新的抵抗鬼峰的关联矩阵差分能量分析

doi:10.11959/j.issn.1000-436x.2023063

摘要/Abstract

摘要：

差分能量分析（DPA）是对芯片中分组密码实现安全性的最主要威胁之一，当采集的能量迹不足时，DPA容易受到错误密钥产生的差分均值影响产生鬼峰。基于DPA，提出了一种可以有效抵抗鬼峰的关联矩阵差分能量分析（IMDPA）。通过构造预测差分均值矩阵，利用猜测密钥在非泄露区间的弱相关性，避免非泄露区间对泄露区间内密钥猜测的影响。对IMDPA在AES-128算法的不同泄露区间进行了实验验证，结果表明，与传统的DPA相比，IMDPA 需要更少（达到 85%）的能量迹来猜测正确的密钥。同时 IMDPA 在实施防护措施下的 AES-128的密钥猜测效率仍然存在显著的优势。为了进一步验证IMDPA在分组密码中的通用性，在SM4算法上进行了实验验证，与传统的DPA相比，IMDPA需要更少（达到87.5%）的能量迹来猜测正确的密钥。

关键词: AES, 鬼峰, 差分能量分析, SM4

Abstract:

At present, differential power analysis (DPA) is one of the most important threats to the security of block ciphers in chips.When the collected power trace is insufficient, DPA is vulnerable to ghost peak caused by the difference mean value generated by the wrong key.Based on DPA, a incidence matrix differential power analysis (IMDPA) was proposed which could effectively resist ghost peak.The prediction difference mean matrix was constructed to avoid the influence of the non leaking interval on the key guessing of the leaking interval by using the weak correlation of the guessing key in the non leaking interval.The proposed IMDPA was tested in different leak intervals of AES-128 algorithm.The results show that compared with traditional DPA, IMDPA requires less (up to 85%) power trace to guess the correct key.At the same time, the key guessing efficiency of AES-128 under the implementation of protective measures by IMDPA still has obvious advantages.In order to further verify the universality of IMDPA in block ciphers, experimental verification is conducted on SM4 algorithm.Compared with traditional DPA, IMDPA requires less (up to 87.5%) power traces to guess the correct key.

Key words: AES, ghost peak, differential power analysis, SM4

中图分类号:

TN918

姜子敬, 丁群. 新的抵抗鬼峰的关联矩阵差分能量分析[J]. 通信学报, 2023, 44(4): 38-49.

Zijing JIANG, Qun DING. Nove lincidence matrix differential power analysis for resisting ghost peak[J]. Journal on Communications, 2023, 44(4): 38-49.

