Side-channel attacks (SCA) play a crucial role in assessing the security of the implementation of cryp- tographic algorithms. Still, traditional profiled attacks require a nearly identical reference device to the target, limiting their practicality. This thesis focuses on non-profiled SCA, which provides a re- alistic alternative when the attacker lacks access to a profiling device. Specifically, we investigate non-profiled deep learning-based SCA techniques. Our evaluation first explores existing unsupervised deep learning-based side-channel analysis approaches: differential deep learning analysis (DDLA) and multi-output regression (MOR). We show that using a validation set for key distinguishing, rather than the training set, improves the overall success rate across various datasets.
In the context of multi-output regression SCA, we comprehensively evaluate different loss functions. The thesis proposes a novel approach that outperforms existing methods by employing the normalized Z-score MSE (Z-MSE) loss function. Additionally, we introduce two key distinguishing methods, one based on the smallest Z-MSE loss and the other on the highest Pearson correlation between actual and predicted labels during validation. The experimental results show the efficacy of the novel approach in breaking traces protected by countermeasures. Notably, even with high levels of desynchronization (250) for ASCADf traces, the attack succeeds within a limited number of epochs (15).
Moreover, we demonstrate that the performance of the novel approach can be further enhanced through ensembles. This leads to a reduction in the number of traces required to break the key for most datasets and a decrease in the average guessing entropy. Data augmentation also proves beneficial in some instances, resulting in improved success rates.

Side-channel attacks (SCA) aim to extract a secret cryptographic key from a device, based on unintended leakage. Profiled attacks are the most powerful SCAs, as they assume the attacker has a perfect copy of the target device under his control. In recent years, machine learning (ML) and deep learning (DL) techniques have became popular as profiling tools in SCA. Still, there are many settings for which their performance is far from expected. In such occasions, it is very important to understand the difficulty of the problem and the behavior of the learning algorithm. To that end, one needs to investigate not only the performance of machine learning but also to provide insights into its explainability.

In this work, we look at various ways to explain the behaviour of ML and DL techniques. We study the bias-variance decomposition, where the predictive error in various scenarios is split in bias, variance and noise. While the results shed some light on the underlying difficulty of the problem, existing decompositions are not tuned for SCA. We propose the Guessing Entropy (GE) bias-variance decomposition, incorporating the domain-specific GE metric in a tool to analyse attack characteristics. Additionally, we show the relation between the mean squared error and guessing entropy. Our experiments show this decomposition is a useful tool in trade-offs such as model complexity.

To dive deeper into the inner representations of neural networks (NNs), we use Singular Vector Canonical Correlation Analysis (SVCCA) to compare models used in SCA. We find that different datasets, or even leakage models, are represented very differently by neural networks. We apply SVCCA to a recent portability study, which shows one should be careful to overtrain their networks with too much data.

Finally, do we even need complicated neural networks to conduct an efficient attack? We demonstrate that a small network can perform much better by mimicking the outputs of a large network, compared to learning from the original dataset.