针对NTRU公钥密码算法的计时分析研究

Research on timing analysis of NTRU algorithm

下载PDF

导出

摘要针对密码算法的执行时间可能存在遭受旁路攻击的问题,以NTRU公钥密码算法为分析对象,分析算法在计时攻击存在的安全漏洞,主要是算法实现过程中对于不同的输入调用哈希函数的次数不同导致的时间差异,提出针对一般NTRU算法的计时攻击算法,以形式为f=1+2F的密钥为分析对象,提出相应的攻击算法和密钥验证算法。分析结果表明,该攻击算法能够获取密钥F的部分信息,给出两种抵御计时攻击的措施。 Aiming at the problem that the executing timing of the cryptogram can be attacked by the side channel, focusing on NTRU cryptosystems, the security vulnerability of NTRU in timing attack was analyzed, because the times required of a hash call were nontrivial for different inputs, a timing attack algorithm based on variable number of hash calls was proposed. Further- more, analyzing the key of f= 1 ＋ 2F, the corresponding timing attack algorithm and key validating algorithm were proposed. The analysis results show that this attack algorithm can get partial information of the key F, two countermeasures for this attack are advanced.

作者陈财森蔡红柳陈平邓柳于勤于茜

机构地区装甲兵工程学院科研部装甲兵工程学院信息工程系装甲兵工程学院基础部

出处《计算机工程与设计》北大核心 2015年第12期3173-3177,共5页 Computer Engineering and Design

基金国家自然科学基金项目(61402528)

关键词 NTRU公钥密码算法旁路攻击计时分析安全漏洞哈希函数调用 NTRU algorithm side channel attack timing analysis security vulnerability hash function call

分类号 TP393.08 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献10

1Hermans J, Vercauteren F, Preneel B. Speed records for NT- RU [M]. Berlin: Springer Berlin Heidelberg, 2010: 73-88.
2Li J, Pan Y, Liu M, et al. An efficient broadcast attack against NTRU [C] //Proceedings of the 7th ACM Symposium on In{on'nation, Computer and Communications Security, 2012: 22-23.
3Venkateswarlu S, Teja G S, Deepa G M, et al. Breaking cryptosystem's through cache based timing side channel attack[J]. International Journal of Dvanced Research in Computer Science and Software Engineering, 2013, 3 (5): 82-86.
4Chen C S, Wang T, Tian J J. Improving timing attack on RSA-CRT via error detection and correction strategy [J]. In-formation Sciences, 2013, 232: 464-474.
5Chen C S, Wang T, Kou Y Z, et al. Improvement of trace- driven I-cache timing attack on the RSA algorithm [J]. Journal of Systems and Software, 2013, 86 (1): 100-107.
6Kamal A A, Youssef A M. A scan-based side channel attack on the NTRU encrypt cryptosystem [C] //Seventh Interna- tional Conference on Toulouse: Reliability and Security. IEEE, 2012: 402-409.
7Zheng X, Wang A, Wei W. Firs:order collision attack on protected NTRU cryptosystem [J]. Microprocessors and Mic- rosystems,2013, 37 (6): 601-609.
8Lei X, Liao X. NTRU-KE: A lattice-based public key ex- change protocol [J]. IACR Cryptology ePrint Archive, 2013: 718.
9Demme J, Martin R, Waksman A, et al. Side-channel vulne- rability factor: A metric for measuring information leakage [J]. ACM SIGARCH Computer Architecture News, 2012, 40 (3) : 106-117.
10陈财森,王韬,郭世泽,周平.RSA踪迹驱动指令Cache计时攻击研究[J].软件学报,2013,24(7):1683-1694. 被引量：3

