CN111680787A

CN111680787A - Side channel curve processing method and device and electronic equipment

Info

Publication number: CN111680787A
Application number: CN202010536837.3A
Authority: CN
Inventors: 严迎建; 王恺; 朱春生; 郭朋飞; 陈琳; 张立朝; 钟晶鑫
Original assignee: Information Engineering University of PLA Strategic Support Force
Current assignee: Information Engineering University of PLA Strategic Support Force
Priority date: 2020-06-12
Filing date: 2020-06-12
Publication date: 2020-09-18
Anticipated expiration: 2040-06-12
Also published as: CN111680787B

Abstract

The application discloses a side channel curve processing method, a side channel curve processing device and electronic equipment, wherein the side channel curve processing method comprises the following steps: obtaining a plurality of side channel curves; obtaining a label curve corresponding to each side channel curve, wherein the value of each ordinate on the label curve is the label value of the ordinate of the side channel curve corresponding to the label curve on the same abscissa; sequentially taking each side channel curve as input data of a self-encoder, and training neural network parameters in the self-encoder until a loss function value of the self-encoder meets a loss convergence condition; the loss function value of the self-encoder is a loss function value between a label curve corresponding to a side channel curve input to the self-encoder and an encoding output result of the self-encoder aiming at the side channel curve; and obtaining a target coding output result of the self-encoder when the loss function value of the self-encoder meets the loss convergence condition, wherein the target coding output result is used for obtaining the target key.

Description

Side channel curve processing method and device and electronic equipment

Technical Field

The present application relates to the field of computer security technologies, and in particular, to a method and an apparatus for processing a side channel curve, and an electronic device.

Background

The side channel attack is an attack method for acquiring leakage information in the process of transmitting encrypted information and recovering sensitive information such as a key based on the leakage information. Implementing a side-channel attack typically includes three steps: the first step is to collect side channel curves related to the device, such as power consumption curves or electromagnetic radiation curves, from the target encryption device; the second step is to carry out preprocessing on the collected curves, such as noise reduction, curve alignment, dimension reduction, feature selection and the like, so as to extract meaningful information from the collected information; and the third step is to use the preprocessed curve to carry out modeling, analysis and mining so as to recover the correct key information in the curve.

In practical implementation, an attacker may not be able to obtain an accurate side channel curve and extract sensitive information from a practical environment due to noise that may exist in the encrypted information transmission process. However, an Auto Encoder (AE) is currently used to perform side channel curve noise reduction. The self-encoder is an unsupervised neural network learning model with output similar to input, and is mainly used for pre-learning of a neural network, compression and denoising of input data. In the specific implementation, the acquired side channel curve is input into a self-encoder, the self-encoder performs self-learning according to a loss function between input and output until the loss function is minimum, and at this time, an encoding output result corresponding to the side channel curve output by the self-encoder is a side channel curve processing result after noise reduction.

However, when the side channel curve is denoised using the self-encoder, additional noise needs to be added to the side channel curve input to the self-encoder. Therefore, if the added noise value is large, the noise component in the input data from the encoder will be large, and the noise reduction in the process of processing the side channel curve from the encoder may not be realized; if the added noise value is small, the trained self-encoder only learns low noise, and all noises cannot be denoised. Therefore, the existing noise reduction using the self-encoder for the side channel curve has low reliability.

Disclosure of Invention

In view of the above, the present application provides a side channel curve processing method, apparatus and electronic device, including:

a method of side channel curve processing, the method comprising:

obtaining a plurality of side channel curves, wherein the side channel curves are side channel curves of target data in channel transmission, and the target data are obtained by target key encryption;

obtaining a label curve corresponding to each side channel curve, wherein the value of each ordinate on the label curve is the label value of the ordinate of the side channel curve corresponding to the label curve on the same abscissa;

sequentially taking each side channel curve as input data of a pre-constructed self-encoder, and training neural network parameters in the self-encoder until a loss function value of the self-encoder meets a loss convergence condition; the loss function value of the self-encoder is a loss function value between a label curve corresponding to a side channel curve input to the self-encoder and an encoding output result of the self-encoder aiming at the side channel curve;

and obtaining a target coding output result of the self-encoder when the loss function value of the self-encoder meets the loss convergence condition, wherein the target coding output result is used for obtaining the target key.

In the above method, preferably, the self-encoder includes an encoder, a full link layer and a decoder;

the encoder is used for encoding a side channel curve input to the self-encoder to obtain a first encoding vector;

the full-connection layer comprises a first neuron and a second neuron, input data of the first neuron is the first coding vector, input data of the second neuron is a second coding vector obtained by coding at least one byte in plaintext or ciphertext corresponding to the target data, and the first coding vector and the second coding vector pass through the full-connection layer to obtain a coding input vector;

the decoder is used for decoding the coding input vector output by the full connection layer to obtain a coding output result.

the full-connection layer comprises a first neuron, input data of the first neuron is the first coding vector, and the first coding vector passes through the full-connection layer to obtain a coding input vector;

Preferably, the method for obtaining the label curve corresponding to each side channel curve includes:

obtaining a mean curve of a plurality of side channel curves corresponding to the same plaintext, wherein the mean curve corresponding to each plaintext is a label curve of the side channel curve corresponding to the plaintext, and the plaintext is data obtained by encrypting the target data by using the target key.

selecting a reference curve from a plurality of side channel curves corresponding to a first plaintext, wherein the reference curve is a label curve of each side channel curve corresponding to the first plaintext, the first plaintext is any plaintext in a plaintext set, and the plaintext is data obtained by encrypting the target data by using the target key;

selecting a target curve from a plurality of side channel curves corresponding to a second plaintext in the plaintext set, where the target curve is a curve that satisfies a preset correlation condition with the reference curve among the plurality of side channel curves corresponding to the second plaintext, the target curve is a label curve of each side channel curve corresponding to the second plaintext, and the second plaintext is any other plaintext in the plaintext set that is different from the first plaintext.

The above method, preferably, the relevant conditions include: the correlation coefficient between the target curve and the reference curve is the largest.

