基于汉明重的LED代数旁路攻击研究

doi:10.3969/j.issn.1000-436x.2013.07.015

Abstract

Abstract:

Abstract:The security of LED against the algebraic side-channel attack (ASCA)was evaluated, which is a lightweight block cipher proposed in CHES 2011.Firstly, the attack model of ASCA was analyzed, and then the design and algebraic representations of LED were described. Secondly, the power leakages of LED on ATMEGA324P microcontroller were measured by a digital oscilloscope; some leakage points with obvious power patterns were chosen as the targeted points and used to deduce the Hamming weight via computing the Pearson correlation factor; satisfiability-based, Pseu-do-Boolean optimization-based, linear programming-based methods were used to representing Hamming weights with algebraic equations. Finally, the CryptoMinisat and the SCIP solver were applied to solve for the key and many attacks are conducted under different scenarios. Experiment results demonstrate that LED is vulnerable to ASCA, full 64 bit master key can be derived via analyzing the HW leakages of the first round in LED.

Key words: Hamming weight, LED, ASCA, satisfiability, pseudo-Boolean optimization, linear programming

Ke-ke JI,Tao WANG,Shi-ze GUO,Xin-jie ZHAO,Hui-ying LIU. Research of Hamming weight-based algebraic side-channel attack on LED[J]. Journal on Communications, 2013, 34(7): 134-142.

Figures/Tables 15

References 23

[1]	KOCHER P C . Timing attacks on implementations of diffie-hellman, RSA, DSS, and other systems[A]. CRYPTO 1996[C]. Berlin: Springer, 1996. 104-113.
[2]	KOCHER P C , JAFFE J , JUN B . Differential power analysis[A]. CRYPTO 1999[C]. Berlin: Springer, 1999. 388-397.
[3]	QUISQUATER J J , SAMYDED D . Electromagnetic analysis (EMA):measures and countermeasures for smart cards[A]. e-Smart 2001[C]. Berlin: Springer, 2001. 200-210.
[4]	BATINA L , GIERLICHS B , PROUFF E . Mutual information analysis: a comprehensive study[J]. Journal of Cryptology, 2011(24): 269-291.
[5]	WHITNALL C , OSWALD E , MATHER L . An exploration of the Kolmogorov-Smirnov test as competitor to mutual information analysis[EB/OL].
[6]	BOGDANOV A . Improved side-channel collision attacks on AES[A]. AC 2007, LNCS 4876[C]. Berlin:Springer, 2007. 84-95.
[7]	DINUR I , SHAMIR A . Side channel cube attacks on block ciphers[EB/OL].
[8]	RENAULD M , STANDAERT F -X . Algebraic side-channel attacks[A]. NSCRYPT 2009[C]. Berlin:Springer, 2009. 393-410.
[9]	RENAULD M , STANDAERT F X , VEYRAT C N . Algebraic side-channel attacks on the AES:Why time also matters in DPA[A]. CHES 2009[C]. Berlin:Springer, 2009. 97-111.
[10]	OREN Y , KIRSCHBAUM M , PPOPP T . Algebraic side-channel analysis in the presence of errors[A]. CHES 2010[C]. Berlin:Springer, 2010. 428-442.
[11]	ZHAO X J , ZHANG F , GUO S Z . MDASCA:an enhanced algebraic side-channel attack for error tolerance and new leakage model exploitation[A]. Proceedings of COSADE 2012[C]. 2012.
[12]	GUO J , PEYRIN T , POSCHMANN A . The LED bock cipher[A]. Berlin:Springer, 2011. 326-341.
[13]	NICOLAS T. C , GREGORY V. B . Algebraic cryptanalysis of the data encryption standard[A]. 11-th IMA Conference[C]. Cirencester, UK, 2007. 152-169
[14]	FU Z , MARHAJAN Y , MALIK S . zChaff SAT solver[EB/OL].
[15]	E′EN N , S?RENSSON N . An open-source SAT solver package[EB/OL].
[16]	SOOS M , NOHL K , CASTELLUCCIA C . Extrending SAT solvers to cryptographic problems[A]. SAT 2009[C]. Berlin:Springer. 2009. 244-257.
[17]	TOBIAS A . Constraint Integer Programming[D]. TU Berlin, 2007.
[18]	BERTHOLD T , HEINZ S , PFETSCH M E . SCIP- solving constraint integer programs[A]. SAT 2009[C]. Berlin:Springer, 2009.
[19]	BERTHOLD T , HEINZ S , PFETSCH M E . Nonlinear pseudo-boolean optimization:Relaxation or propagation? [A]. Berlin:Springer, 2009. 441-446.
[20]	CARLA P. G , ASHISH S , Handbook of Satisfiability[M]. IOS Press, 2009. 633-654.
[21]	KNUDSEN L R , MIOLANE C V . Counting equations in algebraic attacks on block ciphers[J]. International Journal of Information Security, 2010,9(2):127-135.
[22]	CHARI S , RAO J R , ROHATAJ P . Template attacks[A]. CHES 2002[C]. Berlin:Springer, 2002. 13-28.
[23]	BRIER E , CLAVIER C , OLIVIER F . Correlation power analysis with a leakage model[A]. CHES 2004[C]. Berlin:Springer, 2004. 16-29.

Metrics

Recommended 0

No Suggested Reading articles found!

变元	说明	变元	说明
P	明文	K	密钥
X₁	输出AK	X₂	输出AC
X₃	输出SB	X₄	输出SR
X₅	输出MC	C	密文
RC	轮常量

元素	y₀	y₁	y₂	y₃
1	x₀	x₁	x₂	x₃
2	x₁	x₂	x₀+x₃	x₀
4	x₂	x₀+x₃	x₀+x₁	x₁
5	x₀+x₂	x₀+x₁+x₃	x₀+x₁+x₂	x₁+x₃
6	x₁+x₂	x₀+x₂+x₃	x₁+x₃	x₀+x₁
8	x₀+x₃	x₀+x₁	x₁+x₂	x₂
9	x₃	x₀	x₁	x₂+x₃
A	x₀+x₁+x₃	x₀+x₁+x₂	x₀+x₁+x₂+x₃	x₀+x₂
B	x₁+x₃	x₀+x₂	x₀+x₁+x₃	x₀+x₂+x₃
E	x₀+x₁+x₂+x₃	x₁+x₂+x₃	x₂+x₃	x₀+x₁+x₂
F	x₁+x₂+x₃	x₂+x₃	x₃	x₀+x₁+x₂+x₃

名称	性能参数
PC机	、、内存、操作系统。Athlon64 3000+ CPU 1.81 GHz 1 GB Windows XP
微控制器	单片机：, ，时钟频率。ATMETGA324P 1 KB EEPROM, 2 KB SRAM 32 KB Flash 20 MHz
数字示波器	：最大采样速率，最小电压分辨率。MSO6012A 2 GSa/s 0.312 5 mV
解析器	：版本号 ;：版本号，其中，版本号为。CryptoMinisat 2.9.0 SCIP 2.0.1 SoPlex 1.5.0

攻击场景	泄露轮数
已知明文	1
未知明密文	5

加密部件	泄露的汉明重值
初始轮密钥加	0,2,3,3,2,3,1,2,0,1,2,1,1,2,2,3
第一轮S盒代换	2,4,1,3,3,2,2,3,2,2,0,2,1,3,3,3
第一轮列混淆	2,1,1,4,3,2,2,2,1,2,2,1,2,1,1,2

Research of Hamming weight-based algebraic side-channel attack on LED

RichHTML

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

Figures/Tables 15

References 23

Related Articles 15

Metrics

Recommended 0

编号	K	编号	K	编号	K	编号	K
-2	0	-18	0	-34	0	-50	0
-3	0	19	1	-35	0	51	1
4	1	-20	0	-36	0	-52	0
5	1	21	1	37	1	-53	0
6	1	-22	0	38	1	-54	0
-7	0	23	1	39	1	-55	0
-8	0	24	1	-40	0	56	1
9	1	25	1	-41	0	-57	0
-10	0	-26	0	42	1	58	1
11	1	-27	0	-43	0	-59	0
-12	0	-28	0	-44	0	60	1
13	1	-29	0	45	1	-61	0
-14	0	-30	0	46	1	62	1
15	1	31	1	-47	0	-63	0
-16	0	-32	0	48	1	-64	0
-17	0	33	1	49	1	-65	0

