Soft-analytical side-channel attacks (SASCA) on AES suffer from lack of convergence guarantees and unreliable posterior inference quality. Method: This paper introduces ExSASCA, the first SASCA inference framework that jointly achieves efficiency and precision by integrating knowledge compilation with tractable probabilistic circuits—specifically Sentential Decision Diagrams (SDD) and Probabilistic SDDs (PSDD)—and combining them with sparse belief propagation and exact compiled probabilistic inference. Contribution/Results: ExSASCA enables precise posterior key inference for AES, overcoming theoretical limitations of conventional approximate inference methods. Experimental evaluation demonstrates a 31-percentage-point absolute improvement in top-1 key recovery success rate over SASCA, with computational overhead only marginally higher than SASCA and approximately three orders of magnitude faster than exhaustive search. These results significantly enhance both the reliability and practical applicability of side-channel analysis.

Detecting weaknesses in cryptographic algorithms is of utmost importance for designing secure information systems. The state-of-the-art soft analytical side-channel attack (SASCA) uses physical leakage information to make probabilistic predictions about intermediate computations and combines these"guesses"with the known algorithmic logic to compute the posterior distribution over the key. This attack is commonly performed via loopy belief propagation, which, however, lacks guarantees in terms of convergence and inference quality. In this paper, we develop a fast and exact inference method for SASCA, denoted as ExSASCA, by leveraging knowledge compilation and tractable probabilistic circuits. When attacking the Advanced Encryption Standard (AES), the most widely used encryption algorithm to date, ExSASCA outperforms SASCA by more than 31% top-1 success rate absolute. By leveraging sparse belief messages, this performance is achieved with little more computational cost than SASCA, and about 3 orders of magnitude less than exact inference via exhaustive enumeration. Even with dense belief messages, ExSASCA still uses 6 times less computations than exhaustive inference.