An apparatus for side channel curve processing, the apparatus comprising:

the device comprises a curve obtaining unit, a data processing unit and a data processing unit, wherein the curve obtaining unit is used for obtaining a plurality of side channel curves, the side channel curves are side channel curves of target data in channel transmission, and the target data are obtained by target key encryption;

a label curve obtaining unit, configured to obtain a label curve corresponding to each side channel curve, where a value of each ordinate on the label curve is a label value of a ordinate, corresponding to the same abscissa, of the side channel curve corresponding to the label curve;

the self-encoder training unit is used for sequentially taking each side channel curve as input data of a pre-constructed self-encoder and training neural network parameters in the self-encoder until a loss function value of the self-encoder meets a loss convergence condition; the loss function value of the self-encoder is a loss function value between a label curve corresponding to a side channel curve input to the self-encoder and an encoding output result of the self-encoder aiming at the side channel curve;

a result obtaining unit, configured to obtain a target encoding output result of the self-encoder when a loss function value of the self-encoder satisfies the loss convergence condition, where the target encoding output result is used to obtain the target key.

The above apparatus, preferably, the self-encoder includes an encoder, a full link layer and a decoder;

The apparatus preferably further includes a label curve obtaining unit that:

a first obtaining subunit, configured to obtain mean curves of multiple side channel curves corresponding to the same plaintext, where a mean curve corresponding to each plaintext is a label curve of a side channel curve corresponding to the plaintext, and the plaintext is data obtained by encrypting the target data using the target key;

and/or the presence of a gas in the gas,

a second obtaining subunit, configured to select a reference curve from multiple side channel curves corresponding to a first plaintext, where the reference curve is a label curve of each side channel curve corresponding to the first plaintext, the second plaintext is any plaintext in a plaintext set, and the plaintext is data obtained by encrypting the target data using the target key; selecting a target curve from a plurality of side channel curves corresponding to a second plaintext in the plaintext set, where the target curve is a curve that satisfies a preset correlation condition with the reference curve among the plurality of side channel curves corresponding to the second plaintext, the target curve is a label curve of each side channel curve corresponding to the second plaintext, and the second plaintext is any plaintext in the plaintext set that is different from the first plaintext.

An electronic device, comprising:

the memory is used for storing an application program and data generated by the running of the application program;

a processor for executing the application to implement: obtaining a plurality of side channel curves, wherein the side channel curves are side channel curves of target data in channel transmission, and the target data are obtained by target key encryption; obtaining a label curve corresponding to each side channel curve, wherein the value of each ordinate on the label curve is the label value of the ordinate of the side channel curve corresponding to the label curve on the same abscissa; sequentially taking each side channel curve as input data of a pre-constructed self-encoder, and training neural network parameters in the self-encoder until a loss function value of the self-encoder meets a loss convergence condition; the loss function value of the self-encoder is a loss function value between a label curve corresponding to a side channel curve input to the self-encoder and an encoding output result of the self-encoder aiming at the side channel curve; and obtaining a target coding output result of the self-encoder when the loss function value of the self-encoder meets the loss convergence condition, wherein the target coding output result is used for obtaining the target key.

As can be seen from the above technical solutions, in the side channel curve processing method, apparatus and electronic device disclosed in the present application, after a plurality of side channel curves are obtained in channel transmission of target data encrypted by a target key, a corresponding label curve is obtained for each side channel curve, where on the label curve, a value of each ordinate is a label value of a side channel curve corresponding to the label curve on a same abscissa, and thus, by sequentially using each side channel curve as input data of a self-encoder, a neural network parameter in the self-encoder can be trained until a loss function value of the self-encoder satisfies a loss convergence condition, and at this time, a loss function value of the self-encoder is a loss function value between a label curve corresponding to a side channel curve input to the self-encoder and an encoding output result of the self-encoder for the side channel curve, based on this, when the loss function value of the self-encoder meets the loss convergence condition, the target encoding output result of the self-encoder aiming at the corresponding side channel curve is the processing result which can be used for obtaining the target key in the side channel curve. It can be seen that, in the present application, the loss function value when training the self-encoder is no longer obtained only according to the original side channel curve input to the self-encoder, but is obtained by combining the label curve using the side channel curve, therefore, in the present application, the loss function formed by the label curve and the encoding output result of the self-encoder is used to train the self-encoder, so that the trained self-encoder can reduce the noise of the input side channel curve, i.e., eliminate the noise in the side channel curve, and compared with the case that the existing side channel curve is added with new noise and then the noise reduction self-encoder cannot eliminate the noise in the side channel curve through the training neural network, the present application can obviously improve the reliability of the noise reduction of the side channel curve.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.

Fig. 1 and 2 are schematic structural diagrams of a conventional self-encoder, respectively;

fig. 3 is a flowchart of a side channel curve processing method according to an embodiment of the present disclosure;

FIG. 4 is a schematic structural diagram of an auto-encoder according to an embodiment of the present application;

FIG. 5 is a schematic structural diagram of an auto-encoder in the embodiment of the present application;

fig. 6 is a schematic structural diagram of a side channel curve processing apparatus according to a second embodiment of the present application;

fig. 7 is a schematic partial structural diagram of a side channel curve processing apparatus according to a second embodiment of the present application;

fig. 8 is a schematic structural diagram of an electronic device according to a third embodiment of the present application;

fig. 9 is a schematic structural diagram of a basic side channel self-encoder SCAE in an embodiment of the present application;

FIG. 10 is a schematic structural diagram of an additional neuron self-encoder ANAE in an embodiment of the present application;

FIG. 11 is a schematic structural diagram of an additional neuron self-encoder ANAE in an embodiment of the present application;

FIG. 12 is a flowchart of an algorithm for a label curve generation algorithm in an embodiment of the present application;

fig. 13 is an algorithm flowchart of another label curve generation algorithm in the embodiment of the present application.

