针对IDEA算法实现方式的时间攻击

Timing Attack on Implementations of IDEA

导出

摘要传统上认为,密码系统的安全性主要依赖于系统使用的密码算法的安全性,对系统的攻击是基于敌手只能通过系统的输入输出信道获取信息的假设。实际上,密码系统的旁路信息(如时间信息等)也可以被利用来实现攻击。时间攻击就是这一类攻击方法,它通过分析密码系统的运算环节在执行加密过程中的时间信息来恢复密钥。针对IDEA密码算法的实现特点提出一种时间攻击方法,从理论上分析该方法的有效性,并给出抵抗这种攻击的对策。 It is generally believed that the security of cryptosystem mainly relies on the security of cryptographic algorithm used by the system. Attacks on cryptosystem are under the hypothesis that the adversary could only obtain information from I/O channel. However, in practice, the side-channel information（such as execution time etc.） could also be used to achieve attacks. Timing attack belongs to this kind. Timing Attack, through analyzing the information of execution time in the operations of cryptosystem, tries to recover the secret key. This paper proposes a timing-attack method against the implementations of IDEA and theoretically verifies the efficiency of the proposed method. Finally, it provides some countermeasures in resistance of such attack.

作者赵征洋张道法王波

机构地区中国科学院研究生院北京市

出处《通信技术》 2010年第2期143-145,共3页 Communications Technology

关键词时间攻击 IDEA算法密码分析 timing attack IDEA algorithm cryptanalysis

分类号 TP309 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献9

1Biham E, Shamir A. Differential Cryptanalysis of the Data Encryption Standard[M]. London, UK: Springer-Verlag, 1993.
2Matsui M. Linear Cryptanalysis Method for DES Cipher[C]// Advances in Cryptelogy-EUROCRYPT. Berlin: Springer-Verlag, 1993:386-397.
3Hagai Bar-E1. Introduction to Side Channel Attacks, Whitepaper. [EB/OL].Israe1:Discretix. com(2003). [2009-09-12].http://www. discretix. com/PDF/Introduction_to_Side_Channel_Attacks. pdf.
4Paul C K. Timing Attacks on Implementations of Die-Hellman, RSA, DSS, and Other Systems [C]//Advanees in Cryptology- CRYPTO' 96. London: SpringerVerlag, 1996:104-113.
5Boneh D, Brumley D. Remote Timing Attacks Are Practical[C]// Proceedings of the 12th conference on USENIX Security Symposium, Washington DC. USA: USENIX, 2003:1-14.
6Bernstein D J. Cache-timing Attacks on AES[EB/OL].USA: citeseerx, com(2005-04-14), [2009-09-12].http://cr. yp. to/ant iforgery/cachetiming-20050414, pdf.
7Xuejia Lai, Massey J L. A Proposal for A New Block Encryption Standard[C]//Advances in Cryptology--EUROCRYPT ' 90. Berlin: Springer-Verlag, 1991: 389-404.
8Coron J S, Goubin L. On Boolean and Arithmetic Masking against Differential Power hnalysis[C]//CHES 2000. Berlin: Springer- Verlag, 2000:1~14.
9杨玺.计时攻击及其防范[J].通信技术,2008,41(7):185-188. 被引量：5

二级参考文献14

1钟楼,张尧弼.并行窗口算法在防御RSA计时攻击中的研究[J].计算机工程与应用,2006,42(12):145-147. 被引量：2
2晏楠,谷大武,丁宁.RSA体制下使用随机算法防御时间攻击的方法[J].计算机工程,2006,32(11):174-176. 被引量：2
3Aciicmez O, Schindler W, Koc C K. Improving Brumley and Boneh Timing Attack on Unprotected SSL Implementations[C]. 12th ACM conference on Computer and communications security, Alexandria, USA, 2005. New York: ACM, 2005: 139-146.
4Brumley D, Boneh D. Remote Timing Attacks are PracticalIC]. 12th USENIX Security Symposium, Washington, USA, 2003. Berkeley: USENIX Association Press, 2003: 1-14.
5Chaum D. Blind signatures for untraceable payments[C]. Crypto 1982, Santa Barbara, USA, 1982; New York: Plenum Press, 1983: 199-203.
6Ferguson N, Schneier B. Practical Cryptography[M]. 1st edition, New York: John Wiley & Sons, 2003.
7Handschuh H, Heys H. A timing attack on RC5[C]. 5th Annual Workshop on Selected Areas in Cryptography, Kingston, Canada, 1998; Berlin: Springer, 1999: 306-318.
8Kelsey J, Schneier B, Wagner D, et al. Side Channel Cryptanalysis of Product Ciphers[C]. 5th European Symposium on Research in Computer Security, Louvain-la-Neuve, Belgium; Berlin: Springer 1998: 97-110.
9Koc C K. Analysis of Sliding Window Techniques for Exponentiation[J]. Computers and Mathematics with Applications, 1995, 30(10): 17-24.
10Kocher P C. Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems[C]. 16th Annual International Cryptology Conference, Santa Barbara, USA, 1996: Berlin: Springer, 1996:104-113.

共引文献4

1田军舰,寇应展,陈财森.RSA公钥密码计时攻击研究及仿真[J].计算机技术与发展,2010,20(8):150-153. 被引量：4
2何鹏,贾钊,李敬华.基于侧信息的密码攻击方式研究[J].电信快报（网络与通信）,2011(12):12-14.
3孟迪.基于IEEE802.1x/EAP-TLS认证协议安全性的改进[J].鞍山师范学院学报,2014,16(6):61-66.
4任凯.Ruby on Rails中计时攻击防范研究[J].科技经济导刊,2016(10).

1刘洋.关于侧信道攻击及其对策的一点探讨[J].警察技术,2014(B06):26-28. 被引量：1
2李欣,范明钰.能量分析攻击及其防御策略研究[J].信息安全与通信保密,2005,27(7):105-107. 被引量：1
3吴艳辉,陈建二,王伟平.匿名通信系统中时间攻击模型研究[J].计算机工程与应用,2005,41(23):25-26. 被引量：1
4付凯.椭圆曲线加密的时间攻击[J].石家庄师范专科学校学报,2003,5(3):26-29. 被引量：1
5吴艳辉,郭华.重路由匿名通信系统抗攻击性分析[J].湖南理工学院学报（自然科学版）,2006,19(1):59-61.
6晏楠,谷大武,丁宁.RSA体制下使用随机算法防御时间攻击的方法[J].计算机工程,2006,32(11):174-176. 被引量：2
7赵跃华,赵加,韩牟.一种针对RSA抗侧信道攻击的改进窗口算法[J].计算机工程,2013,39(6):150-153. 被引量：1
8拒绝服务攻击将继续快速增长[J].网络安全和信息化,2017,0(2):6-6.
9王伟.浅析局域网中的ARP病毒及其防御措施[J].科技信息,2010(8):214-214.
10王鹏.基于局域网的ARP病毒的分析与防御[J].中小企业管理与科技,2010(6):212-212.

通信技术

2010年第2期

浏览历史

内容加载中请稍等...

针对IDEA算法实现方式的时间攻击

参考文献9

二级参考文献14

共引文献4

相关作者

相关机构

相关主题

浏览历史