密码芯片基于聚类的模板攻击

doi:10.11959/j.issn.1000-436x.2018130

通信学报 ›› 2018, Vol. 39 ›› Issue (8): 83-93.doi: 10.11959/j.issn.1000-436x.2018130

• 论文Ⅰ：人工智能与网络安全 • 上一篇下一篇

密码芯片基于聚类的模板攻击

吴震,杜之波(),王敏,向春玲

成都信息工程大学网络空间安全学院，四川成都 610225

修回日期:2018-07-16 出版日期:2018-08-01 发布日期:2018-09-13
作者简介:吴震（1975-），男，江苏苏州人，成都信息工程大学副教授，主要研究方向为信息安全、密码学、侧信道攻击与防御、信息安全设备设计与检测。|杜之波（1982-），男，山东冠县人，成都信息工程大学副教授，主要研究方向为信息安全、侧信道攻击与防御、天线应用和物联网安全。|王敏（1977-），女，四川资阳人，成都信息工程大学副教授，主要研究方向为网络攻防、侧信道攻击与防御。|向春玲（1990-），女，湖北宜昌人，成都信息工程大学助教，主要研究方向为信息安全、嵌入式系统安全、侧信道攻击与防御。
基金资助:
国家科技重大专项基金资助项目(2014ZX01032401);国家高技术研究发展计划（“863”计划）基金资助项目(2012AA01A40);“十三五”国家密码发展基金资助项目(MMJJ20180244);四川省科技支撑计划项目基金资助(2017GZ0313);四川省教育厅重点科研基金资助项目(17ZB0082)

Template attack of Crypto chip based on clustering

Zhen WU,Zhibo DU(),Min WANG,Chunling XIANG

College of Information Security Engineering,Chengdu University of Information Technology,Chengdu 610225,China

Revised:2018-07-16 Online:2018-08-01 Published:2018-09-13
Supported by:
The National Science and Technology Major Project of China(2014ZX01032401);The National High Technology Research and Development Program of China (863 Program)(2012AA01A40);The “13th Five-Years” National Cryptogram Development Fund(MMJJ20180244);Sichuan Science and Technology Support Programmer(2017GZ0313);Sichuan Provincial Education Department Key Scientific Research Projects(17ZB0082)

摘要/Abstract

摘要：

传统的模板攻击需要已知密钥建模等对实验设备完全控制的前置条件来实施攻击，该前置条件限制了模板攻击的应用场景，使模板攻击只能应用于可以控制密钥输入的设备。为了解决该问题，提出了基于聚类的模板攻击方法。该方法根据信息泄露模型的特征对聚类期望最大值（EM）算法进行改造，使改造后的聚类方法能够较为准确地拟合出泄露信息的概率模型，在未知密钥的情况下，即可确定信息泄露的位置。该方法通过建模进行模板匹配，消除了传统模板攻击对已知密钥建模等前置条件的依赖，从而扩大了模板攻击的应用范围。

关键词: 侧信道攻击, 模板攻击, 聚类, EM算法

Abstract:

The known-key establishment template and others full control of experimental equipment preconditions are required to implement the traditional template attack.The preconditions restrict the application scenario of template attack.The template attack is only applied to the device that the key input can be controlled.In order to resolve the restrictive preconditions,a novel method of template attack based on clustering was proposed.The clustering EM algorithm was modified according to the characteristics of information leakage model in the method.The modified clustering methods accurately fitted the leaked information probability model in the case of unknown key,the location of information leakage could be determined.Then the attack established the templates in the location,and implemented template matching.The proposed method eliminates the dependence of traditional template attacks on per-conditions and expand the application scenario of template attack.

Key words: side channel attack, template attack, clustering, EM algorithm

中图分类号:

TP309.1

吴震,杜之波,王敏,向春玲. 密码芯片基于聚类的模板攻击[J]. 通信学报, 2018, 39(8): 83-93.

Zhen WU,Zhibo DU,Min WANG,Chunling XIANG. Template attack of Crypto chip based on clustering[J]. Journal on Communications, 2018, 39(8): 83-93.

