摘要
讨论针对随机伪操作椭圆曲线密码标量乘算法的SPA攻击,理论推导和实测结果均表明,在单样本SPA攻击下,即可在功耗曲线中获取大量的密钥信息;而在针对算法中随机操作漏洞的一种新型多样本SPA攻击—多样本递推逼近攻击下,用极小样本量就可完整破译密钥。当密钥长度为n时,该攻击方法完整破译密钥所需的样本数仅为O(lb n)。
Random pseudo-operations on elliptic curve scalar multiplication algorithm, less secure than it claimed by simple power analysis (SPA) attacks. Even in the single curve SPA, it leaks lots of useful key information. Multiple curve recursive approximation attack (MCRAA), a new multiple curve SPA attack, was proposed to get all of the key information with a small curve set. When the length of the key is n, the size of the set is O(lbn) which was confirmed by experiment.
出处
《通信学报》
EI
CSCD
北大核心
2012年第5期138-142,共5页
Journal on Communications
基金
国家自然科学基金资助项目(60873216)
四川省科技支撑计划基金资助项目(2011GZ0170)~~
关键词
信息安全
边信道攻击
简单功耗分析攻击
随机伪操作
多样本递推逼近攻击
information security
side-channel attack
simple power analysis
random pseudo operation
multiple curve recursive approximation attack