针对SM4选择明文能量分析的选择明文算法

Chosen-plaintext Algorithm for Chosen-plaintext Power Analysis Against SM4

本文提出了针对SM4选择明文能量分析的选择明文算法.选择明文时,先选择轮输入中部分字节为随机数.通过约束条件,再计算轮输入的剩余字节.最后根据SM4密码算法的轮函数,反推出对应的明文.该明文即是满足针对SM4选择明文能量分析所述约束条件的明文.该选择明文算法的时间复杂度为常数阶,不需要穷举搜索明文.相比通过穷举明文的方式,该算法降低了时间复杂度,解决了数据搜索空间的问题,提高了明文的选择效率.本文提出的算法解决了Wang Min于2015年提出的针对SM4的选择明文能量分析的问题之一,即如何高效率的选择满足约束条件的明文,从而提高分析效率.目前国内外尚未有公开发表的文献,所以实际分析时,实施者可以通过穷举明文且满足约束条件的方式来获取合适的明文,采集能量曲线,实施针对SM4的选择明文能量分析,但这种选择明文方式存在数据搜索空间大、时间复杂度大等问题,导致该方法实际分析时不可行.应用本文提出的算法,通过对SM4选择明文能量分析实验进行了验证,实验验证了本方法是行之有效的.

In this paper, a chosen-plaintext algorithm for the chosen-plaintext power analysis against SM4 is proposed. When plaintext is chosen, set some bytes of the round inputs as random numbers,and then compute the remaining round inputs through constraints. Based on the round function of the SM4 cipher algorithm, the corresponding plaintext can be inversely derived. As time complexity turns to constant order, the algorithm solves the problem of traversal difficulty and improves the efficiency of chosen-plaintext. The proposed algorithm solves one of the problems in Wang Ming＇s a chosenplaintext power analysis against SM4 proposed in 2015, i.e., it gives a way as how to efficiently choose plaintext with some constraints, so as to improve the efficiency of the analysis. So far no related publications on this topic can be found in public literatures. In an actual attack, an attacker can obtain an appropriate plaintext through exhaustively searching plaintexts satisfying the constraints,gathering power traces, and then implementing chosen-plaintext power analysis against SM4. However the drawbacks of such cryptanalysis include traversal difficulty, time complexity and so on, making it to be less practical. Applying the algorithm proposed in this paper, the experiment of SM4 by chosen-plaintext power analysis is verified. The experiment shows that the method is effective.