pith. sign in

arxiv: 2604.24701 · v1 · submitted 2026-04-27 · 💻 cs.CR

Profiling Resilient to Change in Probe Position

Elie Bursztein , Michael Gruber , Karel Kr\'al , Jean-Michel Picod , Matthias Probst , Georg Sigl This is my paper

Pith reviewed 2026-05-08 02:31 UTC · model grok-4.3

classification 💻 cs.CR
keywords side channel analysiselectromagnetic side channelsneural networksprofiling attacksprobe positioningSCAEM leakagecross-lab evaluation
0
0 comments X

The pith

Training one neural network on EM traces from multiple probe positions enables leakage detection over a larger device area.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

This paper shows how to train a single neural network using electromagnetic traces gathered from several different probe positions on a chip. The goal is to create a model that can detect side-channel leakage without needing the probe to be in one specific optimal spot. By doing so, the network learns to combine information from a wider area of the device. The method is evaluated by training in one laboratory and testing the attack on traces collected in a completely separate lab. This approach addresses the practical challenge of probe positioning in electromagnetic side-channel analysis, which is often sensitive and time-consuming to optimize.

Core claim

The paper establishes that a neural network trained on electromagnetic side-channel traces from multiple probe positions can successfully profile and attack cryptographic implementations by detecting leakage from a larger area of the device. This is demonstrated through cross-laboratory evaluations where the profiling data and attack traces are acquired independently.

What carries the argument

A neural network trained jointly on EM traces from varied probe positions, which integrates leakage information without requiring position-specific adjustments or preprocessing.

If this is right

  • Attacks become more robust to small changes in probe placement during the attack phase.
  • The effective attack surface on the device increases as more area contributes usable leakage.
  • Profiling effort can be distributed across positions rather than focused on finding a single hot spot.
  • Cross-lab validation indicates the method generalizes beyond a single measurement setup.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Hardware security evaluations might need to account for models that exploit multi-position data, potentially requiring more comprehensive testing protocols.
  • This could reduce reliance on automated hot-spot finding algorithms by making position choice less critical.
  • Future work might explore optimal ways to select or combine the positions for training to maximize coverage.

Load-bearing premise

Electromagnetic traces from different probe positions contain compatible leakage signals that a single neural network can learn to combine effectively without one position's data interfering with others.

What would settle it

Observing that a model trained on multi-position traces performs worse than models trained on individual positions when evaluated on held-out data from the same positions would falsify the claim of effective combination.

read the original abstract

Side Channel Analysis (SCA) relaxes the black-box assumption of conventional cryptanalysis by incorporating physical measurements acquired during cryptographic operations. Electro-magnetic (EM) emissions of a chip during computations often provide a very valuable source of side channel leakage. During the evaluation of a chip for electro-magnetic side channel emissions one needs to position an electro-magnetic probe in an advantageous position relative to the chip. Previous literature focused on hot-spot finding and to a lower extend repositioning. Trace augmentations have been considered to aid portability of profiling using one physical device and attacking another device. This paper focuses on training a single neural network using traces from multiple EM probe positions to detect leakage from a larger area over the attacked device. We provide dual evaluation of EM traces - from two completely independent labs - profiling on data from one lab and attacking traces from the other lab.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

1 major / 1 minor

Summary. The manuscript proposes training a single neural network on EM side-channel traces collected from multiple probe positions on a cryptographic device. The goal is to create a profiler that detects leakage over a larger area and remains effective when the probe position changes. The central evaluation uses a dual-lab protocol: the network is trained on traces from one independent laboratory and tested on traces from a second, completely separate laboratory.

Significance. If the central claim holds after addressing the evaluation gap, the result would be practically useful for side-channel analysis, where precise probe positioning is often difficult and time-consuming. The cross-lab design is a positive step toward demonstrating portability, but the current setup does not isolate probe-position effects from other laboratory differences.

major comments (1)
  1. [Cross-lab evaluation] Cross-lab evaluation (described in the abstract and the dual-lab protocol section): the experiment confounds probe-position variation with uncontrolled differences in devices, probe hardware, acquisition chains, temperature, and grounding between the two independent labs. Successful transfer therefore cannot be attributed specifically to multi-position training; the network could succeed or fail for unrelated reasons. A controlled within-lab experiment that varies only probe position on the same setup is required to support the central claim.
minor comments (1)
  1. [Abstract] Abstract: no quantitative results, success rates, or baseline comparisons are reported, which makes it impossible to judge the magnitude of any improvement from the multi-position approach.

Simulated Author's Rebuttal

1 responses · 0 unresolved

We thank the referee for the detailed and constructive review. The central concern regarding the cross-lab evaluation is addressed point-by-point below. We agree that the current design does not fully isolate probe-position effects and will revise the manuscript accordingly.

read point-by-point responses

  1. Referee: Cross-lab evaluation (described in the abstract and the dual-lab protocol section): the experiment confounds probe-position variation with uncontrolled differences in devices, probe hardware, acquisition chains, temperature, and grounding between the two independent labs. Successful transfer therefore cannot be attributed specifically to multi-position training; the network could succeed or fail for unrelated reasons. A controlled within-lab experiment that varies only probe position on the same setup is required to support the central claim.

