对加掩加密算法的盲掩码模板攻击

doi:10.11959/j.issn.1000-436x.2019007

Abstract

Abstract:

Masking is a countermeasure against differential power analysis (DPA) attacks on cryptographic devices by using random masks to randomize the leaked power of sensitive information.Template attacks (TA) against cryptographic devices with masking countermeasure by far require attackers have knowledge of masks at the profiling phase.This requirement not only increase the prerequisite of template attacking,but also lead to some sort of difference between the experimental encryption codes of the profiling device and the codes of commercial cryptographic devices,which might degrade performance in real world attacking.Blind mask template attack directly learns templates for the combination of no mask intermediate values without the need of knowing the masks of training power traces,and then uses these templates to attack masked cryptographic devices.Both traditional Gaussian distribution and neural network were adopted as the templates in experiments.Experimental results verified the feasibility of this new approach.The success rate of neural network based blind mask template attacking against masked cryptographic devices is very close to that of traditional template attacks against cryptographic devices without masking countermeasure.

Key words: side channel attack, template attack, blind mask template attack, masking countermeasure, neural network

CLC Number:

TP309.1

Yi WANG,Zhen WU,Bing LIN. Blind mask template attacks on masked cryptographic algorithm[J]. Journal on Communications, 2019, 40(1): 1-14.

