Journal of Computer Applications ›› 2013, Vol. 33 ›› Issue (06): 1642-1645.DOI: 10.3724/SP.J.1087.2013.01642

• Information security • Previous Articles     Next Articles

Value-at-risk quantitative method about password chip under differential power analysis attacks

XU Kaiyong1,FANG Ming1,YANG Tianchi1,MENG Fanwei1,HUANG Huixin2   

  1. 1. Information Engineering University, Zhengzhou Henan 450004,China
    2. No.92762 Army of PLA,Xiamen Fujian 361008,China
  • Received:2012-12-17 Revised:2013-02-22 Online:2013-06-01 Published:2013-06-05
  • Contact: FANG Ming

差分功耗分析攻击下密码芯片风险的量化方法

徐开勇1,方明1,杨天池1,孟繁蔚1,黄惠新2   

  1. 1. 信息工程大学,郑州 450004
    2. 92762部队,福建 厦门 361008
  • 通讯作者: 方明
  • 作者简介:徐开勇(1963-),男,河南郑州人,研究员,主要研究方向:密码模块分析、信息安全系统工程;方明(1987-),男,辽宁沈阳人,硕士研究生,主要研究方向:密码模块分析、信息安全系统工程;杨天池(1978-),男,辽宁阜新人,讲师,博士,主要研究方向:密码模块分析、信息安全系统工程;孟繁蔚(1987-),男,北京人,硕士研究生,主要研究方向:密码模块分析、信息安全系统工程;黄惠新(1986-),男,辽宁抚顺人,助理工程师,硕士,主要研究方向:密码模块分析、信息安全系统工程。

Abstract: Based on the principle and characteristics of the Differential Power Analysis (DPA) attack, the kernel function was used to estimate the probability distribution density of the leakage of power consumption in the password chip work process. By calculating the mutual information between the attack model and the power leakage, when the guessed key was correct, this paper quantified the risk value of the password chip in the face of DPA attacks. The experiments show that the risk quantification method can be a good estimate of the correlation degree between the attack model and power leakage when the guessed key is correct and then provides important indicators to complete password chip risk evaluation.

Key words: Differential Power Analysis (DPA) attack, value-at-risk quantification, kernel function, mutual information entropy, password chip

摘要: 针对差分功耗分析(DPA)攻击的原理及特点,利用核函数估算密码芯片工作过程中功耗泄漏量的概率分布密度,通过计算密钥猜测正确时攻击模型与功耗泄漏量之间的互信息熵,将密码芯片在面对DPA攻击时所承受的风险进行了量化。实验表明,该风险量化方法能够很好地估算出密钥猜测正确时攻击模型与功耗泄漏量之间的相关度,并为完整的密码芯片风险分析提供重要指标。

关键词: 差分功耗分析攻击, 风险值量化, 核函数, 互信息熵, 密码芯片

CLC Number: