Built-in determined sub-key correlation power analysis
LI Jinliang1,YU Yu1,2,FU Rong2,LI Xiangxue1
1. Department of Computer Science and Technology, East China Normal University, Shanghai 200241, China;
2. Institute for Interdisciplinary Information Sciences, Tsinghua University, Beijing 100084, China
针对Komano等(KOMANO Y, SHIMIZU H, KAWAMURA S. BS-CPA: built-in determined sub-key correlation power analysis. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 2010,E93-A(9):1632-1638.)对dpacontest.org平台提供的数据进行研究后提出的内置确定性子密钥相关系数功耗分析(BS-CPA)方法进行分析,并从破解所需功耗数据和成功率方面将BS-CPA与差分功耗分析(DPA)、相关系数功耗分析(CPA)进行比较分析,发现BS-CPA虽然理论上方法可行,但远未达到其声称的效果,进而从密码设备加密过程中寄存器状态的变化与功耗值的关系来选取中间变量,通过去除噪声和错误峰值,找到与密钥最相关数据点来缩小攻击范围。对于相同数量功耗数据,部分点攻击与全部点攻击相比,完全破解64位密钥的成功率最大可以提高60%。实验结果表明改进后的模型攻击效率得到提升,达到同样成功率需要功耗数据少,攻击结果稳定。
To study the Built-in determined Sub-key Correlation Power Analysis (BS-CPA) proposed by Yuichi Komano et al.(KOMANO Y, SHIMIZU H, KAWAMURA S. BS-CPA: built-in determined sub-key correlation power analysis. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 2010,E93-A(9):1632-1638.) based on the data set of dpacontest.org, this paper compared the efficiency of Differential Power Analysis (DPA), Correlation Power Analysis (CPA) and BS-CPA from the number of power consumption trace and success rate, the result shows that although BS-CPA works out nicely in theory, it is far from the reaching of the efficiency claimed by the authors, and then the intermediate was chosen by the relationship between the statement of executed cryptographic device’s register and power consumption. Attack surface was narrowed by the reduction of noise and ghost peak, the most relative point was filtered out. Compared with the whole point attack, the biggest success rate of partial point attack can be increased by 60% to crack the 64 bit keys for the same number traces. The experiment results prove that the improved model is able to increase the efficiency and decrease the needed power consumption trace for the same success rate, and the result is stable.
李金良 郁昱 付荣 李祥学. 内置确定性子密钥相关系数功耗分析[J]. 计算机应用, 2014, 34(5): 1283-1287.
LI Jinliang YU Yu FU Rong LI Xiangxue. Built-in determined sub-key correlation power analysis. Journal of Computer Applications, 2014, 34(5): 1283-1287.
KOCHER P C, JAFFE J, JUN B. Differential power analysis [C]// CRYPTO '99: Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology. Berlin: Springer-Verlag, 1999:388-397.
[2]
QUISQUATER J J, SAMYDE D. ElectroMagnetic Analysis (EMA): measures and counter-measures for smart cards [C]// E-SMART '01: Proceedings of the International Conference on Research in Smart Cards: Smart Card Programming and Security. Berlin: Springer-Verlag, 2001:200-210.
[3]
BONNEAU J, MIRONOV I. Cache-collision timing attacks against AES [C]// CHES 2006: Proceedings of the 8th International Workshop on Cryptographic Hardware and Embedded Systems. Berlin: Springer-Verlag, 2006: 201-215.
International Association for Cryptologic Research. Cryptographic Hardware and Embedded Systems (CHES) [EB/OL]. [2013-08-09]. http://www.iacr.org/meetings/ches.
[6]
EISENBARTH T. Workshop on cryptographic hardware and embedded systems 2008(CHES 2008) [EB/OL]. [2013-08-09]. http://www.chesworkshop.org/.
[7]
BRIER E, CLAVIER C, OLIVIER F. Correlation power analysis with a leakage model [C]// CHES 2004: Proceedings of the 6th International Workshop on Cryptographic Hardware and Embedded Systems. Berlin: Springer-Verlag, 2004:16-29.
[8]
KOMANO Y, SHIMIZU H, KAWAMURA S. BS-CPA: built-in determined sub-key correlation power analysis [J]. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 2010,E93-A(9):1632-1638.
[9]
MANGARD S, OSWALD E, POPP T. Power analysis attacks: revealing the secrets of smart cards [M]. New York: Springer Publishing Company, 2010.
[10]
LE T H, CANOVAS C, CLDIRE J. An overview of side channel analysis attacks [C]// ASIACCS '08: Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security. New York: ACM, 2008:33-43.
[11]
MESSERGES T S, DABBISH E A, SLOAN R H. Examining smart-card security under the threat of power analysis attacks [J]. IEEE Transactions on Computers, 2002,51(5):541-552.
[12]
BEVAN R, KNUDSEN E. Ways to enhance differential power analysis [C]// Proceedings of the 5th International Conference. Berlin: Springer-Verlag, 2002:327-342.
[13]
LE T H, CLDIRE J, CANOVAS C, et al. A proposition for correlation power analysis enhancement [C]// CHES 2006: Proceedings of the 8th International Workshop on Cryptographic Hardware and Embedded Systems. Berlin: Springer-Verlag, 2006: 174-186.