图/表 11

图1

图2

图3

图4

图5

图6

图7

表1

图8

表2

表3

参考文献 16

[1]	KOCHER P C , . Timing attacks on implementations of Diffie-Hellman,RSA,DSS,and other systems[C]// Annual International Cryptology Conference. 1996: 104-113.
[2]	KOCHER P , JAFFE J , JUN B . Differential power analysis[C]// Annual International Cryptology Conference. 1999: 388-397.
[3]	BRIER E , CLAVIER C , OLIVIER F . Correlation power analysis with a leakage model[C]// International Workshop on Cryptographic Hardware and Embedded Systems. 2004: 16-29.
[4]	CHARI S , RAO J R , ROHATGI P . Template attacks[C]// International Workshop on Cryptographic Hardware and Embedded Systems. 2002: 13-28.
[5]	LERMAN L , MEDEIROS S F , VESHCHIKOV N ,et al. Semisupervised template attack[C]// International Workshop on Constructive Side-Channel Analysis and Secure Design. 2013: 184-199.
[6]	SCHINDLER W , LEMKE K , PAAR C . A stochastic model for differential side channel cryptanalysis[C]// International Workshop on Cryptographic Hardware and Embedded Systems. 2005: 30-46.
[7]	GIERLICHS B , LEMKE-RUST K , PAAR C . Templates vs.stochastic methods[C]// International Workshop on Cryptographic Hardware and Embedded Systems. 2006: 15-29.
[8]	KARSMAKERS P , GIERLICHS B , PELCKMANS K ,et al. Side channel attacks on cryptographic devices as a classification problem[J]. Esat Kuleuven Be, 2009,7:36.
[9]	LERMAN L , POUSSIER R , BONTEMPI G ,et al. machine learning revisited (and the curse of dimensionality in side-channel analysis)[C]// International Workshop on Constructive Side-Channel Analysis and Secure Design. 2015: 20-33.
[10]	LERMAN L , BONTEMPI G , MARKOWITCH O . Side channel attack:an approach based on machine learning[J]. Center for Advanced Security Research Darmstadt, 2011: 29-41.
[11]	BATINA L , GIERLICHS B , LEMKE-RUST K . Differential cluster analysis[M]// Cryptographic Hardware and Embedded Systems-CHES. 2009: 112-127.
[12]	CHOU J W , CHU M H , TSAI Y L ,et al. An unsupervised learning model to perform side channel attack[C]// Pacific-Asia Conference on Knowledge Discovery and Data Mining. 2013: 414-425.
[13]	HEYSZL J , IBING A , MANGARD S ,et al. Clustering algorithms for non-profiled single-Execution attacks on exponentiations[C]// International Conference on Smart Card Research and Advanced Applications. 2013: 79-93.
[14]	LEMKE-RUST K , PAAR C . Gaussian mixture models for higher-order side channel analysis[C]// International Workshop on Cryptographic Hardware and Embedded Systems. 2007: 14-27.
[15]	MANGARD S , OSWALD E , POPP T . Power analysis attacks:revealing the secrets of smart card[M]. New York:Springer. 2007.
[16]	STANDAERT F X , MALKIN T G , YUNG M . A unified framework for the analysis of side-channel key recovery attacks[C]// Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2009: 443-461.

SBOX输入值	SBOX输出值	SBOX输入HW	SBOX输出HW
509	554	509	554

攻击方法	攻击能迹数m	1阶成功率	2阶成功率	3阶成功率	4阶成功率	猜测熵
	20	71.23%	83.56%	84.93%	86.30%	4.96
	30	81.63%	91.84%	97.96%	97.96%	1.73
STD	40	91.67%	91.67%	97.22%	97.22%	1.33
	50	100.00%	100.00%	100.00%	100.00%	1.00
	60	100.00%	100.00%	100.00%	100.00%	1.00
	20	10.96%	17.81%	21.92%	24.66%	49.93
	30	48.98%	59.18%	71.43%	73.47%	8.04
EM	40	61.11%	69.44%	72.22%	72.22%	29.53
	50	82.76%	86.21%	86.21%	89.66%	3.45
	60	20.83%	29.17%	37.50%	37.50%	14.13
	20	53.42%	58.90%	61.64%	64.38%	19.74
	30	51.02%	61.22%	63.27%	73.47%	12.84
EMPD	40	63.89%	75.00%	77.78%	77.78%	9.89
	50	65.52%	72.41%	72.41%	75.86%	4.55
	60	79.17%	87.50%	87.50%	91.67%	3.33
	20	54.79%	58.90%	60.27%	63.01%	15.97
	30	51.02%	57.14%	75.51%	77.55%	9.49
EMPDC	40	77.78%	77.78%	77.78%	83.33%	8.53
	50	75.86%	79.31%	79.31%	86.21%	3.14
	60	79.17%	87.50%	91.67%	91.67%	2.75
	20	72.60%	76.71%	78.08%	82.19%	6.18
	30	79.59%	83.67%	89.80%	91.84%	2.29
EMPDS	40	88.89%	91.67%	91.67%	91.67%	1.58
	50	100.00%	100.00%	100.00%	100.00%	1.00
	60	100.00%	100.00%	100.00%	100.00%	1.00

