t检验是统计学中用来检验2个未知方差正态总体均值关系的假设检验方法。当总体的方差不相等, 且样本量也不相等时, Welch t检验是一种比Student's t检验更可靠的方法。该文将借鉴采用t检验对AES的实现进行侧信道信息泄露评估的方法, 用Welch t检验来对3DES算法运行过程中的侧信道信息泄露进行评估, 以衡量其是否可能受到一阶DPA攻击。该文构造了适合于3DES算法的Welch t检验方法, 并对实现方法不同的3个运行3DES算法的设备进行了实验。实验结果表明该文的方法是有效的。
The t-test is a hypothesis test that deals with two Gaussian samples with unknown variances. When the two samples have unequal variances and unequal sample sizes, the Welch t-test is more reliable than the Student's t-test. This paper evaluates the 1st order side-channel information leakage of 3DES with an AES type t-test. Welch t-tests suitable for evaluating 3DES are given with tests on three different devices that show this method is effective.
[1] Kocher P, Jaffe J, Jun B. Differential power analysis[C]//Proc CRYPTO'99. Berlin Heidelberg:Springer-Verlag, 1999:388-397.
[2] Kocher P. Timing attacks on implementations of diffie-hellman, RSA, DSS, and other systems[C]//Proc CRYPTO'96. Berlin Heidelberg:Springer-Verlag, 1996:104-113.
[3] CCMB-2012-09-001. Common Criteria for information technology security evaluation[S/OL]. (2012-09). http://www.commoncriteriaportal.org/cc/.
[4] CCMB-2012-09-001. Common methodology for information technology security evaluation[S/OL]. (2012-09). http://www.commoncriteriaportal.org/files/ccfiles/CEMV3.1R4.pdf.
[5] CCDB-2013-05-002. Supporting document-mandatory technical document:application of attack potential to smartcards[S/OL]. (2013-05). http://www.commoncriteriaportal.org/files/supdocs/CCDB-2013-05-002.pdf.
[6] Mather L, Oswald E, Bandenburg J, et al. Does my device leak information? An a priori statistical power analysis of leakage detection tests[C]//Proc Advances in Cryptology-ASIACRYPT 2013. Berlin Heidelberg:Springer-Verlag, 2013:486-505.
[7] Goodwill G, Jun B, Jaffe J, et al. A testing methodology for side channel resistance validation[C]//Proc NIAT 2011. Gaithersburg:NIST, 2011.
[8] Jaffe J, Rohatgi P, Witteman M. Efficient side-channel testing for public key algorithms:RSA case study[C]//Proc NIAT 2011. Gaithersburg:NIST, 2011.
[9] Easter R, Quemard J-P, Sakurai G. ISO/IEC DIS 17825:Information technology-Security technique-Testing methods for the mitigation of non-invasive attack classes against cryptographic modules[Z]. Berlin:DIN, 2014-12-01.
[10] Chothia T, Guha A. A statistical test for information leaks using continuous mutual information[C]//Proc Computer Security Foundations Symposium (CSF). Piscataway, NJ:IEEE Press, 2011:177-190.
[11] Chatzikokolakis K, Chothia T, Guha A. Statistical measurement of information leakage[C]//Proc Tools and Algorithms for the Construction and Analysis of Systems. Berlin Heidelberg:Springer-Verlag, 2010:390-404.
[12] EMV. Integrated Circuit Card Specifications for Payment Systems[S]. California:EMVCo, 2011.
[13] FIPS PUB 46-3. The Official Document Describing the DES Standard[S]. Gaithersburg:NIST, 1999.
[14] Brier E, Clavier C, Olivier F. Correlation power analysis with a leakage model[C]//Proc CHES 2004. Berlin Heidelberg:Springer-Verlag, 2004:16-29.
