针对轻量化掩码方案的功耗分析方法

Power Analysis on Lightweight Mask Scheme

掩码防护是侧信道分析中被公认最安全的防护方法之一,面向密码芯片应用,轻量化掩码防护成为其发展趋势.本文在RSM掩码方案分析的基础上,扩展出掩码字节汉明重量相同的RSM-Like方案.本文分别对RSM和RSM-Like掩码方案提出多种功耗分析方法,包括profiled和non-profiled两类.我们针对RSM-Like类轻量化掩码防护方案提出一种MCPA功耗分析方法.MCPA分析方法基于对曲线进行聚类分析的原理,仅需已知掩码字节取值种类,即可有效对RSM-Like防护方法发起有效攻击.本文以DPA CONTEST V4竞赛提供的实测数据,对MCPA分析方法进行验证,掩码字节的分类成功率可接近100%.MCPA分析方法可作为轻量化掩码防护方案下的一种通用分析与测试方法,为轻量化掩码防护方案设计提供借鉴和参考.

Mask schemes are generally accepted as countermeasure methods in side channel analysis. Lightweight countermeasures became the development tendency facing the application of cryptographic chips. This paper extends the RSM scheme to the RSM-Like scheme that the mask bytes have the same Hamming weight. We propose several power analysis methods against the RSM and RSM-Like schemes, and we propose a power analysis method MCPA. Based on the principle of clustering the traces, MCPA only requires the cluster number of the mask bytes to break RSM-Like scheme successfully. This paper validates MCPA on the reference traces of DPA contest V4, and the clustering successful rate can reach nearly 100%. The MCPA could be regarded as a general analysis on the lightweight mask scheme and should be considered by the lightweight mask scheme designers.