图/表 18

图1

图2

图3

图4

图5

图6

图7

图8

图9

图10

图11

图12

图13

图14

图15

图16

表1

图17

参考文献 24

[1]	KOCHER P C , . Timing attacks on implementations of diffie-Hellman,RSA,DSS,and other systems[C]// Advances in Cryptology —CRYPTO ’96. Berlin:Springer, 1996: 104-113.
[2]	KOCHER P , JAFFE J , JUN B . Differential power analysis[C]// Advances in Cryptology — CRYPTO’ 99. Berlin:Springer, 1999: 388-397.
[3]	BRIER E , CLAVIER C , OLIVIER F . Correlation power analysis with a leakage model[C]// International Workshop on Cryptographic Hardware and Embedded Systems. Berlin:Springer, 2004: 16-29.
[4]	CHéRISEY E D , GUILLEY S , RIOUL O ,et al. Best information is most successful[C]// Cryptographic Hardware and Embedded Systems. Berlin:Springer, 2019: 49-79.
[5]	CHARI S , RAO J R , ROHATGI P . Template attacks[C]// Cryptographic Hardware and Embedded Systems - CHES 2002. Berlin:Springer, 2003: 13-28.
[6]	AGRAWAL D , ARCHAMBEAULT B , RAO J R ,et al. The EM side—channel(s)[C]// Cryptographic Hardware and Embedded Systems. Berlin:Springer, 2002: 29-45.
[7]	MONTMINY D P , BALDWIN R O , TEMPLE M A ,et al. Differential electromagnetic attacks on a 32-bit microprocessor using software defined radios[J]. IEEE Transactions on Information Forensics and Security, 2013,8(12): 2101-2114.
[8]	SCHRAMM K , WOLLINGER T , PAAR C . A new class of collision attacks and its application to DES[C]// International Workshop on Fast Software Encryption. Berlin:Springer, 2003: 206-222.
[9]	BOGDANOV A , KIZHVATOV I . Beyond the limits of DPA:combined side-channel collision attacks[J]. IEEE Transactions on Computers, 2012,61(8): 1153-1164.
[10]	BIHAM E , SHAMIR A . Differential fault analysis of secret key cryptosystems[C]// Advances in Cryptology — CRYPTO’97. Berlin:Springer, 1997: 513-525.
[11]	LI Y , SAKIYAMA K , GOMISAWA S ,et al. Fault sensitivity analysis[C]// International Workshop on Cryptographic Hardware and Embedded Systems. Berlin:Springer, 2010: 320-334.
[12]	WANG A , CHEN M , WANG Z Y ,et al. Fault rate analysis:breaking masked AES hardware implementations efficiently[J]. IEEE Transactions on Circuits and Systems II:Express Briefs, 2013,60(8): 517-521.
[13]	PROUFF E , STRULLU R , BENADJILA R ,et al. Study of deep learning techniques for side-channel analysis and introduction to ASCAD database[J]. IACR Cryptology ePrint Archive,2018, 2018:53.
[14]	ROBYNS P , QUAX P , LAMOTTE W . Improving CEMA using correlation optimization[C]// Cryptographic Hardware and Embedded Systems. Berlin:Springer, 2018: 1-24.
[15]	CARBONE M , CONIN V , CORNéLIE M A ,et al. Deep learning to evaluate secure RSA implementations[C]// Cryptographic Hardware and Embedded Systems. Berlin:Springer, 2019: 132-161.
[16]	SCHRAMM K , PAAR C . Higher order masking of the AES[C]// Topics in Cryptology - CT-RSA 2006. Berlin:Springer, 2006: 208-225.
[17]	LO O , BUCHANAN W J , CARSON D . Power analysis attacks on the AES-128 S-box using differential power analysis (DPA) and correlation power analysis (CPA)[J]. Journal of Cyber Security Technology, 2017,1(2): 88-107.
[18]	MAHANTA H J , KHAN A K . Improving power analysis peak distribution using Canberra distance to address ghost peak problem[J]. International Journal of Information Security and Privacy, 2018,12(3): 27-41.
[19]	CHEN J C , NG J S , CHONG K S ,et al. A novel normalized variance-based differential power analysis against masking countermeasures[J]. IEEE Transactions on Information Forensics and Security, 2021,16: 3767-3779.
[20]	GUILLEY S , HOOGVORST P , PACALET R . Differential power analysis model and some results[C]// IFIP International Federation for Information Processing. Boston:Springer US, 2004: 127-142.
[21]	KAMOUN N , BOSSUET L , GHAZEL A . Correlated power noise generator as a low cost DPA countermeasures to secure hardware AES cipher[C]// Proceedings of 2009 3rd International Conference on Signals,Circuits and Systems (SCS). Piscataway:IEEE Press, 2010: 1-6.
[22]	STEFAN M , ELISABETH O , THOMAS P . 能量分析攻击[M]. 冯登国,周永彬,刘继业,等译, 北京: 科学出版社, 2010.
	STEFAN M , ELISABETH O , THOMAS P . Energy analysis attack[M]. Translated by FENG D G,ZHOU Y B,LIU J Y,et al. Beijng: Science Press, 2010.
[23]	BELLIZIA D , SCOTTI G , TRIFILETTI A . Implementation of the PRESENT-80 block cipher and analysis of its vulnerability to side channel attacks exploiting static power[C]// Proceedings of 2016 MIXDES - 23rd International Conference Mixed Design of Integrated Circuits and Systems. Piscataway:IEEE Press, 2016: 211-216.
[24]	HOMMA N , NAGASHIMA S , SUGAWARA T ,et al. A high-resolution phase-based waveform matching and its application to side-channel attacks[J]. IEICE Transactions on Fundamentals of Electronics,Communications and Computer Sciences, 2008,91(1): 193-202.

算法	攻击位置	防护措施	IMDPA/条	DPA/条	EDPA/条	MDPA/条
AES-128	寄存器A	无防护	3 000	10 000+	10 000+	10 000+
AES-128	寄存器B	无防护	1 500	10 000	4 000	1 500
AES-128	寄存器B	引入噪声	1 000	10 000+	10 000+	1 000
AES-128	寄存器B	插入冗余操作	6 000	10 000	9 000	6 000
AES-128	寄存器B	双轨逻辑电路	7 000	10 000	8 000	8 000
AES-128	寄存器B	随机时钟	1 500	1 500	1 500	1 500
SM4	首轮轮函数输出寄存器	无防护	1 000	8 000	10 000+	1 000