摘要
SM2算法是中国商用椭圆曲线公钥密码标准算法。SM2算法实现过程中如不加防护措施,攻击者利用简单功耗分析(simple power analysis,SPA)即可破解私钥。为有效防御SPA攻击,提高算法性能,以安全芯片为基础,针对椭圆曲线标量乘运算采用优化的原子防护方法,软硬件实现了SM2算法。同时搭建安全评估环境,进行安全分析实验。结果表明,原子块内功耗波形变化规律基本一致,但原子块间局部功耗波形随着标量乘系数比特值不同而存在明显差异,从而导致私钥泄露,成为信息安全隐患。针对泄露位置进行原因分析,提出了改进的实现策略。实验结果表明所提出的策略可有效抵御SPA攻击。
SM2 algorithm is the standard algorithm for commercial elliptic curve public key cryptography in China.If the SM2 algorithm implemented without countermeasure,it will be easy to obtain the private key by using the simple power analysis(SPA).In order to effectively resist the SPA attack and improve the algorithm performance,the optimized atomicity countermeasure for the elliptic curve scalar multiplication operation was used to implement the SM2 algorithm by hardware and software based on the security chip.Meanwhile,the security assessment environment was built to carry out the security analysis experiment.The results show that the rule of the power wave changing is almost the same within the atomic block,but the partial power waves between the two atomic blocks are obviously different with different bits of the scalar multiplication coefficient.This difference leads to the leakage of the private key,and becomes a hidden risk for the information security.The cause of the leak location was analyzed,and an improved implementation strategy was proposed.The experimental results show that the strategy proposed can effectively resist SPA attacks.
作者
刘辉志
胡毅
甘杰
涂因子
王喆
成嵩
姜明刚
LIU Hui-zhi;HU Yi;GAN Jie;TU Yin-zi;WANG Zhe;CHENG Song;JIANG Ming-gang(Beijing Smart Chip Micro Electronics Technology Company Limited, Beijing 100027, China)
出处
《科学技术与工程》
北大核心
2021年第29期12623-12630,共8页
Science Technology and Engineering
基金
国家密码发展基金密码理论研究课题(546816190012)。
