Welcome to the CHES2023 SMAesH Challenge

The SMAesH challenge is a side-channel analysis contest on SMAesH, a masked FPGA implementation of the AES. Using the public profiling dataset and the open-source hardware design, the goal is to mount a key-recovery attack using as few traces as possible.

Winners will be announced and rewarded at CHES2023.

Get started now!

Leaderboard

Key features

Open-source target: open-source AES implementation running on widespread SCA board: CW305 and Sakura-G with reproducible acquisition setup.

Public datasets: 16 million traces with random key and plaintext, 16 million traces with fixed key and random plaintext, covering 2 AES rounds (~4,500 samples per trace).

Simple example attack (that works) as a starting point: you can easily start by improving it.

Profiling challenge: the profiling dataset for the Artix-7 target (CW305) contains the values of all the shares in the executions, while the one for the Spartan-6 (Sakura-G) contains only the unmasked values.

Attack success criterion: rank of the key below \(1 \text{BTC-H}\cdot\mathrm{s}\), defined as the number of blocks hashed by the Bitcoin mining network in 1 second (fixed to \(2^{68}\) for the duration of the challenge).

Efficient implementation good latency vs area trade-off with 32-bit wide masked datapath (4 Sboxes in parallel).

Arbitrary-order masking: if you completely break the first-order design, there is more to come!

Attack ideas

The demo submission implements a textbook attack against the AES S-box output that should be easy to improve. We next share a few ideas of alternative strategies that could be used for this purpose:

• Try to re-use the demo submission with fewer traces! This is a quick and efficient way to gain points for early candidates.
• Exploit more leakage points: the demo targets the shares of the S-box output which lies in the combinatorial logic, but the masked states in the bitslice S-box or the output of MixColumns leak more.
• Profile larger target intermediate values: for example, the masked states in the bitslice S-box are larger than 8-bit despite they only depend on 8 key bits, and the output of MixColumns naturally depends on 32 key bits.
• Perform multi-target and multivariate attacks: there are multiple leaking operations in the implementations, which can be exploited with advanced statistical attacks (e.g., analytical strategies or machine learning).
• Try different profiling strategies: for low number of shares, directly profiling with a machine learning model without taking advantage of the shares' knowledge could be possible.
• Perform cross-dataset transfer learning: we provide more profiling power for the Artix-7 than for the Spartan-6.
• Exploit the leakage of the key scheduling algorithm.

Timeline

• 2023-05-08 Challenge launch with Artix-7 target, submission server opens.
• June 2023 Launch of the Spartan-6 target.
• 2023-09-1 Submission server closes.
• 2023-09-10 (at CHES) Award ceremony.

Submissions are graded continuously, and the leaderboard keeps getting updated. The best attacks are public: you can get inspiration from other participants, see the rules for more details.

Contact information

• Mailing list: announcements and challenge discussions. [send a mail] [subscribe] [list archive]
• Matrix channel for chatting with other participants, build teams, etc.
• Directly contact the organizers for private matters: info@simple-crypto.org.

Organizers

This challenge is organized by the SIMPLE-Crypto Association, a non-profit organization created in order to develop open source cryptographic implementations and to maintain them over time, currently with a strong focus on embedded implementation with strong physical security guarantees.

The contributors involved in this project are Gaëtan Cassiers, Charles Momin and François-Xavier Standaert.