Detailed Description

In the current practical environment of side channel attack, an attacker may not be able to extract a key from a collected side channel curve, such as a power consumption curve, due to factors such as noise in the collected side channel curve, non-alignment of the curve, or use of a mask protection strategy. For example, in a side-channel attack, a noise-reducing self-encoder is typically used to de-noise the side-channel curve. The method comprises the following specific steps:

firstly, the self-encoder is an unsupervised neural network learning model with similar output and input, and is mainly used for pre-learning of a neural network, compression and denoising of input data. Self-encoders are typically used for initialization and pre-training of network parameters. The input data is better learned by pre-learning the weight values for each layer using the self-encoder, and then the neural network is learned by fine-tuning the weight values. Secondly, the self-encoder may be used to compress the dimensions of the input data, and the self-encoder for dimension reduction basically includes an encoder (encoder) part for compressing the size of the input data and a decoder (decoder) part for reconstructing the compressed data by the encoder to restore the original input data. Fig. 1 shows a basic structure of a self-encoder.

In fig. 1, X ═ X (X)₁,x₂,x₃,…,x_n)∈RⁿIs the input from the encoder, Z ═ Z₁,z₂,z₃,…,z_t)∈R^tReferred to as encoding, which is data compressed by encoding from an encoder, Y ═ Y₁,y₂,y₃,…,y_n)∈RⁿIs the output from the encoder. The neural network consisting of hidden layers between the input and the encoding is called encoder and the neural network consisting of hidden layers between the encoding and the output is called decoder.

If the encoder is represented by a function f () and the decoder by a function g (), the loss function from the encoder is defined as shown in equation (1):

Loss_AE＝L(X,g(f(X；θ))) (1)

if the training is successful, the input data X and output data Y from the encoder are identical, where X g (f) (X) g (z), X g (z) R^t→RⁿThis means that the compressed data, encoded, can be reconstructed into the original data by the function g () of the decoder, while the output data has a smaller dimension than the input data. Thus, the code has all the characteristics of the input, but is low-dimensional data. Therefore, the dimension reduction processing of the side channel curve is also realized in the prior art with reference to the self-encoder.

In order to implement noise reduction on the side channel curve, based on the implementation of the above self-encoder, a noise reduction self-encoder (DAE) is proposed, and the structure of the DAE and the basic self-encoder is the same, and the main difference is that the input data for training is different. Unlike self-encoders that use raw data as input data, DAE is trained by randomly adding new noise to the raw data, and fig. 2 shows the basic structure of the DAE.

As shown in FIG. 2To show that random noise is added to original data X to generate new data X_NAnd passes it as training data through an encoder (f)_E) After encoding, the vector code is output and passed through a decoder (f)_D) And outputting Y. Before adding noise as a label, learning is performed using the neural network and the output of the raw data X to minimize the loss function, as shown in equation (2). It recovers the original data input by training noisy data, so the noise reduction self-encoder training principle can use neural networks for noise reduction.

Loss_DAE＝L(X,f_D(f_E(X_N)))(2)

Where equation (2) represents the loss function of DAE, there are two methods for adding noise to input data in DAE: one is to add gaussian noise to the input data, and the other is to randomly zero out certain elements in the input data. Wherein in the first method, X is used by adding random noise in the noise reduction self-encoder_NLearning is performed, and the data in the short distance is projected onto the original X to be the same data. In the second approach, by making some elements zero, the neural network can be made to train the entire data, not just a particular portion of the data of interest. Thus, using the above method, the noise-reduced self-encoder can train to output noise-reduced data.

However, the inventors of the present application have conducted studies on the above noise reduction scheme to find that: the use of a noise reduction self-encoder in side channel attacks has two disadvantages:

first, with the first method, if noise is added to the collected power consumption curve and used as training data, the noise already in the collected curve itself will be further added to the noise, possibly making classification more difficult and the noise reduction self-encoder cannot learn.

For example, assuming that the energy consumption model is as shown in equation (3), equation (4) is a loss function of the noise reduction self-encoder when the input data is a power consumption curve.

Power＝+HW(Data)+Noise (3)

Loss_DAE＝L(g(f(X_N；θ)),X)

＝L(g(f(+HW(D)+Noise+Noise′)),+HW(D)+Noise) (4)

Wherein, hw (data) (also may be represented as hw (d)) in Power is a curve representation of the energy consumption model, Noise is Noise in the curve itself, and Noise' is new Noise added.

Therefore, when the actual curve noise value is low, the curve waveform does not need to remove noise. In contrast, if the Noise value is large, the weight of Noise in the training data + hw (d) + Noise' calculated by adding new Noise becomes larger than before, which makes learning of the neural network more difficult. If the noise is set too low by an attacker, the noise reduction self-encoder only trains low noise, and the noise reduction effect is reduced.

For the second method, when the random sampling point is 0, training data not related to the key may be generated, and valid information may be lost.

Therefore, the noise reduction self-encoder is not suitable for side channel attack, and certain difficulty exists in noise reduction by using the noise reduction self-encoder.

In view of the above, the inventor of the present application has made further research and proposes a technical solution capable of performing noise reduction processing on the side channel curve, as follows:

after a plurality of side channel curves are obtained in the channel transmission of target data encrypted by a target key, a corresponding label curve is obtained for each side channel curve, wherein on the label curve, the value of each ordinate is the label value of the ordinate of the side channel curve corresponding to the label curve on the same abscissa, thereby, each side channel curve is taken as the input data of a self-encoder in sequence, the neural network parameter in the self-encoder can be trained until the loss function value of the self-encoder meets the loss convergence condition, the loss function value of the self-encoder at the moment is the loss function value between the label curve corresponding to the side channel curve input to the self-encoder and the encoding output result of the self-encoder aiming at the side channel curve, when the loss function value of the self-encoder meets the loss convergence condition, the target encoding output result of the self-encoder for the corresponding side channel curve is the processing result which can be used for obtaining the target key in the side channel curve.

It can be seen that, in the present application, the loss function value when training the self-encoder is no longer obtained only according to the original side channel curve input to the self-encoder, but is obtained by combining the label curve using the side channel curve, therefore, in the present application, the loss function formed by the label curve and the encoding output result of the self-encoder is used to train the self-encoder, so that the trained self-encoder can reduce the noise of the input side channel curve, i.e., eliminate the noise in the side channel curve, and compared with the case that the existing side channel curve is added with new noise and then the noise reduction self-encoder cannot eliminate the noise in the side channel curve through the training neural network, the present application can obviously improve the reliability of the noise reduction of the side channel curve.

