有学习的高阶DPA攻击

doi:10.11959/j.issn.1000-436x.2018164

通信学报 ›› 2018, Vol. 39 ›› Issue (9): 135-146.doi: 10.11959/j.issn.1000-436x.2018164

有学习的高阶DPA攻击

吴震¹,王燚¹(),周冠豪^1,²

¹ 成都信息工程大学网络空间安全学院，四川成都 610225
² 北京智慧云测设备技术有限公司，北京 102300

修回日期:2018-07-28 出版日期:2018-09-01 发布日期:2018-10-19
作者简介:吴震（1975-），男，江苏苏州人，成都信息工程大学副教授，主要研究方向为信息安全、密码学、侧信道攻击与防御、信息安全设备设计与检测。|王燚（1968-），男，四川成都人，博士，成都信息工程大学教授，主要研究方向为机器学习、侧信道攻击与防御、自然语言处理。|周冠豪（1993-），男，江西南昌人，北京智慧云测设备技术有限公司技术工程师，主要研究方向为信息安全、机械学习、侧信道攻击与防御、物联网安全。
基金资助:
国家重大科技专项基金资助项目(2014ZX01032401-001);四川省科技计划基金资助项目(2017GZ0313);四川省教育厅科研基金资助项目(17ZB0082)

High order DPA with profiling

Zhen WU¹,Yi WANG¹(),Guanhao ZHOU^1,²

¹ Institute of Cyberspace Security,Chengdu University of Information Technology,Chengdu 610225,China
² Beijing Intelligent Cloud measuring equipment Technology Co.,Ltd.,Beijing,102300,China

Revised:2018-07-28 Online:2018-09-01 Published:2018-10-19
Supported by:
The National Science and Technology Major Project of China(2014ZX01032401-001);Sichuan Science and Technology Programmer(2017GZ0313);Sichuan Provincial Education Department Scientific Research Project(17ZB0082)

摘要/Abstract

摘要：

在侧信道攻击中，作为抵抗一阶 DPA 攻击的对策，掩码策略是当前使用最为广泛的防御方式之一。目前，针对掩码策略，通常使用高阶DPA及高阶模板攻击等攻击方式。但由于高阶DPA攻击的是多种信息的联合泄露，需要对多个位置的能耗进行交叉组合，导致其攻击效率低下。高阶模板攻击则需要在学习阶段了解每次加密中使用的随机掩码，攻击条件往往难以满足。针对目前这些攻击方式的不足与局限性，有学习的高阶 DPA 采用神经网络建立能耗对无掩中间组合值的拟合模型，基于拟合无掩中间组合值与猜测无掩中间组合值的相关系数进行攻击。这种方法消除了在学习阶段必须了解掩码的要求，同时避免了高阶 DPA 对能耗交叉组合的需求，降低了攻击条件，且提高了攻击的效率。实验证实了该攻击算法的可行性和高效性。

关键词: 侧信道攻击, 掩码对策, 高阶DPA攻击, 神经网络

Abstract:

In side channel attack,the masking implementation is one of the most popular counter measures again first order DPA.Presently,high order DPA and high order template attack are often used to attack against masking counter measures.High order DPA,however,targets joint leakage of multiple types of information and therefore needs cross combination of powers at corresponding positions,which is the root of the inefficiency of high order DPA.High order template attack,on the other hand,has to know the random mask in each encrypting at its learning phase,which is rarely satisfied for most adversaries.Be aware of these shortcomings and limitations,the algorithm of high order DPA with profiling used neural network to establish the model of fitting the combination of un-masked intermediate values.Attacking was based on the correlation coefficient between the fitted combination intermediate value and the guessing combination intermediate value.This method eliminated the requirement of knowing the masks at the learning phase of template attack and the requirement of cross combination of powers for high order DPA,and therefore lowered the requirement of learning as well as improved attacking efficiency.Experiments have confirmed the feasibility of this algorithm,as well as its efficiency.

Key words: side channel attack, mask countermeasure, higher order DPA attack, neural network

中图分类号:

TP309.1

吴震,王燚,周冠豪. 有学习的高阶DPA攻击[J]. 通信学报, 2018, 39(9): 135-146.

Zhen WU,Yi WANG,Guanhao ZHOU. High order DPA with profiling[J]. Journal on Communications, 2018, 39(9): 135-146.

