摘要
提出了一种新型的针对SM4算法的约减轮故障攻击,该攻击在加密算法的后4轮中导入故障,诱导缩减加密算法的迭代轮数,经过对故障数据的简单筛选,最终仅需4个错误密文即可恢复出完整的128 bit初始密钥,从而实现了对SM4的故障注入攻击。利用该方法对无防护SM4算法的能量曲线进行了实际故障注入攻击的实验表明,该攻击方法行之有效,并简化了现有针对SM4的差分故障攻击方法,提高了攻击效率。
A novel method of fault attack based on round reduction against SM4 algorithm was proposed. Faults were injected into the last four rounds of the SM4 encryption algorithm, so that the number of the algorithm's rounds can be reduced. In known-ciphertext scenario, four traces are enough to recover the total 128 bit master key by screening these faults easily. The proposed attack is made to an unprotected SM4 smart card. Experiment shows that this attack method is efficient, and which not only simplifies the existing differential fault attack,but also improves the feasibility of the attack.
出处
《通信学报》
EI
CSCD
北大核心
2016年第S1期98-103,共6页
Journal on Communications
基金
"核高基"国家科技大专项基金资助项目(No.2014ZX01032401-001)
国家高技术研究发展计划("863"计划)基金资助项目(No.2012AA01A403)
四川省科技支撑计划基金资助项目(No.2014GZ0148)
四川省教育厅重点科研基金资助项目(No.13ZA0091)
成都信息工程大学科研人才基金资助项目(No.XAKYXM008)~~
关键词
SM4算法
故障注入
约减轮
故障样本筛选
分组密码
SM4 algorithm
fault injection
round reduction
fault sample selection
block cipher
