摘要
侧信道分析是一种利用密码设备在加密过程中产生的侧信息来恢复密钥的攻击手段。文章针对SAKURA-G开发板中AES算法硬件实现展开侧信道分析方面的研究。首先指出了基于汉明距离模型的相关能量分析方案的局限性,即在AES算法实现代码未知的情况下,攻击实验无法有效进行。由此,文章提出了一种基于按位差分能量分析的选择明文能量攻击方案,可以在加密算法实现代码未知的情况下有效地进行能量分析,并成功恢复AES算法的密钥。最后展示了与已有选择明文相关能量分析思想的对比实验。对比实验证明,相比已有的选择明文相关能量分析方案,文章提出的按位差分选择明文能量分析方法所需要的密钥猜测空间更小,相应的干扰选项更少且效率更高。
Side-channel analysis is a known kind of attack that attempts to recover the key of the encryption module of a device by adopting some side-channel information.This paper studies the AES implementation on the SAKURA-G development board.First,we exploited the limitations of the traditional power analysis attacks based on Hamming distance model.The traditional methods are extremely difficult to be effectively mounted on a device if the details of the AES module are unknown to the attacker.For this reason,we proposed the bitwise chosen plaintext power analysis with the feature of chosen plaintexts.Our method can effectively recover the key even if we do not know the initial state of the memory,which is the prerequisite of the existing methods based on Hamming distance model.In the end,the contrast experiment for existing chosen plaintext power analysis was conducted.The contrast experiment shows that compared with the existing chosen plaintext power analysis,the bitwise chosen plaintext power analysis proposed in this paper which requires a smaller key guessing space and less corresponding interference options is more efficient.
作者
张冰
王安
祝烈煌
徐日新
贾旭
Zhang Bing;Wang An;Zhu Liehuang;Xu Rixin;Jia Xu(School of Computer Science & Technology,Beijing Institute of Technology,Beijing 100081;State Key Laboratory of Information Security,Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093;Beijing Municipal Bureau of Cryptography Administration,Beijing 100743)
出处
《网络空间安全》
2019年第3期93-98,共6页
Cyberspace Security
基金
国家自然科学基金项目(项目编号:61872040、U1836101)
“十三五”国家密码发展基金密码理论课题(项目编号:MMJJ20170201)
信息保障技术重点实验室开放基金项目(项目编号:KJ-17-009)