The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

Referring to fig. 3, a flowchart of an implementation of a side channel curve processing method provided in an embodiment of the present application is shown, where the method is applied to an electronic device capable of data processing, such as a computer or a server. The technical scheme in the embodiment is mainly used for performing noise reduction processing on a side channel curve of target data encrypted by the target key in channel transmission, and improving the reliability of the noise reduction processing, so that the obtained encoding output result can be used for obtaining the target key.

Specifically, the method in this embodiment may include the following steps:

step 301: a plurality of side channel curves are obtained.

The side channel curve is a side channel curve of the target data in channel transmission, such as a power consumption curve. And the target data transmitted in the channel is data encrypted by a target key through plaintext (or corresponding ciphertext) input by an attacker.

In specific implementation, when target data is transmitted in a channel, corresponding side channel curves at multiple moments can be continuously acquired through devices such as an oscilloscope and the like. Each side-channel curve is composed of a plurality of curve values, each of which may be represented by an abscissa value and an ordinate value. And the plaintext corresponding to each side channel curve may be the same or different. The plain text can take values in the range of 0-255.

Step 302: and obtaining a label curve corresponding to each side channel curve.

Each label curve may be composed of a plurality of label values, and a value of each ordinate on the label curve is a label value of a ordinate on the same abscissa corresponding to the side channel curve corresponding to the label curve. For example, the value y1 of the ordinate on the label curve a is the label value of the value y2 of the ordinate on the side channel curve B to which the label curve a corresponds, wherein the value y1 of the ordinate and the value y2 of the ordinate both correspond to the same abscissa x 1.

It should be noted that the label value in the label curve is a value obtained by processing the ordinate value of the corresponding side channel curve, and is different from the label value obtained by adding noise to the side channel curve in the prior art.

Specifically, the label curve corresponding to each side channel curve may be a curve obtained by averaging the side channel curves corresponding to the corresponding plaintext, or the label curve corresponding to each side channel curve may be a curve with higher correlation screened from the side channel curves corresponding to the corresponding plaintext.

Step 303: and sequentially taking each side channel curve as input data of a pre-constructed self-encoder, and training neural network parameters in the self-encoder until a loss function value of the self-encoder meets a loss convergence condition.

The self-encoder can be a training model which is constructed based on the neural network and can train the neural network parameters according to corresponding loss functions. The loss function value of the self-encoder in this embodiment is a loss function value between a label curve corresponding to a side channel curve input to the self-encoder and an encoding output result of the self-encoder for the side channel curve. The loss convergence condition is: with the iterative training of the self-encoder, the loss function value gradually decreases and decreases to the minimum, i.e., the loss function value gradually decreases and does not change after decreasing to a certain value.

In a specific implementation, one of the side channel curves may be selected from the multiple side channel curves and input to the self-encoder, so as to obtain an encoded output result of the self-encoder, at this time, a first loss function value is obtained according to a label curve corresponding to a first side channel curve input to the self-encoder and an encoded output result output by the self-encoder for the first side channel curve, and a neural network parameter in the self-encoder is adjusted according to the loss function value, such as increasing or decreasing a related neural network parameter, so as to reduce the loss function value;

then, selecting one side channel curve from the rest side channel curves and inputting the side channel curve into a self-encoder, thereby obtaining a new encoding output result of the self-encoder, at the moment, obtaining a second loss function value according to a label curve corresponding to a second side channel curve input into the self-encoder and an encoding output result output by the self-encoder aiming at the second side channel curve, obtaining a difference value between the first loss function value and the second loss function value, and then adjusting the neural network parameters in the self-encoder again according to the difference value and the second loss function value, so that the loss function value can be reduced;

then, a new side channel curve is selected from the rest side channel curves and input into the self-encoder, so as to obtain a new encoding output result of the self-encoder, at this time, a third loss function value is obtained according to a label curve corresponding to a third side channel curve input into the self-encoder and an encoding output result output by the self-encoder aiming at the third side channel curve, a difference value between the second loss function value and the third loss function value is obtained, the neural network parameters in the self-encoder are adjusted again according to the difference value and the third loss function value, and so on, along with the reduction of the loss function values, the training of the self-encoder is more and more perfect until the loss function values are minimum, namely the difference value between adjacent loss function values is not changed, and at this time, the training of the self-encoder is completed.

In a specific implementation, the loss function value can be represented by the following equation (5):

Loss_SCAE＝L(LT,f_D(f_E(X))) (5)

therein, Loss_SCAEI.e. the loss function representation from the encoder, X is the side channel curve, LT is the label curve corresponding to X, f_EFor the encoder function representation in the self-encoder, f_DIs represented as a decoder function in the self-encoder.

Step 304: a target encoding output result from the encoder is obtained when the loss function value from the encoder satisfies a loss convergence condition.

The target coding output result is an output result obtained by denoising the input side channel curve from the coder, and is also an output result obtained by dimensionality reduction of the side channel curve input from the coder.

That is to say, in the training process of the self-encoder in this embodiment, the loss function value between the obtained coding output result and the corresponding label curve after each training is monitored, and as the training frequency of the self-encoder increases, the loss function value of the corresponding self-encoder also continuously decreases, until the loss function value satisfies the loss convergence condition, that is, the loss function value decreases to the minimum and no longer changes, the coding output result output by the self-encoder is considered as the coding output result with the best noise reduction effect, that is, the target coding output result, and the obtained loss function value between the target coding output result and the label curve of the corresponding side channel curve is the minimum. The target coding output result at this time can be used for subsequent modeling, analysis and mining to recover the correct target key in the side channel curve, thereby realizing the side channel attack.

