. 5998-6008. [Online]. Available: https://papers.nips.cc/paper/2017/hash/3f5ee243547dee91fbd053c1c4a845aa-Abstract.html
• [11] M. Chen, J. Tworek, H. Jun, Q. Yuan, H. Ponde de Oliveira Pinto, J. Kaplan, H. Edwards, Y. Burda, N. Joseph, G. Brockman et al., “Evaluating large language models trained on code,” arXiv preprint arXiv:2107.03374, 2021. [Online]. Available: https://arxiv.org/abs/2107.03374
• [12] M. Brundage, S. Avin, J. Clark, and et al., “The malicious use of artificial intelligence: Forecasting, prevention, and mitigation,” arXiv preprint arXiv:1802.07228, 2018. [Online]. Available: https://arxiv.org/abs/1802.07228
• [13] P. Lewis, E. Perez, A. Piktus, F. Petroni, V. Karpukhin, N. Goyal, N. S. Keskar, W. tau Yih, T. Rockt¨aschel, S. Riedel et al., “Retrieval-augmented generation for knowledge-intensive NLP tasks,” in Advances in Neural Information Processing Systems, vol. 33, 2020, pp. 9459-9474. [Online]. Available: https://proceedings.neurips.cc/paper/2020/hash/6b493230205f780e1bc26945df7481e5-Abstract.html
• [14] C. O’Flynn and Z. Chen, “Chipwhisperer: An open-source platform for hardware embedded security research,” in Constructive Side-Channel Analysis and Secure Design. Springer, 2014, pp. 243-260. [Online]. Available: https://doi.org/10.1007/978-3-319-10175-0 17
• [15] ARM Limited, “mbedtls,” https://github.com/ARMmbed/mbedtls, accessed: March 2024.
• [16] wolfSSL Inc., “wolfssl,” https://www.wolfssl.com, accessed: March 2024.
• [17] K. Kokke, “TinyAES in C,” https://github.com/kokke/tiny-AES-c, accessed: March 2024.
• [18] OpenAI, “Openai api documentation,” https://platform.openai.com/docs/introduction, 2023.
• [19] T. Kojima, S. S. Gu, M. Reid, Y. Matsuo, and Y. Iwasawa, “Large language models are zero-shot reasoners,” arXiv preprint arXiv:2205.11916, 2022. [Online]. Available: https://arxiv.org/abs/2205.11916
• [20] W. Waligora, “SCAssistant - GPT-4 driven side-channel attacks on physical hardware using ChipWhisperer,” Online, 2024, available at https://github.com/wwa/SCAssistant.

Uwagi

Opracowanie rekordu ze środków MNiSW, umowa nr POPUL/SP/0154/2024/02 w ramach programu "Społeczna odpowiedzialność nauki II" - moduł: Popularyzacja nauki (2025).