Locating Side Channel Leakage in Time through Matched Filters

Side channel attacks provide an effective way to extract secret information from the execution of cryptographic algorithms run on a variety of computing devices. One of the crucial steps for a side channel attack to succeed is the capability to locate the time instant in which the cryptographic primitive being attacked is effectively leaking information on the side channel itself, and synchronize the data obtained from the measurements on that instant. In this work, we propose an efficient and effective solution relying on the digital signal processing technique known as matched filters. We derive our matched filter with a small amount of profiling information which can be obtained from a device matching the one under attack. Our technique reliably identifies the cryptographic operation being computed, even when system interrupts or software multithreading are enabled on our target platform. We validate our approach through a successful attack against an unprotected AES implementation running on a Cortex-M4-based microcontroller.