Please wait a minute...
 首页  期刊介绍 期刊订阅 联系我们 横山亮次奖 百年刊庆
 
最新录用  |  预出版  |  当期目录  |  过刊浏览  |  阅读排行  |  下载排行  |  引用排行  |  横山亮次奖  |  百年刊庆
清华大学学报(自然科学版)  2017, Vol. 57 Issue (11): 1134-1138    DOI: 10.16511/j.cnki.qhdxxb.2017.26.056
  计算机科学与技术 本期目录 | 过刊浏览 | 高级检索 |
改进的SM4算法的选择明文DPA攻击
陈佳哲, 李贺鑫, 王蓓蓓
中国信息安全测评中心, 北京 100085
Improved chosen-plaintext DPA on block cipher SM4
CHEN Jiazhe, LI Hexin, WANG Beibei
China Information Technology Security Evaluation Center, Beijing 100085, China
全文: PDF(1969 KB)  
输出: BibTeX | EndNote (RIS)      
摘要 侧信道攻击,特别是差分功耗分析(differential power analysis,DPA)是对芯片中运行的分组密码算法进行安全性分析的主要手段之一。该文主要研究针对硬件实现的SM4算法的DPA攻击。合理地对明文进行选择,可以使SM4线性变换层有变化的输入比特尽可能少地影响输出比特,从而对硬件实现的SM4算法进行有效的侧信道攻击。通过分析线性变换层的比特关系,该文发现了选择明文模型下8个比特依赖关系。在此基础上,将这些比特依赖关系结合已有的比特关系,建立分析模型、更充分地利用轮输出的比特信息,对现有的SM4选择明文DPA攻击进行了改进。实验结果表明:该方法能有效提高SM4算法选择明文DPA攻击的成功率。
服务
把本文推荐给朋友
加入引用管理器
E-mail Alert
RSS
作者相关文章
陈佳哲
李贺鑫
王蓓蓓
关键词 分组密码算法侧信道分析SM4算法选择明文差分功耗分析(DPA)    
Abstract:Since differential power analysis (DPA) is one of most important side-channel attacks on block ciphers implemented in chips, this paper revisits the DPA attack on hardware-implemented SM4. Reasonably choosing the plaintexts minimizes the affection of the variable input bits on the output bits, of the linear transformation of SM4, which leads to effective side-channel attacks on SM4. This paper deduces 8 bit-relationship in the chosen-plaintext setting by going into the linear transformation of SM4. Incorporating the bit-relationship with the known ones, this paper improves the previous chosen-plaintext DPA attacks on SM4, by proposing an analyzing module that makes better use of the side-channel information of the round-output bits. Experimental results show that the proposed manner improves the success rate of the chosen-plaintext DPA attacks on SM4.
Key wordsBlock ciphers    side-channel analysis    SM4 cipher    chosen-plaintext    differential power analysis(DPA)
收稿日期: 2016-12-14      出版日期: 2017-11-15
ZTFLH:  TN918.2  
引用本文:   
陈佳哲, 李贺鑫, 王蓓蓓. 改进的SM4算法的选择明文DPA攻击[J]. 清华大学学报(自然科学版), 2017, 57(11): 1134-1138.
CHEN Jiazhe, LI Hexin, WANG Beibei. Improved chosen-plaintext DPA on block cipher SM4. Journal of Tsinghua University(Science and Technology), 2017, 57(11): 1134-1138.
链接本文:  
http://jst.tsinghuajournals.com/CN/10.16511/j.cnki.qhdxxb.2017.26.056  或          http://jst.tsinghuajournals.com/CN/Y2017/V57/I11/1134
  图1 SM4算法的轮函数
  图2 InsightUSB Monitor设备
  图3 采集的SM4功耗曲线
  图4 模型对单个S盒的成功率实验结果
[1] Kocher P, Jaffe J, Jun B. Differential power analysis[C]//Proc CRYPTO' 99. Berlin Heidelberg:Springer-Verlag, 1999:388-397.
[2] Brier E, Clavier C, Olivier F. Correlation power analysis with a leakage model[C]//Proc CHES 2004. Berlin Heidelberg:Springer-Verlag, 2004:16-29.
[3] Mangard S, Oswald E, Popp T. Power Analysis Attacks:Revealing the Secrets of Smart Cards[M]. New York:Springer, 2007.
[4] 国家商用密码管理办公室. 无线局域网产品使用的SMS4密码算法[Z/OL].[2016-05-03]. http://www.oscca.gov.cn/UpFile/200621016423197990.pdf. Office of State Commercial Cryptography Administration. Specification of SMS4, block cipher for WLAN products-SMS4[Z/OL].[2016-05-03]. http://www.oscca.gov.cn/UpFile/200621016423197990.pdf. (in Chinese)
[5] Mangard S, Pramstaller N, Oswald E. Successfully attacking masked AES hardware implementations[C]//Proc CHES 2005. Berlin Heidelberg:Springer-Verlag, 2005:157-171.
[6] Wang S T, Gu D W, Liu J R, et al. A power analysis on SMS4 using the chosen plaintext method[C]//Proc CIS 2013. New York:IEEE, 2013:748-752.
[7] Shan W J, Wang L H, Li Q, et al. A chosen-plaintext method of CPA on SM4 block cipher[C]//Proc CIS 2014. New York:IEEE, 2014:363-366.
[8] 王敏, 杜之波, 吴震, 等. 针对SMS4轮输出的选择明文能量分析攻击[J]. 通信学报, 2015, 36(1):142-148.WANG Min, DU Zhibo, WU Zhen, et al. Chosen-plaintext power analysis attack against SMS4 with the round-output as the intermediate data[J]. Journal on Communications, 2015, 36(1):142-148. (in Chinese)
[9] 杜之波, 吴震, 王敏, 等. 针对SM4轮输出的改进型选择明文功耗分析攻击[J]. 通信学报, 2015, 36(10):85-91.DU Zhibo, WU Zhen, WANG Min, et al. Improved chosen-plaintext power analysis attack against SM4 at the round-output[J]. Journal on Communications, 2015, 36(10):85-91. (in Chinese)
[10] Gierlichs B, Batina L, Tuyls P, et al. Mutual information analysis:A generic side-channel distinguisher[C]//Proc CHES 2008. Berlin Heidelberg:Springer-Verlag, 2008:426-442.
[11] Mangard S, Oswald E, Standaert F X. One for all-all for one:Unifying standard differential power analysis attacks[J]. IET Information Security, 2011, 5(2):100-110.
[12] Goodwill G, Jun B, Jaffe J, et al. A testing methodology for side channel resistance validation[Z/OL].[2016-05-03]. http://csrc.nist.gov/news_events/non-invasive-attack-testing-workshop/papers/08_Goodwill.pdf
No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
版权所有 © 《清华大学学报(自然科学版)》编辑部
本系统由北京玛格泰克科技发展有限公司设计开发 技术支持:support@magtech.com.cn