To address the challenges of localizing side-channel leakage sources and achieving interpretable attribution in hardware cryptographic implementations, this paper proposes the first adversarial game-based framework for timing-leakage attribution. Our method introduces a budget-constrained noise masking mechanism and jointly optimizes multiple classifiers to enable fine-grained, interpretable identification of key-dependent leakage points—overcoming limitations of prior approaches that only support global attacks or black-box attribution. The framework integrates conditional distribution estimation, adversarial training, and deep neural networks (implemented in PyTorch). Evaluated on six public power and electromagnetic side-channel datasets covering AES, ECC, and RSA implementations, it consistently outperforms eight baseline methods across three comprehensive metrics. The source code is publicly released to ensure full reproducibility.

While cryptographic algorithms such as the ubiquitous Advanced Encryption Standard (AES) are secure, *physical implementations* of these algorithms in hardware inevitably 'leak' sensitive data such as cryptographic keys. A particularly insidious form of leakage arises from the fact that hardware consumes power and emits radiation in a manner that is statistically associated with the data it processes and the instructions it executes. Supervised deep learning has emerged as a state-of-the-art tool for carrying out *side-channel attacks*, which exploit this leakage by learning to map power/radiation measurements throughout encryption to the sensitive data operated on during that encryption. In this work we develop a principled deep learning framework for determining the relative leakage due to measurements recorded at different points in time, in order to inform *defense* against such attacks. This information is invaluable to cryptographic hardware designers for understanding *why* their hardware leaks and how they can mitigate it (e.g. by indicating the particular sections of code or electronic components which are responsible). Our framework is based on an adversarial game between a family of classifiers trained to estimate the conditional distributions of sensitive data given subsets of measurements, and a budget-constrained noise distribution which probabilistically erases individual measurements to maximize the loss of these classifiers. We demonstrate our method's efficacy and ability to overcome limitations of prior work through extensive experimental comparison with 8 baseline methods using 3 evaluation metrics and 6 publicly-available power/EM trace datasets from AES, ECC and RSA implementations. We provide an open-source PyTorch implementation of these experiments.