错误率/%	轮数	成功率/%	时间/s
40	2	90	148
50	3	100	1.2
60	3	100	18
70	4	90	150
80	6	50	250

攻击场景	错误率	泄露轮数	求解时间/s
PBOPT	已知明文	1	2.5
PBOPT	未知明密文	5	379
LP	已知明文	1	2.8
LP	未知明密文	6	53

攻击场景	错误率	个数	时间/s
	10%	2.8	4.7
	20%	7.4	9.2
PBOPT	30%	86.2	21.6
	40%	319	34
	50%	3 575	99.7
	10%	2.2	11.7
	20%	8.8	34.7
LP	30%	161.6	88
	40%	1 748	211.1
	50%	6 618.7	552.1

[1]	Rongpeng LI, Bingyan WANG, Honggang ZHANG, Zhifeng ZHAO. Design of knowledge enhanced semantic communication receiver [J]. Journal on Communications, 2023, 44(6): 70-76.
[2]	Shaoyu DU. Improved integral attack——random linear distinguish and key recovery attack [J]. Journal on Communications, 2023, 44(4): 145-153.
[3]	Jingya YANG, Xiaogang TANG, Yiqing ZHOU, Ling LIU, Wang Jiangzhou. 6G native intelligence network architecture enabled by intent abstraction and knowledge [J]. Journal on Communications, 2023, 44(2): 12-26.
[4]	Hongrui NIE, Shaosheng LI, Yong LIU. Optimized scheduling mechanism based on IEEE 802.1Qch standard in time-sensitive networking [J]. Journal on Communications, 2022, 43(9): 12-26.
[5]	Xia FENG, Kaiping CUI, Qingqing XIE, Liangmin WANG. Distributed anonymous authentication scheme based on the blockchain in VANET [J]. Journal on Communications, 2022, 43(9): 134-147.
[6]	Zexi XU, Lei ZHUANG, Kunli ZHANG, Mingyu GUI. Online placement algorithm of service function chain based on knowledge graph [J]. Journal on Communications, 2022, 43(8): 41-51.
[7]	Xuewang ZHANG, Zhihong LI, Jinzhao LIN. Privacy protection scheme based on fair blind signature and hierarchical encryption for consortium blockchain [J]. Journal on Communications, 2022, 43(8): 131-141.
[8]	Congwei ZHOU, Bin HU, Jie GUAN. Construction de Bruijn sequence based on whole LFSR with 4 cycles [J]. Journal on Communications, 2022, 43(7): 126-133.
[9]	Jingyu WANG, Zirui ZHUANG. Research on a knowledge-defined polymorphic network attainable service architecture [J]. Journal on Communications, 2022, 43(4): 71-82.
[10]	Lian XIANG, Hongfeng PAN, Shulin JIN, Weidong SHAO. Research on inter-core crosstalk characteristics of real multi-core fibers with multi-core excitation [J]. Journal on Communications, 2022, 43(11): 233-241.
[11]	Youheng DONG, Geng ZHAO, Yingjie MA. Two-dimensional pseudo-random coupled map lattices system based on partitioned elementary cellular automata and its dynamic properties [J]. Journal on Communications, 2022, 43(1): 71-82.
[12]	Xiaoguang LI, Lei GONG, Xiaoli LI, Xin ZHANG, Ge YU. Learner preferences prediction with mixture embedding of knowledge and behavior graph [J]. Journal on Communications, 2021, 42(8): 130-138.
[13]	Jiachen SUN, Jinlong WANG, Guoru DING, Jin CHEN, Yuping GONG. Spectrum knowledge graph: an intelligent engine facing future spectrum management [J]. Journal on Communications, 2021, 42(5): 1-12.
[14]	Jinkang ZHU, Mingyang CHAI, Wuyang ZHOU. Three-three-three network architecture and learning optimization mechanism for B5G/6G [J]. Journal on Communications, 2021, 42(4): 62-75.
[15]	Xiaojuan ZHAO, Yan JIA, Aiping LI, Kai CHEN. Research on link prediction model based on hierarchical attention mechanism [J]. Journal on Communications, 2021, 42(3): 36-44.

x	[ ]Sx	x	[ ]Sx
0	C	8	3
1	5	9	E
2	6	A	F
3	B	B	8
4	9	C	4
5	0	D	7
6	A	E	1
7	D	F	2