    Authors: We acknowledge that the dual-lab protocol introduces multiple uncontrolled variables (device, probe hardware, acquisition chain, temperature, grounding) in addition to probe position. Our original intent was to evaluate practical portability under realistic conditions where position changes occur alongside other setup differences. However, this does not isolate the specific contribution of multi-position training to position resilience. We agree that a controlled within-lab experiment varying only probe position on identical hardware is required to support the central claim. In the revised version we will add such an experiment: traces collected from multiple probe positions on the same device and acquisition setup within one laboratory, with all other factors held constant. We will report the performance of single-position versus multi-position models under this controlled condition and update the abstract, introduction, and evaluation sections to clarify the distinction between the controlled position-invariance test and the cross-lab portability results. revision: yes

Circularity Check

0 steps flagged

No circularity: purely empirical ML with external cross-lab validation

full rationale

The paper describes an empirical approach: collect EM traces from multiple probe positions on a device, train one neural network on the combined data, and evaluate transfer to traces from a completely independent lab. No equations, derivations, fitted parameters renamed as predictions, or self-citation chains appear in the provided text. The central claim rests on standard supervised learning plus an external benchmark (separate lab), which is independent of the training data and does not reduce to any input by construction. This matches the default expectation for non-circular empirical work.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

Abstract-only review supplies no equations, no fitted constants, and no explicit assumptions beyond the standard premise that EM leakage exists and can be captured by probes.

pith-pipeline@v0.9.0 · 5447 in / 995 out tokens · 40732 ms · 2026-05-08T02:31:33.093705+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

18 extracted references · 1 canonical work pages

  1. [1]

    Correlation power analysis with a leakage model

    [BCO04a] Eric Brier, Christophe Clavier, and Francis Olivier. Correlation power analysis with a leakage model. In Marc Joye and Jean-Jacques Quisquater, E.Bursztein M.Gruber K.Král J-M Picod M.Probst G.Sigl 17 editors,CHES 2004, volume 3156 ofLNCS, pages 16–29. Springer, Berlin, Heidelberg, August

    2004

  2. [2]

    Generalized power attacks against crypto hardware using long-range deep learning.IACR TCHES, 2024(3):472–499,

    [BIK+24] Elie Bursztein, Luca Invernizzi, Karel Král, Daniel Moghimi, Jean-Michel Picod, and Marina Zhang. Generalized power attacks against crypto hardware using long-range deep learning.IACR TCHES, 2024(3):472–499,

    2024

  3. [3]

    Deep learning to evaluate secure RSA implementations

    [CCC+19] Mathieu Carbone, Vincent Conin, Marie-Angela Cornelie, Francois Dassance, Guillaume Dufresne, Cecile Dumas, Emmanuel Prouff, and Alexandre Venelli. Deep learning to evaluate secure RSA implementations. Cryptology ePrint Archive, Report 2019/054,

    2019

  4. [4]

    Rao, and Pankaj Rohatgi

    [CRR03] Suresh Chari, Josyula R. Rao, and Pankaj Rohatgi. Template attacks. In Burton S. Kaliski, Jr., Çetin Kaya Koç, and Christof Paar, editors, CHES 2002, volume 2523 ofLNCS, pages 13–28. Springer, Berlin, Heidelberg, August

    2002

  5. [5]

    https://chipwhisperer.readthedocs

    [cws] Chipwhisperer supported devices. https://chipwhisperer.readthedocs. io/en/latest/chipwhisperer-target-cw308t/CW308T_STM32F/README. html#supported-devices. Accessed: 2025-04-22. [cwT] ChipWhisperer tutorial CPA on Hardware AES Implementation. https://github.com/newaetech/chipwhisperer-jupyter/blob/main/ courses/sca201/SOLN_Lab%202_2%20-%20CPA%20on%20...

    2025

  6. [6]

    X-DeepSCA: Cross-device deep learning side channel attack

    [DGD+19] Debayan Das, Anupam Golder, Josef Danial, Santosh Ghosh, Arijit Ray- chowdhury, and Shreyas Sen. X-DeepSCA: Cross-device deep learning side channel attack. Cryptology ePrint Archive, Report 2019/818,

    2019

  7. [7]

    Cpa on hardware aes implementation

    [DO] Alex Dewar and Colin O’Flynn. Cpa on hardware aes implementation. https://github.com/newaetech/chipwhisperer-jupyter/blob/main/ courses/sca201/SOLN_Lab%202_2%20-%20CPA%20on%20Hardware%20AES% 20Implementation.ipynb. Accessed: 2025-09-03. [GBR+12] Arthur Gretton, Karsten M Borgwardt, Malte J Rasch, Bernhard Schölkopf, and Alexander Smola. A kernel two-...

