The advent of CUDA-enabled GPU makes it possible to provide cloud applications with high-performance data security services. Unfortunately, recent studies have shown that GPU-based applications are also susceptible to side-channel attacks. These published work studied the side-channel vulnerabilities of GPU-based AES implementations by taking the advantage of the cache sharing among multiple threads or high parallelism of GPUs. Therefore, for GPU-based bitsliced cryptographic implementations, which are immune to the cache-based attacks referred to above, only a power analysis method based on the high-parallelism of GPUs may be effective. However, the leakage model used in the power analysis is not efficient at all in practice. In light of this, we investigate electro-magnetic (EM) side-channel vulnerabilities of a GPU-based bitsliced AES implementation from the perspective of bit-level parallelism and thread-level parallelism in order to make the best of the localization effect of EM leakage with parallelism. Specifically, we propose efficient multi-bit and multi-thread combinational analysis techniques based on the intrinsic properties of bitsliced ciphers and the effect of multi-thread parallelism of GPUs, respectively. The experimental result shows that the proposed combinational analysis methods perform better than non-combinational and intuitive ones. Our research suggests that multi-thread leakages can be used to improve attacks if the multi-thread leakages are not synchronous in the time domain.

中文翻译：

---

GPU 位切片 AES 实现的高效电磁分析

支持 CUDA 的 GPU 的出现使得为云应用程序提供高性能数据安全服务成为可能。不幸的是，最近的研究表明，基于 GPU 的应用程序也容易受到旁道攻击。这些已发表的工作通过利用多线程之间的缓存共享或 GPU 的高并行性来研究基于 GPU 的 AES 实现的侧信道漏洞。因此，对于上述基于缓存的攻击免疫的基于 GPU 的位片加密实现，只有基于 GPU 高并行度的功率分析方法可能是有效的。然而，功率分析中使用的泄漏模型在实践中根本没有效率。有鉴于此，我们从位级并行性和线程级并行性的角度研究了基于 GPU 的位切片 AES 实现的电磁 (EM) 侧信道漏洞，以便利用并行性充分利用 EM 泄漏的定位效果。具体而言，我们分别基于位切片密码的内在特性和 GPU 的多线程并行性的影响，提出了高效的多位和多线程组合分析技术。实验结果表明，所提出的组合分析方法比非组合和直观的方法表现更好。我们的研究表明，如果多线程泄漏在时域中不同步，则可以使用多线程泄漏来改进攻击。