Figures/Tables 13

References 43

[1]	杜之波, 吴震, 王敏 ,等. 针对SM4轮输出的改进型选择明文功耗分析攻击[J]. 通信学报, 2015,36(10): 85-91.
	DU Z B , WU Z , WANG M ,et al. Improved chosen-plaintext power analysis attack against SM4 at the round-output[J]. Journal on Communications, 2015,36(10): 85-91.
[2]	吴震, 王敏, 饶金涛 ,等. 针对基于SM3的HMAC的能量分析攻击方法[J]. 通信学报, 2016,37(5): 38-43.
	WU Z , WANG M , RAO J T ,et al. Mutual information power analysis attack of HMAC based on SM3[J]. Journal on Communications, 2016,37(5): 38-43.
[3]	杜之波, 吴震, 王敏 ,等. 基于SM3的动态令牌的能量分析攻击方法[J]. 通信学报, 2017,38(3): 65-72.
	DU Z B , WU Z , WANG M ,et al. Power analysis attack of dynamic password token based on SM3[J]. Journal on Communications, 2017,38(3): 65-72.
[4]	王敏, 吴震, 饶金涛 ,等. 针对密码芯片频域互信息能量分析攻击[J]. 通信学报, 2015,36(s1): 131-135.
	WANG M , WU Z , RAO J T ,et al. Mutual information power analysis attack in the frequency domain of the crypto chip[J]. Journal on Communications, 2015,36(s1): 131-135.
[5]	KOCHER P C . Timing attacks on implementations of Diffie-Hellman,RSA,DSS,and other systems[C]// Annual International Cryptology Conference. 1996: 104-113.
[6]	KOCHER P , . Differential power analysis and related attacks[C]// Annual International Cryptology Conference. 1999: 388-397.
[7]	MANGARD S , OSWALD E , POPP T . Power analysis attacks:revealing the secrets of smart cards[M]. Springer Science ＆ Business Media. 2008.
[8]	BATINA L , GIERLICHS B , LEMKE-RUST K . Differential cluster analysis[C]// International Workshop on Cryptographic Hardware ＆Embedded Systems. 2009.
[9]	BRIER E , CLAVIER C , OLIVIER F . Correlation power analysis with a leakage model[C]// Cryptographic Hardware and Embedded Systems - CHES 2004:6th International Workshop Cambridge. 2004.
[10]	GIERLICHS B , BATINA L , TUYLS P ,et al. Mutual Information Analysis[C]// Proceeding Sof the International Workshop on Cryptographic Hardware ＆ Embedded Systems. 2008.
[11]	CHARI S , RAO J R , ROHATGI P . Template attacks[M]// Cryptographic Hardware and Embedded Systems - CHES 2002. Springer Berlin Heidelberg, 2002.
[12]	SCHINDLER W , LEMKE K , PAAR C . A stochastic model for differential side channel cryptanalysis[M]// Cryptographic Hardware and Embedded Systems-CHES 2005, 2005: 30-46.
[13]	刘飚, 孙莹 . 基于公共协方差矩阵的实用模板攻击[J]. 计算机应用研究, 2016(1): 236-239.
	LIU B , SUN Y . Practical template attacks based on pooled covariance matrix[J]. Application Research of Computers, 2016(1): 236-239.
[14]	崔琦, 王思翔, 段晓毅 ,等. 一种AES算法的快速模板攻击方法[J]. 计算机应用研究, 2017,34(6): 1801-1804.
	CUI Q , WANG S X , DUAN X Y ,et al. Fast tempolate DPA attack against AES algorithm[J]. Application Research of Computers, 2017,34(6): 1801-1804.
[15]	CHOUDARY O , KUHN M G . Efficient Template Attacks[M]// Smart Card Research and Advanced Application Conference-CARDIS. Springer, 2013: 253-270.
[16]	杜之波, 孙元华, 王燚 . 针对AES密码算法的多点联合能量分析攻击[J]. 通信学报, 2016(s1): 78-84.
	DU Z B , SUN Y H , WANG Y . Multi-point joint power analysis attack against AES[J]. Journal on Communications, 2016(s1): 78-84
[17]	王小娟, 郭世泽, 赵新杰 ,等. 基于功耗预处理优化的LED密码模板攻击研究[J]. 通信学报, 2014(3): 157-167.
	WANG X J , GUO S Z , ZHAO X J ,et al. Research of power preprocessing optimization-based template attack on LED[J]. Journal on Communications, 2014(3): 157-167.
[18]	ARCHAMBEAU C , PEETERS E , STANDAERT F X ,et al. Template attacks in principal subspaces[M]// Cryptographic Hardware and Embedded Systems-CHES 2006. Springer, 2006: 1-14.
[19]	王红胜, 徐子言, 张阳 ,等. 基于模板的光辐射分析攻击[J]. 计算机应用研究, 2017,34(7): 2151-2154.
	WANG H S , XU Z Y , ZHANG Y ,et al. Template based phtonic emission attacks[J]. Application Research of Computers, 2017,34(7): 2151-2154.
[20]	PICEK S , HEUSER A , GUILLEY S . Template attack versus Bayes classifier[J]. Journal of Cryptographic Engineering, 2017,7(2): 1-9.
[21]	BARTKEWITZ T,LEMKE-RUST K . Efficient template attacks based on probabilistic multi-class support vector machines[M]. Springer, 2013.
[22]	HEUSER A , ZOHNER M . Intelligent machine homicide[M]// Constructive Side-Channel Analysis and Secure Design. Springer, 2012: 249-264.
[23]	MARTINASEK Z , ZEMAN V . Innovative method of the power analysis[J]. Radioengineering, 2013,22(2): 586-594.
[24]	MARTINASEK Z , HAJNY J , MALINA L . Optimization of power analysis using neural network[C]// International Conference on Smart Card Research and Advanced Applications, 2013: 94-107.
[25]	SCHRAMM K , PAAR C . Higher order masking of the AES[M]// Topics in cryptology-CT-RSA 2006. Springer, 2006: 208-225.
[26]	MESSERGES T , . Using second-order power analysis to attack DPA resistant software[C]// Cryptographic Hardware and Embedded Systems—CHES 2000, 2000: 27-78.
[27]	JOYE M , PAILLIER P , SCHOENMAKERS B . On second-order differential power analysis[M]// Cryptographic Hardware and Embedded Systems-CHES 2005. Springer, 2005: 293-308.
[28]	BELGARRIC P , BHASIN S , BRUNEAU N ,et al. Time-frequency analysis for second-order attacks[M]// Smart Card Research and Advanced Applications. Springer, 2014: 108-122.
[29]	OSWALD E , MANGARD S . Template attacks on masking— resistance is futile[M]. Topics in Cryptology-CT-RSA 2007. Springer, 2006: 243-256.
[30]	LEMKE-RUST K , PAAR C . Gaussian mixture models for higher-order side channel analysis[C]// Cryptographic Hardware and Embedded Systems-CHES 2007. 2007: 14-27.
[31]	LERMAN L , BONTEMPI G , MARKOWITCH O . A machine learning approach against a masked AES[J]. Journal of Cryptographic Engineering, 2015,5(2): 123-139.
[32]	GILMORE R . Neural network based attack on a masked implementation of AES[J]. Hardware Oriented Security and Trust, 2015(6): 5.
[33]	CORON J S , PROUFF E , RIVAIN M . Side channel cryptanalysis of a higher order masking scheme[M]. Springer, 2007.
[34]	HOSPODAR G , MULDER E , GIERLICHS B ,et al. Least squares support vector machines for side-channel analysis[J]. Center for Advanced Security Research Darmstadt, 2011: 99-104.
[35]	LERMAN L , BONTEMPI G , MARKOWITCH O . Side channel attack:an approach based on machine learning[J]. Center for Advanced Security Research Darmstadt, 2011: 29-41.
[36]	LERMAN L , POUSSIER R , BONTEMPI G ,et al. Template attacks vs.machine learning revisited[C]// Constructive Side Channel Analysis and Secure Design COSADE 2015. 2015: 20-33.
[37]	NASSAR M , SOUISSI Y , GUILLEY S ,et al. RSM:A small and fast countermeasure for AES,secure against 1st and 2nd-order zero-offset SCAs[C]// Design,Automation ＆ Test in Europe Conference ＆ Exhibition. 2012: 1173-1178.
[38]	PROUFF E , RIVAIN M , BEVAN R . Statistical analysis of second order differential power analysis[J]. IEEE Transactions on computers, 2009,58(6): 799-811.
[39]	DREXLER H B R M , PULKUS J . Improved template attacks[C]// The Constructive Side-Channel Analysis and Secure Design-First International Workshop. 2010: 4-5.
[40]	BHASIN S , DANGER J L , GUILLEY S ,et al. NICV：normalized inter-class variance for detection of side-channel leakage[C]// Electromagnetic Compatibility. 2014: 310-313.
[41]	STANDAERT F X , ARCHAMBEAU C . Using subspace-based template attacks to compare and combine power and electromagnetic information leakages[M]// Cryptographic Hardware and Embedded Systems-CHES 2008. Springer, 2008: 411-425.
[42]	GIERLICHS B . Signal theoretial methods in differential side channel cryptanalysis[D]. Nordrhein-Westfalen:Ruhr-University Bochum, 2005-2006.
[43]	STANDAERT F X , MALKIN T G , YUNG M . A unified framework for the analysis of side-channel key recovery attacks[M]// Advances in Cryptology-EUROCRYPT 2009. Springer, 2009: 443-461.