As can be seen from the foregoing technical solutions, in the side channel curve processing method provided in this embodiment of the present application, after a plurality of side channel curves are obtained in channel transmission of target data encrypted by a target key, a corresponding label curve is obtained for each side channel curve, where on the label curve, a value of each ordinate is a label value of a side channel curve corresponding to the label curve on a same abscissa, and thus, by sequentially using each side channel curve as input data from an encoder, a neural network parameter in the self encoder can be trained until a loss function value of the self encoder satisfies a loss convergence condition, where the loss function value of the self encoder is a loss function value between a label curve corresponding to a side channel curve input to the self encoder and an encoding output result of the self encoder for the side channel curve, based on this, when the loss function value of the self-encoder meets the loss convergence condition, the target encoding output result of the self-encoder aiming at the corresponding side channel curve is the processing result which can be used for obtaining the target key in the side channel curve. It can be seen that, in the present application, the loss function value when training the self-encoder is no longer obtained according to the original side channel curve input to the self-encoder, but obtained using the label curve of the side channel curve, therefore, in the present application, the loss function formed by the label curve and the encoding output result of the self-encoder is used to train the self-encoder, so that the trained self-encoder can reduce the noise of the input side channel curve, i.e., eliminate the noise in the side channel curve, and compared with the case that the existing side channel curve is added with new noise and then the noise reduction self-encoder cannot eliminate the noise in the side channel curve through the training neural network, the present application can obviously improve the reliability of reducing the noise of the side channel curve.

In one implementation, the self-encoder may include an encoder, a full-link layer, and a decoder, where the full-link layer includes a plurality of first neurons, as shown in fig. 4, based on which the encoder may be configured to perform an encoding process on a side channel curve input to the self-encoder to obtain a first encoding vector, where the first encoding vector may serve as input data of the first neurons, and the first encoding vector may output the encoding input vector after passing through the full-link layer, where the encoding input vector may serve as input data of the decoder, and the decoder may be configured to perform a decoding process on the encoding input vector output by the full-link layer to obtain an encoding output result.

In another implementation, when data encryption is performed using a target key, there is usually a case of a cryptographic algorithm using a mask strategy, and a cryptographic operation intermediate value is changed by a mask value, so that the intermediate value is unknown, at this time, there is no direct relationship between input data from an encoder and a side channel curve obtained in channel transmission, at this time, in order to ensure that the self-encoder can perform effective noise reduction on the side channel curve, in this embodiment, a second neuron may be added to a full-connection layer, as shown in fig. 5, the full-connection layer includes, in addition to a first neuron using a first encoding vector obtained by encoding the side channel curve by the encoder as input data, a plurality of second neurons using a second encoding vector as input data, where the second encoding vector refers to: and encoding at least one byte in the plaintext or the ciphertext corresponding to the target data to obtain an encoding vector, wherein the first encoding vector and the second encoding vector pass through a full connection layer to obtain an encoding input vector, the encoding input vector is input into a decoder, and the decoder decodes the encoding input vector output by the full connection layer to obtain an encoding output result.

The first coding vector and the second coding vector can be processed in the full link layer by using ReLu or Tanh as an activation function to generate a new coding vector, i.e. a coding input vector, as an input of the decoder.

Based on this, aiming at the situation that the simple affine transformation is performed on the plaintext and a random mask before the encryption operation is performed on the plaintext, so that the operation of the target key participating in the cryptographic algorithm under the protection of the mask cannot realize the effective noise reduction on the corresponding side channel curve, in the embodiment, the plaintext or the corresponding ciphertext is used as the input data of the additional neuron, so that the corresponding effective information can be provided in the self-encoder, and the output result of the output target code is more accurate through the training of the self-encoder, so that the success rate of the side channel attack can be improved.

In an implementation manner, when obtaining the label curve corresponding to each side channel curve in step 302, the following may be specifically implemented:

firstly, clustering a plurality of side channel curves corresponding to the same plaintext so that the plurality of side channel curves corresponding to the same plaintext are in the same curve set, wherein a plurality of curve sets can be obtained at the moment, each curve set respectively comprises a plurality of side channel curves, and the plurality of side channel curves in each curve set correspond to the same plaintext;

then, respectively aiming at each curve set, obtaining a mean curve of a plurality of side channel curves in the curve set, wherein at the moment, each curve set can obtain a mean curve, and the mean curve is a label curve of each side channel curve in the corresponding curve set.

That is, for the multiple side channel curves obtained in step 301 in this embodiment, if the side channel curves are completely aligned with respect to the abscissa, then in this embodiment, a mean curve of the multiple side channel curves corresponding to the same plaintext may be obtained, where the mean curve corresponding to each plaintext is a label curve of the side channel curve corresponding to the plaintext, and the plaintext is data obtained by encrypting the target data using the target key. For example, a plaintext "1" corresponds to 3 side channel curves, and the values of the ordinate of the three side channel curves on each abscissa are averaged to obtain an average curve, which is a label curve corresponding to each of the three side channel curves; for another example, the plaintext "235" corresponds to 9 side channel curves, and the values of the ordinate of each abscissa of the 9 side channel curves are averaged to obtain an average curve, which is the label curve corresponding to each of the 9 side channel curves, and so on.

It should be noted that the plaintext in this embodiment may be represented by 8 bits, so that there may be 256 possible plaintext values.

In another implementation, if a side channel attack resisting strategy such as random delay or jitter is adopted in channel transmission, in the side channel attack, the feature point sampling positions of each of the obtained side channel curves may be different, and the side channel curves may not be completely aligned with respect to the abscissa, and at this time, the obtaining manner using the mean curve in the foregoing cannot ensure that the finally trained self-encoder can output an accurate noise-reduced encoding output result. The method comprises the following specific steps:

first, in this embodiment, a reference curve is selected from a plurality of side channel curves corresponding to the first plaintext, where the reference curve is a label curve of each side channel curve corresponding to the first plaintext. The first plaintext is any plaintext in a plaintext set, and the plaintext set is a set formed by all data obtained by encrypting target data by using a target key;

it should be noted that the first plaintext in this embodiment may be a plaintext arbitrarily selected from a plaintext set, and in this embodiment, a reference curve may be randomly selected from a plurality of side channel curves corresponding to the first plaintext, or a reference curve may be selected according to a preset selection rule, such as curve coding;

then, for any other plaintext in the plaintext group, that is, a second plaintext in the plaintext group, in this embodiment, a target curve is selected from the multiple side channel curves corresponding to the second plaintext, where the target curve is a curve that satisfies a preset correlation condition between the multiple side channel curves corresponding to the second plaintext and the reference curve selected from the previous plaintext, and the correlation condition here may be: the correlation coefficient between the target curve and the reference curve is the largest, that is, each target curve is a side channel curve with the largest correlation coefficient with the reference curve in the curve set in which the target curve is respectively located. The selected target curve meeting the relevant condition is the label curve of each side channel curve corresponding to the second plaintext, and the second plaintext is any other plaintext in the plaintext set different from the first plaintext.

