| COMPUTER SCIENCE AND TECHNOLOGY |
|
|
|
|
|
Improved chosen-plaintext DPA on block cipher SM4 |
| CHEN Jiazhe, LI Hexin, WANG Beibei |
| China Information Technology Security Evaluation Center, Beijing 100085, China |
|
|
|
|
Abstract Since differential power analysis (DPA) is one of most important side-channel attacks on block ciphers implemented in chips, this paper revisits the DPA attack on hardware-implemented SM4. Reasonably choosing the plaintexts minimizes the affection of the variable input bits on the output bits, of the linear transformation of SM4, which leads to effective side-channel attacks on SM4. This paper deduces 8 bit-relationship in the chosen-plaintext setting by going into the linear transformation of SM4. Incorporating the bit-relationship with the known ones, this paper improves the previous chosen-plaintext DPA attacks on SM4, by proposing an analyzing module that makes better use of the side-channel information of the round-output bits. Experimental results show that the proposed manner improves the success rate of the chosen-plaintext DPA attacks on SM4.
|
| Keywords
Block ciphers
side-channel analysis
SM4 cipher
chosen-plaintext
differential power analysis(DPA)
|
|
|
|
Issue Date: 15 November 2017
|
|
|
| [1] |
Kocher P, Jaffe J, Jun B. Differential power analysis[C]//Proc CRYPTO' 99. Berlin Heidelberg:Springer-Verlag, 1999:388-397.
|
| [2] |
Brier E, Clavier C, Olivier F. Correlation power analysis with a leakage model[C]//Proc CHES 2004. Berlin Heidelberg:Springer-Verlag, 2004:16-29.
|
| [3] |
Mangard S, Oswald E, Popp T. Power Analysis Attacks:Revealing the Secrets of Smart Cards[M]. New York:Springer, 2007.
|
| [4] |
国家商用密码管理办公室. 无线局域网产品使用的SMS4密码算法[Z/OL].[2016-05-03]. http://www.oscca.gov.cn/UpFile/200621016423197990.pdf. Office of State Commercial Cryptography Administration. Specification of SMS4, block cipher for WLAN products-SMS4[Z/OL].[2016-05-03]. http://www.oscca.gov.cn/UpFile/200621016423197990.pdf. (in Chinese)
url: http://www.oscca.gov.cn/upfile/200621016423197990.pdf. office of state commercial cryptography administration. specification of sms4, block cipher for wlan products-sms4[z/ol].[2016-05-03]. http://www.oscca.gov.cn/upfile/200621016423197990.pdf. (in chinese)
|
| [5] |
Mangard S, Pramstaller N, Oswald E. Successfully attacking masked AES hardware implementations[C]//Proc CHES 2005. Berlin Heidelberg:Springer-Verlag, 2005:157-171.
|
| [6] |
Wang S T, Gu D W, Liu J R, et al. A power analysis on SMS4 using the chosen plaintext method[C]//Proc CIS 2013. New York:IEEE, 2013:748-752.
|
| [7] |
Shan W J, Wang L H, Li Q, et al. A chosen-plaintext method of CPA on SM4 block cipher[C]//Proc CIS 2014. New York:IEEE, 2014:363-366.
|
| [8] |
王敏, 杜之波, 吴震, 等. 针对SMS4轮输出的选择明文能量分析攻击[J]. 通信学报, 2015, 36(1):142-148.WANG Min, DU Zhibo, WU Zhen, et al. Chosen-plaintext power analysis attack against SMS4 with the round-output as the intermediate data[J]. Journal on Communications, 2015, 36(1):142-148. (in Chinese)
|
| [9] |
杜之波, 吴震, 王敏, 等. 针对SM4轮输出的改进型选择明文功耗分析攻击[J]. 通信学报, 2015, 36(10):85-91.DU Zhibo, WU Zhen, WANG Min, et al. Improved chosen-plaintext power analysis attack against SM4 at the round-output[J]. Journal on Communications, 2015, 36(10):85-91. (in Chinese)
|
| [10] |
Gierlichs B, Batina L, Tuyls P, et al. Mutual information analysis:A generic side-channel distinguisher[C]//Proc CHES 2008. Berlin Heidelberg:Springer-Verlag, 2008:426-442.
|
| [11] |
Mangard S, Oswald E, Standaert F X. One for all-all for one:Unifying standard differential power analysis attacks[J]. IET Information Security, 2011, 5(2):100-110.
|
| [12] |
Goodwill G, Jun B, Jaffe J, et al. A testing methodology for side channel resistance validation[Z/OL].[2016-05-03]. http://csrc.nist.gov/news_events/non-invasive-attack-testing-workshop/papers/08_Goodwill.pdf
url: http://csrc.nist.gov/news_events/non-invasive-attack-testing-workshop/papers/08_goodwill.pdf
|
|
Viewed |
|
|
|
Full text
|
|
|
|
|
Abstract
|
|
|
|
|
Cited |
|
|
|
|
| |
Shared |
|
|
|
|
| |
Discussed |
|
|
|
|
2017,
Vol. 57
