通信学报 ›› 2015, Vol. 36 ›› Issue (1): 142-148.doi: 10.11959/j.issn.1000-436x.2015016

• 学术论文 • 上一篇    下一篇

针对SMS4轮输出的选择明文能量分析攻击

王敏1,2,杜之波2,吴震2,饶金涛2   

  1. 1 四川大学 电子信息学院,四川 成都 610041
    2 成都信息工程学院 信息安全工程学院,四川 成都 610225
  • 出版日期:2015-01-25 发布日期:2017-06-21
  • 基金资助:
    国家重大科技专项基金资助项目;国家高技术研究发展计划(863计划)基金资助项目;“十二五”国家密码发展基金资助项目;四川省科技支撑计划项目基金资助项目;四川省教育厅重点科研基金资助项目;成都信息工程学院科研基金资助项目

Chosen-plaintext power analysis attack against SMS4 with the round-output as the intermediate data

Min WANG1,2,Zhi-bo DU2,Zhen WU2,Jin-tao RAO2   

  1. 1 College of Electronics and Information Engineering,Sichuan University,Chengdu 610041,China
    2 School of Information Security Engineering,Chengdu University of Information Technology,Chengdu 610225,China
  • Online:2015-01-25 Published:2017-06-21
  • Supported by:
    The National Science and Technology Major Project;The National High Technology Research and Development Program (863 Program);“The 12th Five-Years” National Cryptogram Development Fund;Sichuan Science and Technology Support Programmer;Sichuan Provincial Education Department Key Scientific Research Projects;The Scientific Research Foundation of CUIT

摘要:

提出了针对SMS4轮输出的选择明文能量分析攻击,攻击时以一定约束条件选择明文,先攻击出轮迭代函数的输出,再由轮迭代函数的输出反推出对应的轮子密钥,从而实现了以轮输出作为中间数据对SMS4的能量分析攻击,并利用该方法对无防护SMS4算法的能量曲线进行了能量分析攻击,实验表明该攻击方法是行之有效的。

关键词: SMS4算法, 能量分析攻击, 轮输出, 选择明文

Abstract:

The method of chosen-plaintext power analysis attack against SMS4 with the round-output as the intermediate data is proposed.Firstly,this method attacks out the output of the iterative function.Then the sub key can be achieved by the output of the iterative function.And it is achieved to make the attack real and improve the efficiency,when SMS4 is attacked by taking of the method.In particular,the actual experiment of the method is done,and the results show that the attack algorithm is correct and effective.

Key words: SMS4 algorithm, power analysis attack, round output, chosen-plaintext