That is to say, in this embodiment, one plaintext is arbitrarily selected, one curve is arbitrarily selected from the multiple side channel curves corresponding to the plaintext as a reference curve, and then, for each of the other plaintext, a curve with the maximum correlation coefficient with the reference curve is selected from the multiple side channel curves corresponding to the plaintext as a target curve, where the reference curve and the target curve are label curves of the side channel curves corresponding to the plaintext respectively.

For example, in this embodiment, first, one side channel curve is arbitrarily selected from 41 side channel curves corresponding to a plaintext "26" as a reference curve, and then, one target curve is selected from a plurality of side channel curves corresponding to each plaintext in other plaintexts, such as "0" to "25" and "27" to "255", respectively, where each target curve is a side channel curve with the largest correlation coefficient with the reference curve in the plurality of side channel curves corresponding to the same plaintext. For example, one target curve is selected from the plurality of side channel curves corresponding to the plaintext "12", and the correlation coefficient between the selected target curve and the reference curve corresponding to the plaintext "26" is the largest among the plurality of side channel curves corresponding to the plaintext "12"; for another example, a target curve is selected from the plurality of side channel curves corresponding to the plaintext "165", the selected target curve has the largest correlation coefficient between reference curves corresponding to the plaintext "26" from the plurality of side channel curves corresponding to the plaintext "165", and so on.

Further, in this embodiment, after the label curve of each side channel curve is selected, an alignment operation may be performed on the label curves by using an alignment technique. Of course, in this embodiment, all the selected tab curves have the largest correlation coefficient, and therefore, the selected tab curves may be considered as aligned curves, and therefore, it may be selected not to perform the alignment operation.

Referring to fig. 6, a schematic structural diagram of a side channel curve processing apparatus provided in the second embodiment of the present application is shown, where the apparatus may be configured in an electronic device capable of performing data processing, such as a computer or a server. The technical scheme in the embodiment is mainly used for performing noise reduction processing on a side channel curve of target data encrypted by the target key in channel transmission, and improving the reliability of the noise reduction processing, so that the obtained encoding output result can be used for obtaining the target key.

Specifically, the apparatus in this embodiment may include the following units:

a curve obtaining unit 601, configured to obtain multiple side channel curves, where the side channel curves are side channel curves of target data in channel transmission, and the target data is obtained through target key encryption;

a label curve obtaining unit 602, configured to obtain a label curve corresponding to each side channel curve, where a value of each ordinate on the label curve is a label value of a ordinate, corresponding to the same abscissa, of the side channel curve corresponding to the label curve;

a self-encoder training unit 603, configured to train a neural network parameter in a self-encoder by sequentially using each side channel curve as input data of the pre-constructed self-encoder until a loss function value of the self-encoder satisfies a loss convergence condition; the loss function value of the self-encoder is a loss function value between a label curve corresponding to a side channel curve input to the self-encoder and an encoding output result of the self-encoder aiming at the side channel curve;

a result obtaining unit 604, configured to obtain a target encoding output result of the self-encoder when the loss function value of the self-encoder satisfies a loss convergence condition, where the target encoding output result is used to obtain the target key.

It can be seen from the above technical solution that, in the side channel curve processing apparatus provided in the second embodiment of the present application, after a plurality of side channel curves are obtained in channel transmission of target data encrypted by a target key, a corresponding label curve is obtained for each side channel curve, where on the label curve, a value of each ordinate is a label value of a side channel curve corresponding to the label curve on a same abscissa, and thus, by sequentially using each side channel curve as input data from an encoder, a neural network parameter in the self-encoder can be trained until a loss function value of the self-encoder satisfies a loss convergence condition, where the loss function value of the self-encoder is a loss function value between the label curve corresponding to the side channel curve input to the self-encoder and an encoding output result of the self-encoder for the side channel curve, based on this, when the loss function value of the self-encoder meets the loss convergence condition, the target encoding output result of the self-encoder aiming at the corresponding side channel curve is the processing result which can be used for obtaining the target key in the side channel curve. It can be seen that, in this embodiment, the loss function value when the self-encoder is trained is obtained not according to the original side channel curve input to the self-encoder, but using the label curve of the side channel curve, therefore, in this embodiment, the loss function formed by the label curve and the encoding output result of the self-encoder is used to train the self-encoder, so that the trained self-encoder can reduce the noise of the input side channel curve, that is, eliminate the noise in the side channel curve.

In one implementation, the self-encoder includes an encoder, a full link layer, and a decoder, as shown in fig. 4, the encoder is configured to perform an encoding process on a side channel curve input to the self-encoder to obtain a first encoded vector; the full-connection layer comprises a first neuron, input data of the first neuron is the first coding vector, and the first coding vector passes through the full-connection layer to obtain a coding input vector; the decoder is used for decoding the coding input vector output by the full connection layer to obtain a coding output result.

In another implementation, the self-encoder comprises an encoder, a full link layer and a decoder; as shown in fig. 5, the encoder is configured to perform an encoding process on the side channel curve input to the self-encoder to obtain a first encoded vector; the full-connection layer comprises a first neuron and a second neuron, input data of the first neuron is the first coding vector, input data of the second neuron is a second coding vector obtained by coding at least one byte in plaintext or ciphertext corresponding to the target data, and the first coding vector and the second coding vector pass through the full-connection layer to obtain a coding input vector; the decoder is used for decoding the coding input vector output by the full connection layer to obtain a coding output result.

In one implementation, the tag curve obtaining unit 602 in this embodiment may include the following structure, as shown in fig. 7:

a first obtaining subunit 621, configured to obtain mean curves of multiple side channel curves corresponding to the same plaintext, where each mean curve corresponding to the plaintext is a label curve of the side channel curve corresponding to the plaintext, and the plaintext is data obtained by encrypting the target data using the target key;

and/or the presence of a gas in the gas,

a second obtaining subunit 622, configured to select a reference curve from multiple side channel curves corresponding to a first plaintext, where the reference curve is a label curve of each side channel curve corresponding to the first plaintext, the second plaintext is any plaintext in a plaintext set, and the plaintext is data obtained by encrypting the target data using the target key; selecting a target curve from a plurality of side channel curves corresponding to a second plaintext in the plaintext set, where the target curve is a curve that satisfies a preset correlation condition with the reference curve among the plurality of side channel curves corresponding to the second plaintext, the target curve is a label curve of each side channel curve corresponding to the second plaintext, and the second plaintext is any plaintext in the plaintext set that is different from the first plaintext.