二级参考文献15

1Kocher PC. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Proc. of the CRYPTO'96. LNCS 1109, Berlin: Springer-Verlag, 1996. 104-113. [doi: 10.1007/3-540-68697-5_9].
2Aciicmez O, Gueron S, Seifert JP. Micro-Architectural cryptanalysis. IEEE Security and Privacy, 2007,5(4):62-64. [doi: 10.1109/ MSP.2007.91 ].
3Aciicmez O. Yet another micro-architectural attack: Exploiting 1-cache. In: Proc. of the ACM Workshop on Computer Security Architecture. New York: ACM Press, 2007. 11-18. [doi: 10.1145/1314466.1314469].
4Percival C. Cache missing for fun and profit. In: Proc. of the Technical BSD Conf. 2005. Ottawa, 2005. 1-13. http://www. daemonology.net/papers/htt.pdf.
5Aciicmez O, Schindler W. A major vulnerability in RSA implementations due to micro-architectural analysis threat. In: Tal M, ed. Proc. of the 14th ACM Conf. on Computer and Communications Security (ACM CCS 2007). New York: ACM Press, 2008. 256-273.
6Actiicmez O, Schindler W. A vulnerability in RSA implementations due to instruction cache analysis and its demonstration on OpenSSL. In: Proc. of the Topics in Cryptology (CT-RSA 2008). LNCS 4964, Berlin: Springer-Verlag, 2008. 256-273. [doi: 10. 1007/978-3-540-79263-5 16].
7Aciicmez O, Koc. CK, Seifert JP. On the power of simple branch prediction analysis. In: Proc. of the 2nd ACM Symp. on Information, Computer and Communications Security (ASIACCS 2007). New York: ACM Press, 2007. 312-320. Idol: 10.1145/ 1229285.1266999].
8Aciicmez O, Koc CK, Seifert JP. Predicting secret keys via branch prediction. In: Proc. of the Topics in Cryptology (CT-RSA 2007). LNCS 4377, Berlin: Springer-Verlag, 2007.225-242. [doi: 10.1007/11967668_15].
9Aciicmez O, Brumley BB, Grabher P. New results on instruction cache attacks. In: Proc. of the Cryptographic Hardware and Embedded Systems (CHES 2010). LNCS 6225, Berlin: Springer-Ver|ag, 2010. 110-124. [doi: 10.1007/978-3-642-15031-9_8].
10Tiri K, Aciicmez O, Neve M, Andersen F. An analytical model for time-driven cache attacks. In: Alex B, ed. Proc. of the Fast Software Encryption (FSE 2007). LNCS 4593, Berlin: Springer-Verlag, 2007.399-413. [doi: 10.1007/978-3-540-74619-5_25].

共引文献2

1梁鑫,桂小林,戴慧珺,张晨.云环境中跨虚拟机的Cache侧信道攻击技术研究[J].计算机学报,2017,40(2):317-336. 被引量：16
2周平,王韬,张帆,赵新杰.SM2签名算法flush-reload cache计时攻击[J].华中科技大学学报（自然科学版）,2018,46(3):24-29. 被引量：3

1周平,寇应展,刘会英.针对DSA滑动窗口算法实现的指令Cache计时攻击[J].军械工程学院学报,2013,25(2):56-60.
2钟楼,张尧弼.基于RSA的计时攻击及其防范[J].微型电脑应用,2005,21(5):54-55.
3王寅龙,赵强,林克成,李志祥,王希武,邓高明.面向计时攻击的形式化分析[J].计算机科学,2011,38(10):100-102. 被引量：1
4杨玺.计时攻击及其防范[J].通信技术,2008,41(7):185-188. 被引量：5
5田军舰,田颖,寇应展,陈财森,孔德金.一种针对OpenSSL中RSA的计时攻击改进算法[J].军械工程学院学报,2011,23(2):62-64. 被引量：1
6张建斌,卢丹,陆剑.应用于无线传感器网络的LDPC码研究[J].微电子学与计算机,2012,29(10):108-112. 被引量：1
7田军舰,寇应展,陈财森.RSA公钥密码计时攻击研究及仿真[J].计算机技术与发展,2010,20(8):150-153. 被引量：4
8贾徽徽,王潮,顾健,宋好好,唐迪.ECC计时攻击研究与仿真[J].网络与信息安全学报,2016,2(4):56-63. 被引量：1
9钟楼,张尧弼.并行窗口算法在防御RSA计时攻击中的研究[J].计算机工程与应用,2006,42(12):145-147. 被引量：2
10刘红文,曾敏.基于微粒群算法的服务网格任务优化调度问题的研究[J].计算机与现代化,2010(12):8-11.

计算机工程与设计

2015年第12期

浏览历史

内容加载中请稍等...

针对NTRU公钥密码算法的计时分析研究

参考文献10

二级参考文献15

共引文献2

相关作者

相关机构

相关主题

浏览历史