攻击方法	训练能迹数/条	1阶成功率	2阶成功率	3阶成功率	4阶成功率	猜测熵
	8 000	81.63%	91.84%	97.96%	97.96%	1.73
	7 000	81.63%	91.84%	97.96%	97.96%	1.73
	6 000	81.63%	97.96%	97.96%	97.96%	1.73
STD	5 000	79.59%	93.88%	93.88%	95.92%	2.59
	4 000	83.67%	91.84%	93.88%	95.92%	4.12
	3 000	69.39%	87.76%	89.80%	89.80%	6.00
	2 000	65.31%	85.71%	87.76%	87.76%	7.55
	1 000	67.35%	81.63%	85.71%	87.76%	25.10
	8 000	100.00%	100.00%	100.00%	100.00%	1.15
	7 000	100.00%	100.00%	100.00%	100.00%	1.00
	6 000	92.31%	100.00%	100.00%	100.00%	1.08
EMPDS	5 0004 000	100.00%76.92%	100.00%100.00%	100.00%100.00%	100.00%100.00%	1.001.23
	3 000	69.23%	92.31%	100.00%	100.00%	1.38
	2 000	61.54%	76.92%	76.92%	76.92%	4.92
	1 000	61.54%	84.62%	92.31%	92.31%	1.77

密码芯片基于聚类的模板攻击

Template attack of Crypto chip based on clustering

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 11

参考文献 16

相关文章 15

Metrics

推荐阅读 0

[1]	马玲, 樊漆亮, 许婷, 郭冠琛, 张圣林, 孙永谦, 张玉志. 基于强化学习的在线离线混部云环境下的调度框架[J]. 通信学报, 2023, 44(6): 90-102.
[2]	余晟兴, 陈泽凯, 陈钟, 刘西蒙. DAGUARD：联邦学习下的分布式后门攻击防御方案[J]. 通信学报, 2023, 44(5): 110-122.
[3]	董煜, 张友鹏. 基于聚类赋权的冲突证据组合方法[J]. 通信学报, 2023, 44(3): 157-163.
[4]	赵静, 李俊, 龙春, 万巍, 魏金侠, 陈凯. 基于多层次特征的RoQ隐蔽攻击无监督检测方法[J]. 通信学报, 2022, 43(9): 224-239.
[5]	李骜, 冯聪, 牛宇童, 徐士彪, 张英涛, 孙广路. 面向视角非对齐数据的多视角聚类方法[J]. 通信学报, 2022, 43(7): 143-152.
[6]	毛伊敏, 甘德瑾, 廖列法, 陈志刚. 基于Spark框架和ASPSO的并行划分聚类算法[J]. 通信学报, 2022, 43(3): 148-163.
[7]	张忠平, 李森, 刘伟雄, 刘书霞. 基于快速密度峰值聚类离群因子的离群点检测算法[J]. 通信学报, 2022, 43(10): 186-195.
[8]	王惠琴, 侯文斌, 彭清斌, 曹明华, 黄瑞, 刘玲. 基于K均值聚类的SPPM分步分类检测算法[J]. 通信学报, 2022, 43(1): 161-171.
[9]	胡强, 沈嘉吉, 荆广辉, 杜军威. 基于描述语境特征词与改进GSDMM模型的服务聚类方法[J]. 通信学报, 2021, 42(8): 176-187.
[10]	贾春福, 李瑞琪, 王雅飞. 基于同态加密的DBSCAN聚类隐私保护方案[J]. 通信学报, 2021, 42(2): 1-11.
[11]	刘留, 张建华, 樊圆圆, 于力, 张嘉驰. 机器学习在信道建模中的应用综述[J]. 通信学报, 2021, 42(2): 134-153.
[12]	王娅茹, 唐明. 基于Bartlett和多分类F检验侧信道泄露评估[J]. 通信学报, 2021, 42(12): 35-43.
[13]	李骜, 王卓, 于晓洋, 陈德运, 张英涛, 孙广路. 多核低冗余表示学习的稳健多视图子空间聚类方法[J]. 通信学报, 2021, 42(11): 193-204.
[14]	黄瑞章,白瑞娜,陈艳平,秦永彬,程欣宇,田有亮. CMDC：一种差异互补的迭代式多维度文本聚类算法[J]. 通信学报, 2020, 41(8): 155-164.
[15]	邱飞岳,陈博文,陈铁明,章国道. 稀疏诱导流形正则化凸非负矩阵分解算法[J]. 通信学报, 2020, 41(5): 84-95.