Metrics

Recommended 0

No Suggested Reading articles found!

Blind mask template attacks on masked cryptographic algorithm

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 13

References 43

Related Articles 15

Metrics

Recommended 0

[1]	Jinyin CHEN, Haiyang XIONG, Haonan MA, Yayu ZHENG. CLB-Defense: based on contrastive learning defense for graph neural network against backdoor attack [J]. Journal on Communications, 2023, 44(4): 154-166.
[2]	Jianfeng LI, Zheyu LIU, Yang RONG, Zhan LI, Bolin LIAO, Linxi QU, Zhijie LIU, Kunhuang LIN. Zeroing neural network for time-varying convex quadratic programming with linear noise [J]. Journal on Communications, 2023, 44(4): 226-233.
[3]	Yun LIN, Huaitao XU, Sen WANG, Sicheng ZHANG, Long ZHUANG. Objective assessment of communication speech interference effect based on feature fusion [J]. Journal on Communications, 2023, 44(3): 105-116.
[4]	Hongyu YANG, Haiyun YANG, Liang ZHANG, Xiang CHENG. Feature dependence graph based source code loophole detection method [J]. Journal on Communications, 2023, 44(1): 103-117.
[5]	Shiwen HE, Jun YUAN, Zhenyu AN, Min ZHANG, Yongming HUANG, Yaoxue ZHANG. GNN-based optimization algorithm for joint user scheduling and beamforming [J]. Journal on Communications, 2022, 43(7): 73-84.
[6]	Tao LENG, Lijun CAI, Aimin YU, Ziyuan ZHU, Jian’gang MA, Chaofei LI, Ruicheng NIU, Dan MENG. Review of threat discovery and forensic analysis based on system provenance graph [J]. Journal on Communications, 2022, 43(7): 172-188.
[7]	Yurong LIAO, Haining WANG, Cunbao LIN, Yang LI, Yuqiang FANG, Shuyan NI. Research progress of deep learning-based object detection of optical remote sensing image [J]. Journal on Communications, 2022, 43(5): 190-203.
[8]	Fan ZHANG, Yun HUANG, Zizhuo FANG, Wei GUO. Lost-minimum post-training parameter quantization method for convolutional neural network [J]. Journal on Communications, 2022, 43(4): 114-122.
[9]	Zhengyu ZHU, Gengwang HOU, Chongwen HUANG, Gangcan SUN, Wanming HAO, Jing LIANG. Systems resource allocation algorithm for RIS-assisted D2D secure communication based on parallel CNN [J]. Journal on Communications, 2022, 43(3): 172-179.
[10]	Junyan HUO, Danni WANG, Yanzhuo MA, Shuai WAN, Fuzheng YANG. Efficient cross-component prediction for H.266/VVC based on lightweight fully connected networks [J]. Journal on Communications, 2022, 43(2): 143-155.
[11]	Hua LONG, Zhangheng HUANG, Yubin SHAO, Qingzhi DU, Shumeng SU. Research on language recognition algorithm based on improved CFCC feature extraction [J]. Journal on Communications, 2022, 43(12): 211-221.
[12]	Zhengyu ZHU, Pengfei CHEN, Zixuan WANG, Kexian GONG, Di WU, Zhongyong WANG. Short wave protocol signals recognition based on Swin-Transformer [J]. Journal on Communications, 2022, 43(11): 127-135.
[13]	Jinbo XIONG, Yongjie ZHOU, Renwan BI, Liang WAN, Youliang TIAN. Towards edge-collaborative, lightweight and privacy-preserving classification framework [J]. Journal on Communications, 2022, 43(1): 127-137.
[14]	Yiteng WU, Wei LIU, Hongtao YU. Label flipping adversarial attack on graph neural network [J]. Journal on Communications, 2021, 42(9): 65-74.
[15]	Changyin SUN, Liyan LIU, Fan JIANG, Jing JIANG. DNN-based Sub-6 GHz assisted millimeter wave network power allocation algorithm [J]. Journal on Communications, 2021, 42(9): 184-193.