Optionally, the relevant conditions include: the correlation coefficient between the target curve and the reference curve is the largest.

It should be noted that, for the specific implementation of each unit in the present embodiment, reference may be made to the corresponding content in the foregoing, and details are not described here.

Referring to fig. 8, a schematic structural diagram of an electronic device according to a third embodiment of the present disclosure is shown, where the electronic device may be a computer or a server capable of performing data processing. The technical scheme in the embodiment is mainly used;

specifically, the electronic device in this embodiment may include the following structure:

a memory 801 for storing applications and data generated by the application operations;

a processor 802 for executing the application to implement: obtaining a plurality of side channel curves, wherein the side channel curves are side channel curves of target data in channel transmission, and the target data are obtained by target key encryption; obtaining a label curve corresponding to each side channel curve, wherein the value of each ordinate on the label curve is the label value of the ordinate of the side channel curve corresponding to the label curve on the same abscissa; sequentially taking each side channel curve as input data of a pre-constructed self-encoder, and training neural network parameters in the self-encoder until a loss function value of the self-encoder meets a loss convergence condition; the loss function value of the self-encoder is a loss function value between a label curve corresponding to a side channel curve input to the self-encoder and an encoding output result of the self-encoder aiming at the side channel curve; and obtaining a target coding output result of the self-encoder when the loss function value of the self-encoder meets a loss convergence condition, wherein the target coding output result is used for obtaining the target secret key.

In addition, the electronic device in this embodiment may be connected to a device such as an oscilloscope, so as to obtain multiple side channel curves acquired by the device such as the oscilloscope.

It can be seen from the foregoing technical solutions that, in an electronic device provided in the third embodiment of the present application, after a plurality of side channel curves are obtained in channel transmission of target data encrypted by a target key, a corresponding label curve is obtained for each side channel curve, where a value of each ordinate on the label curve is a label value of a side channel curve corresponding to the label curve on a same abscissa, so that a neural network parameter in a self-encoder can be trained by sequentially using each side channel curve as input data from the encoder until a loss function value of the self-encoder satisfies a loss convergence condition, where the loss function value of the self-encoder is a loss function value between the label curve corresponding to the side channel curve input to the self-encoder and an encoding output result of the self-encoder for the side channel curve, based on this, when the loss function value of the self-encoder meets the loss convergence condition, the target encoding output result of the self-encoder aiming at the corresponding side channel curve is the processing result which can be used for obtaining the target key in the side channel curve. It can be seen that, in this embodiment, the loss function value when the self-encoder is trained is obtained not according to the original side channel curve input to the self-encoder, but using the label curve of the side channel curve, therefore, in this embodiment, the loss function formed by the label curve and the encoding output result of the self-encoder is used to train the self-encoder, so that the trained self-encoder can reduce the noise of the input side channel curve, that is, eliminate the noise in the side channel curve.

It should be noted that, the specific implementation of the processor in the present embodiment may refer to the corresponding content in the foregoing, and is not described in detail here.

Based on the technical principle, different side channel curve processing schemes can be adopted under different scenes in the application, and the noise reduction processing of the side channel curve is realized. First, two self-encoder structures and two tag curve generation algorithms related to the present application are explained as follows:

the first self-encoder structure is as follows:

in the present application, the existing noise reduction self-encoder is improved, so that the existing noise reduction self-encoder can be used for Side Channel attack, also called Side Channel auto-encoder (SCAE), as shown in fig. 9, which is the basic structure of the Side Channel self-encoder of the present application. This structure uses original input data, i.e., an original side channel curve, as training data, and uses a curve generated through a label curve generation algorithm as a label curve LT, so that a side channel self-encoder can detect true noise in the side channel curve to output noise-reduced data.

As shown in fig. 9, X is the input of the side channel self-encoder, the label curve LT is the label of the training data X, and the loss function of the side channel self-encoder is shown in equation (5).

It can be seen that in the conventional noise reduction self-encoder, the neural network is trained to eliminate the new noise added by the attacker, but the noise carried by the side channel curve itself cannot be eliminated. However, the side channel self-encoder in the present application is trained to eliminate the noise in the collected side channel curve. Unlike the loss function of the noise reduction self-encoder in the formula (4), the loss function of the side channel self-encoder in the present embodiment is obtained based on the difference between the output Y obtained from the original input curve X and the label curve LT.

The second self-encoder structure is as follows:

aiming at the cryptographic algorithm adopting the mask strategy, a mask protection technology may be adopted, the mask protection technology is the protection means used for resisting side channel attack, and the protection idea of the mask protection technology is as follows: plain data is subjected to simple affine transformation with a random mask before operation, and participates in the operation and cryptographic operation of a cryptographic algorithm under the protection of the mask, so that an intermediate value is changed by the mask value, the intermediate value is unknown, and the input data has no direct relation with an acquired energy curve. The method uses AN Additional Neuron (AN) to input a plaintext P or a ciphertext C into a neural network of a self-encoder as Additional information, uses a curve generated by a label curve generation algorithm as a label LT, and trains the neural network to minimize a loss function and realize curve noise reduction.

Thus, in the present application, the basic structure of a side channel self-encoder with additional neurons is shown in fig. 10. Correspondingly, as shown in fig. 11, when plaintext or ciphertext is used as input of the additional neuron, 1 byte length of the plaintext or ciphertext is selected, one-hot encoding is used for encoding, a vector with a length of 256 variables is encoded, and the vector (a second encoding vector) and AN encoding value (a first encoding vector) of the encoder generate a new encoding value (AN encoding input vector) through AN activation function through a full connection layer to serve as input of the decoder. In the former case, the activation function may be a ReLu or Tanh activation function.