图/表 15

图1

图2

图3

图4

图5

图6

图7

图8

图9

图10

图11

图12

图13

图14

图15

参考文献 15

[1]	KOCHER P , JAFFE J , JUN B . Differential power analysis[C]// Annual International Cryptology Conference. 1999: 388-397.
[2]	POPP T , MANGARD S , OSWALD E . Power analysis attacks and countermeasures[J]. IEEE Design ＆ test of Computers, 2007,24(6): 535-543.
[3]	MESSERGES T , . Using second-order power analysis to attack DPA resistant software[C]// International Workshop on Cryptographic Hardware and Embedded Systems. 2000: 238-251.
[4]	WADDLE J , WAGNER D . Towards efficient second-order power analysis[C]// International Workshop on Cryptographic Hardware and Embedded Systems. 2004: 1-15.
[5]	JOYE M , PAILLIER P , SCHOENMAKERS B . On second-order differential power analysis[C]// International Workshop on Cryptographic Hardware and Embedded Systems. 2005: 293-308.
[6]	王敏, 吴震, 饶金涛 ,等. 针对密码芯片频域互信息能量分析攻击[J]. 通信学报, 2015,36(Z1): 131-135.
	WANG M , WU Z , RAO J T ,et al. Mutual information power analysis attack in the frequency domain of the crypto chip[J]. Journal on Communications, 2015,36(Z1): 131-135.
[7]	OSWALD E , MANGARD S , HERBST C ,et al. Practical second-order DPA attacks for masked smart card implementations of block ciphers[C]// Cryptographers’ Track at the RSA Conference. 2006: 192-207.
[8]	OSWALD E , MANGARD S . Template attacks on masking—resistance is futile[C]// Cryptographers’ Track at the RSA Conference. 2007: 243-256.
[9]	LEMKE-RUST K , PAAR C . Gaussian mixture models for higher-order side channel analysis[C]// International Workshop on Cryptographic Hardware and Embedded Systems. 2007: 14-27.
[10]	LERMAN L , BONTEMPI G , MARKOWITCH O . A machine learning approach against a masked AES[J]. Journal of Cryptographic Engineering, 2015,5(2): 123-139.
[11]	GILMORE R , HANLEY N , O'NEILL M . Neural network based attack on a masked implementation of AES[C]// 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). 2015: 106-111.
[12]	DURVAUX F , STANDAERT F X . From improved leakage detection to the detection of points of interests in leakage traces[C]// Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2016: 240-262.
[13]	DURVAUX F , STANDAERT F X , VEYRAT-CHARVILLON N , ,et al. Efficient selection of time samples for higher-order DPA with projection pursuits[C]// International Workshop on Constructive SideChannel Analysis and Secure Design. 2015: 34-50.
[14]	张洪欣, 李静, 张帆 ,等. 基于能耗旁路泄露的密码芯片模板攻击算法研究[J]. 电波科学学报, 2015,30(5): 987-992.
	ZHANG H X , LI J , ZHANG F ,et al. A study on template attack of chip base on side channel power leakage[J]. Chinese Journal of Radio Science, 2015,30(5): 987-992.
[15]	阮越, 陈汉武, 刘志昊 ,等. 量子主成分分析算法[J]. 计算机学报, 2014,37(3): 666-676.
	WAN Y , CHEN H W , LIU Z H ,et al. Quantum principal component analysis algorithm[J]. Chinese Journal of Computers, 2014,37(3): 666-676.

有学习的高阶DPA攻击

High order DPA with profiling

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 15

参考文献 15

相关文章 15

Metrics

推荐阅读 0

[1]	陈晋音, 熊海洋, 马浩男, 郑雅羽. 基于对比学习的图神经网络后门攻击防御方法[J]. 通信学报, 2023, 44(4): 154-166.
[2]	李建锋, 刘哲宇, 荣洋, 李展, 廖柏林, 屈林曦, 刘志杰, 林琨煌. 用于线性噪声时变凸二次规划的归零神经网络[J]. 通信学报, 2023, 44(4): 226-233.
[3]	林云, 徐怀韬, 王森, 张思成, 庄龙. 基于特征融合的通信语音干扰效果客观评估[J]. 通信学报, 2023, 44(3): 105-116.
[4]	杨宏宇, 杨海云, 张良, 成翔. 基于特征依赖图的源代码漏洞检测方法[J]. 通信学报, 2023, 44(1): 103-117.
[5]	何世文, 袁军, 安振宇, 张敏, 黄永明, 张尧学. 基于图神经网络的联合用户调度与波束成形优化算法[J]. 通信学报, 2022, 43(7): 73-84.
[6]	冷涛, 蔡利君, 于爱民, 朱子元, 马建刚, 李超飞, 牛瑞丞, 孟丹. 基于系统溯源图的威胁发现与取证分析综述[J]. 通信学报, 2022, 43(7): 172-188.
[7]	李昂, 陈建新, 魏昕, 周亮. 面向6G的跨模态信号重建技术[J]. 通信学报, 2022, 43(6): 28-40.
[8]	王晓丹, 李京泰, 宋亚飞. DDAC：面向卷积神经网络图像隐写分析模型的特征提取方法[J]. 通信学报, 2022, 43(5): 68-81.
[9]	廖育荣, 王海宁, 林存宝, 李阳, 方宇强, 倪淑燕. 基于深度学习的光学遥感图像目标检测研究进展[J]. 通信学报, 2022, 43(5): 190-203.
[10]	张帆, 黄赟, 方子茁, 郭威. 卷积神经网络的损失最小训练后参数量化方法[J]. 通信学报, 2022, 43(4): 114-122.
[11]	朱政宇, 侯庚旺, 黄崇文, 孙钢灿, 郝万明, 梁静. 基于并行CNN的RIS辅助D2D保密通信系统资源分配算法[J]. 通信学报, 2022, 43(3): 172-179.
[12]	霍俊彦, 王丹妮, 马彦卓, 万帅, 杨付正. 基于轻量级全连接网络的H.266/VVC分量间预测[J]. 通信学报, 2022, 43(2): 143-155.
[13]	龙华, 黄张衡, 邵玉斌, 杜庆治, 苏树盟. 基于改进CFCC特征提取的语种识别算法研究[J]. 通信学报, 2022, 43(12): 211-221.
[14]	朱政宇, 陈鹏飞, 王梓晅, 巩克现, 吴迪, 王忠勇. 基于Swin-Transformer的短波协议信号识别[J]. 通信学报, 2022, 43(11): 127-135.
[15]	熊金波, 周永洁, 毕仁万, 万良, 田有亮. 边缘协同的轻量级隐私保护分类框架[J]. 通信学报, 2022, 43(1): 127-137.