    2025

  8. [8]

    120.147 efficient electromagnetic side channel analysis by probe positioning using multi-layer perceptron

    [GMD+20] Anupam Golder, Baogeng Ma, Debayan Das, Josef Danial, Shreyas Sen, and Arijit Raychowdhury. 120.147 efficient electromagnetic side channel analysis by probe positioning using multi-layer perceptron. Cryptology ePrint Archive, Report 2020/988,

    2020

  9. [9]

    A probe placement method for efficient electromagnetic attacks

    [JP21] Minmin Jiang and Vasilis F Pavlidis. A probe placement method for efficient electromagnetic attacks. InSMACD/PRIME 2021; International Conference on SMACD and 16th Conference on PRIME, pages 1–4. VDE,

    2021

  10. [10]

    langer-emv.de/en/product/vorverstaerker/37/ pa-306-sma-set-vorverstaerker-100-khz-bis-6-ghz/817/ pa-306-sma-vorverstaerker-100-khz-bis-6-ghz/816

    https://www. langer-emv.de/en/product/vorverstaerker/37/ pa-306-sma-set-vorverstaerker-100-khz-bis-6-ghz/817/ pa-306-sma-vorverstaerker-100-khz-bis-6-ghz/816 . Accessed: 2025-05-13. [Lanb] Langer Bias-Tee BT

    2025

  11. [11]

    com/en/product/mfa-aktiv-1-mhz-bis-6-ghz/32/ mfa-01-set-mikrosonden-1-mhz-bis-6-ghz/283/ bt-706-bias-tee-fuer-langer-sonden/149

    https://www.langer-emv. com/en/product/mfa-aktiv-1-mhz-bis-6-ghz/32/ mfa-01-set-mikrosonden-1-mhz-bis-6-ghz/283/ bt-706-bias-tee-fuer-langer-sonden/149. Accessed: 2025-05-13. [Lanc] Langer EMV RF 7-4 near-field probe. https://www. langer-emv.de/en/product/rf-passive-30-mhz-3-ghz/35/ rf-k-7-4-h-field-probe-30-mhz-up-to-1-ghz/9 . Accessed: 2025- 05-02. [Lan...

    2025

  12. [12]

    SGDR: stochastic gradient descent with warm restarts

    [LH17] Ilya Loshchilov and Frank Hutter. SGDR: stochastic gradient descent with warm restarts. In5th International Conference on Learning Representations, ICLR 2017, Toulon, France, April 24-26, 2017, Conference Track Proceedings. OpenReview.net,

    2017

  13. [13]

    Hardware countermeasures against DPA – A statistical analysis of their effectiveness

    E.Bursztein M.Gruber K.Král J-M Picod M.Probst G.Sigl 19 [Man04] Stefan Mangard. Hardware countermeasures against DPA – A statistical analysis of their effectiveness. In Tatsuaki Okamoto, editor,CT-RSA 2004, volume 2964 ofLNCS, pages 222–235. Springer, Berlin, Heidelberg, February

    2004

  14. [14]

    SoK: Deep learning-based physical side-channel analysis

    [PPM+21] Stjepan Picek, Guilherme Perin, Luca Mariot, Lichao Wu, and Lejla Batina. SoK: Deep learning-based physical side-channel analysis. Cryptology ePrint Archive, Report 2021/1092,

    2021

  15. [15]

    Probe- Nav - fast, precise and repeatable positioning of electromagnetic probes for local side-channel attacks

    [PWGS25] Matthias Probst, Alexander Wiesent, Michael Gruber, and Georg Sigl. Probe- Nav - fast, precise and repeatable positioning of electromagnetic probes for local side-channel attacks. Cryptology ePrint Archive, Paper 2025/854,

    2025

  16. [16]

    https://www.keysight

    [Ris] DS1203A high precision electromagnetic probe. https://www.keysight. com/us/en/product/DS1203A/high-precision-electromagnetic-probe. html. Accessed: 2025-05-13. [RWM19] Bastian Richter, Alexander Wild, and Amir Moradi. Automated probe repositioning for on-die EM measurements. Cryptology ePrint Archive, Report 2019/923,

    2025

  17. [17]

    A unified framework for the analysis of side-channel key recovery attacks

    [SMY09] François-Xavier Standaert, Tal Malkin, and Moti Yung. A unified framework for the analysis of side-channel key recovery attacks. In Antoine Joux, editor, EUROCRYPT 2009, volume 5479 ofLNCS, pages 443–461. Springer, Berlin, Heidelberg, April

    2009

  18. [18]

    Sys- tematic literature review of em-sca attacks on encryption.arXiv preprint arXiv:2402.10030, 2024

    20 Profiling Resilient to Change in Probe Position [ZSS24] Muhammad Rusyaidi Zunaidi, Asanka Sayakkara, and Mark Scanlon. Sys- tematic literature review of em-sca attacks on encryption.arXiv preprint arXiv:2402.10030, 2024

    work page arXiv 2024