Therefore, plaintext or ciphertext data is used as input of the additional neurons in the method, part of effective information can be provided in training, and therefore training accuracy and the success rate of side channel attack realization in the follow-up process can be improved.

The first label curve generation algorithm (algorithm I) is as follows:

in the application, a label curve is generated by preprocessing an original side channel curve and is used as a label for neural network training. In the present application, under the condition that the original side channel curves are completely aligned, an "averaging method" may be used to generate a label curve, which may also be referred to as: and (4) generating a basic label curve.

As can be seen from the maximum likelihood estimation of equation (3), the expected value is the average of the curves having the same median value D. Taking AES (advanced Encryption Standard) block cipher algorithm as an example, the secret key K is assumed to be a fixed valueThen middle value

P is plaintext, and the same plaintext P has the same intermediate value D when performing encryption operation, so that the same mean curve of the plaintext P is the mean curve of the intermediate value D. Even in the non-template side channel attack scenario where the intermediate value D is unknown, the side channel curve processing techniques proposed in the present application, such as implementing a side channel attack using differential energy analysis (dpa) or correlated energy analysis (cpa) to obtain the key, can be used.

The specific manner of obtaining the mean curve is shown in fig. 12, which is an algorithm flowchart of the tag curve generation algorithm proposed in the present application.

Wherein N is the number of the collected side channel curves, i is the numerical value of the plaintext, and X_nRepresenting the plaintext as P_nEach side channel curve of time, R_iIs the mean curve, R, corresponding to the plaintext i_jIs a mean curve corresponding to a plaintext j, i and j are respectively labels in the range of 0-255, LT_kFor the label curve, P, corresponding to the kth side channel curve_kThe value of the plaintext corresponding to the k-th side channel curve is in the range of 0-255.

Based on this, in this embodiment, the mean value is calculated for all curve sets corresponding to the respective plaintexts P (e.g. 0 to 255), and the obtained mean value curve R is the label curve LT corresponding to the plaintexts P, so that the return value of the algorithm is 256 label curves LT, which are the label curves of the side channel curves corresponding to the respective plaintexts. Therefore, the label curve of each plaintext category is obtained for each plaintext in the scheme, and 256 classified noises can be removed.

The second label curve generation algorithm (algorithm II) is as follows:

the second label curve generation algorithm in the present application may also be referred to as: and generating an algorithm aiming at the label curve of the hiding strategy.

When the target key encrypts data, side channel curves are not completely aligned by adopting side channel attack resisting strategies such as random time delay, jitter and the like, the sampling positions of the characteristic points of each side channel curve are different, and the label curve is difficult to obtain by an averaging method in a first label curve generation algorithm. Therefore, in this case, in order to apply the conventional side channel attack, the original side channel curve needs to be preprocessed to implement the alignment operation of the label curve. The application proposes a simple and fast curve preprocessing method to obtain aligned label curves.

In the present application, when the original side channel curves are not aligned, the label is generated by using the "median method", as shown in fig. 13, which is an algorithm flowchart of a label curve generation algorithm for the hidden policy proposed in the present application.

Similar to the first label curve generation algorithm, one label curve is selected for each plaintext P among the non-aligned curves having the same median value. The method comprises the following specific steps:

in the second labeled curve generation algorithm, first, one curve is randomly selected from a plurality of side channel curves corresponding to a plaintext (e.g., plaintext 0) to serve as a reference curve, and then correlation coefficients between the side channel curves corresponding to different plaintext P (e.g., 1-255) and the reference curve are calculated. Then, a curve R with the highest correlation coefficient is selected for each set of side channel curves corresponding to plaintext, respectively, as a label curve LT of each set of side channel curves corresponding to plaintext. Finally, the alignment operation may be performed on 256 label curves using an alignment technique, or the alignment operation may not be performed, or the alignment operation may be performed on only a small number of 256 curves to obtain the label curves.

Based on the above two side channel self-encoders and two label curve generation algorithms, the preprocessing of the side channel curves of 4 application scenarios as in table 1 can be realized in the present application, so as to improve the accuracy and reliability of the subsequent key acquisition.

For example, for an attack scenario in which curves are aligned and mask protection is not used, a label curve of each side channel curve may be generated using algorithm I, and the side channel curves are processed using a basic side channel self-encoder SCAE structure using the label curves;

for another example, for an attack scenario in which curves are aligned but protected by masks, a label curve of each side channel curve may be generated using algorithm I, and the side channel curve may be processed using the label curve using an additional neuron self-encoder ANAE structure;

for another example, for an attack scenario in which the curves are not aligned and mask protection is not used, a label curve of each side channel curve may be generated using algorithm II, and the side channel curve is processed using a basic side channel self-encoder SCAE structure using the label curve;

as another example, for an attack scenario where the curves are not aligned and protected with a mask, algorithm II may be used to generate a label curve for each side-channel curve and the side-channel curve may be processed with the label curve using an additional neuron auto-encoder ANAE structure.

TABLE 1 application scenarios

	SCAE structure	ANAE structure
			Algorithm I	Scene 1: curve alignment, unused mask protection	Scene 2: curve alignment, use mask protection
Algorithm II	Scene 3: curve non-alignment, unused mask protection	Scene 4: curve non-alignment, using mask protection

The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the method part for description.

Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.

The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.

The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims

1. A method for processing a side channel profile, the method comprising:

2. The method of claim 1, wherein the self-encoder comprises an encoder, a full-link layer, and a decoder;

3. The method of claim 1, wherein the self-encoder comprises an encoder, a full-link layer, and a decoder;

4. The method of claim 1, 2 or 3, wherein obtaining the label curve corresponding to each side channel curve comprises:

5. The method of claim 1, 2 or 3, wherein obtaining the label curve corresponding to each side channel curve comprises:

6. The method of claim 5, wherein the relevant condition comprises: the correlation coefficient between the target curve and the reference curve is the largest.

7. An apparatus for side channel profile processing, the apparatus comprising:

8. The apparatus of claim 7, the self-encoder comprising an encoder, a fully-connected layer, and a decoder;

9. The apparatus of claim 7 or 8, the label curve obtaining unit comprising:

and/or the presence of a gas in the gas,

10. An electronic device, comprising: