基于隨機(jī)加法鏈的高級(jí)加密標(biāo)準(zhǔn)抗側(cè)信道攻擊對(duì)策

黃海; 馮新新; 劉紅雨; 厚嬌; 趙玉迎; 尹莉莉; 姜久興

doi:10.11999/JEIT171211

基于隨機(jī)加法鏈的高級(jí)加密標(biāo)準(zhǔn)抗側(cè)信道攻擊對(duì)策

doi: 10.11999/JEIT171211

1.
哈爾濱理工大學(xué)軟件與微電子學(xué)院 ??哈爾濱 ??150080
2.
哈爾濱理工大學(xué)計(jì)算機(jī)科學(xué)與技術(shù)學(xué)院 ??哈爾濱 ??150080
3.
哈爾濱理工大學(xué)理學(xué)院 ??哈爾濱 ??150080

基金項(xiàng)目: 國(guó)家自然科學(xué)基金(61604050, 51672062)

詳細(xì)信息

作者簡(jiǎn)介:
黃海：男，1982年生，副教授，碩士生導(dǎo)師，研究方向?yàn)樾畔踩?、?shù)字信號(hào)處理及VLSI集成電路設(shè)計(jì)

馮新新：男，1991年生，碩士生，研究方向?yàn)橛?jì)算機(jī)網(wǎng)絡(luò)與信息安全

劉紅雨：男，1993年生，碩士生，研究方向?yàn)閿?shù)字信號(hào)處理

厚嬌：女，1988年生，碩士生，研究方向?yàn)橛?jì)算機(jī)網(wǎng)絡(luò)與信息安全

趙玉迎：女，1990年生，碩士生，研究方向?yàn)橛?jì)算機(jī)網(wǎng)絡(luò)與信息安全

尹莉莉：女，1986年生，博士生，講師，研究方向?yàn)閿?shù)字信號(hào)處理

姜久興：男，1963年生，教授，碩士生導(dǎo)師，研究方向?yàn)榧呻娐吩O(shè)計(jì)

通訊作者:
黃海　ic@hrbust.edu.cn

中圖分類(lèi)號(hào): TP309.7
計(jì)量
- 文章訪問(wèn)數(shù): 2066
- HTML全文瀏覽量: 758
- PDF下載量: 83
- 被引次數(shù): 0
出版歷程
- 收稿日期: 2017-12-21
- 修回日期: 2018-11-06
- 網(wǎng)絡(luò)出版日期: 2018-11-19
- 刊出日期: 2019-02-01

Random Addition-chain Based Countermeasure Against Side-channel Attack for Advanced Encryption Standard

1.
School of Software and Microelectronics, Harbin University of Science and Technology, Harbin 150080, China
2.
School of Computer Sciences and Technology, Harbin University of Science and Technology, Harbin 150080, China
3.
School of Sciences, Harbin University of Science and Technology, Harbin 150080, China

Funds: The National Natural Science Foundation of China (61604050, 51672062)

摘要

摘要:
側(cè)信道攻擊已經(jīng)對(duì)高級(jí)加密標(biāo)準(zhǔn)(AES)的硬件安全造成嚴(yán)重威脅，如何抵御側(cè)信道攻擊成為目前亟待解決的問(wèn)題。字節(jié)替換操作作為AES算法中唯一的非線性操作，提高其安全性對(duì)整個(gè)加密算法有重要意義。該文提出一種基于隨機(jī)加法鏈的AES抗側(cè)信道攻擊對(duì)策，該對(duì)策用隨機(jī)加法鏈代替之前固定的加法鏈來(lái)實(shí)現(xiàn)有限域GF(2⁸)上的乘法求逆操作，在此基礎(chǔ)上研究隨機(jī)加法鏈對(duì)算法安全性和有效性方面的影響。實(shí)驗(yàn)表明，所提隨機(jī)加法鏈算法比之前固定的加法鏈算法在抵御側(cè)信道攻擊上更加安全、有效。
- 高級(jí)加密標(biāo)準(zhǔn) /
- 側(cè)信道攻擊 /
- 字節(jié)替換 /
- 加法鏈
Abstract:
Side channel attacks have serious threat to the hardware security of Advanced Encryption Standard (AES), how to resist the side channel attack becomes an urgent problem. Byte substitution operation is the only nonlinear operation in AES algorithm, so it is very important for the whole encryption algorithm to improve its security. In this paper, a countermeasure against side-channel attack is proposed based on random addition-chain for AES by replacing the fixed addition-chain with random addition-chain to realize the inverse operation of multiplication in a finite field GF(2⁸). The impact of the random addition-chain on the security and effectiveness of the algorithm is studied. Experimental results show that the proposed random addition-chain based algorithm is more secure and effective than the previous fixed addition-chain based algorithms in defending against side channel attacks.
- Advanced Encryption Standard (AES) /
- Side channel attack /
- Byte substitution /
- Addition chains

HTML全文

圖 1 最短加法鏈問(wèn)題的狀態(tài)空間樹(shù)

下載: 全尺寸圖片幻燈片

圖 2 一輪的字節(jié)替換

下載: 全尺寸圖片幻燈片

圖 3 加密算法仿真結(jié)果

下載: 全尺寸圖片幻燈片

圖 4 亂序調(diào)用加法鏈的版圖

下載: 全尺寸圖片幻燈片

表 1 16條不同功耗特性的加法鏈

序號(hào)	加法鏈路徑
(1)	1→2→4→8→16→32→64→80→84→168→252→254
(2)	1→2→4→8→16→32→64→80→84→86→168→254
(3)	1→2→4→8→16→32→48→50→100→200→250→254
(4)	1→2→4→8→16→32→48→50→100→102→204→254
(5)	1→2→4→8→16→32→48→50→54→100→200→254
(6)	1→2→4→8→16→32→40→80→84→168→252→254
(7)	1→2→4→8→16→32→40→80→84→86→168→254
(8)	1→2→4→8→16→32→40→42→84→126→127→254
(9)	1→2→4→8→16→32→40→42→43→84→ 127→254
(10)	1→2→4→8→16→32→36→72→144→216→252→254
(11)	1→2→4→8→16→24→40→50→100→200→250→254
(12)	1→2→4→8→16→24→48→50→100→102→204→254
(13)	1→2→4→8→16→24→48→50→54→100→200→254
(14)	1→2→4→8→16→24→28→56→112→224→252→254
(15)	1→2→4→8→16→24→28→56→112→113→226→254
(16)	1→2→4→8→16→24→28→30→56→112→224→254

下載: 導(dǎo)出CSV

表 2 隨機(jī)數(shù)生成算法

　將包含1～16的數(shù)組完全打亂

　輸入：a[16]={1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16}

　輸出：1～16隨機(jī)排列后的數(shù)組

　(1)srand((unsigned)time(NULL))/*隨機(jī)數(shù)發(fā)生器的初始函數(shù)*/

　(2)int i,j,temp

　(3)for i from 16 to 1 do /*i 從16遞減到1 */

　(4)j=rand()%(i+1) /*生成0～i的隨機(jī)數(shù)*/

　(5)Temp=a[j] /*交換數(shù)組中第i+1個(gè)數(shù)和第j+1個(gè)數(shù)*/

　(6)a[j]=a[i]

　(7)a[i]=temp

　(8)end for

下載: 導(dǎo)出CSV

表 3 不同方案的不同模塊的面積比較

方案	組合面積(kGE)					非組合面積(kGE)	網(wǎng)絡(luò)互連面積(kGE)	總面積(kGE)
方案	字節(jié)替換	行移位	列混合	密鑰加	密鑰擴(kuò)展	非組合面積(kGE)	網(wǎng)絡(luò)互連面積(kGE)	總面積(kGE)
標(biāo)準(zhǔn)AES	1067	32	149	66	1190	854	46	3404
文獻(xiàn)[7]方案	2179	32	149	66	2328	675	26	5441
循環(huán)調(diào)用加法鏈	2162	32	149	66	2320	675	20	5424
亂序調(diào)用加法鏈	2165	32	149	66	2344	675	21	5452

下載: 導(dǎo)出CSV

參考文獻(xiàn)(21)

STANDAERT F X. Introduction to Side-channel Attacks[M]. Secure Integrated Circuits and Systems, Boston: Springer, 2010: 27–42.

CORON J S. Higher order masking of look-up tables[C]. 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Copenhagen, Denmark, 2014: 441–458.

劉國(guó)強(qiáng), 金晨輝. 一類(lèi)動(dòng)態(tài)S盒的構(gòu)造與差分性質(zhì)研究[J]. 電子與信息學(xué)報(bào), 2014, 36(1): 74–81. doi: 10.3724/SP.J.1146.2013.00416

LIU Guoqiang and JIN Chenhui. Investigation on construction and differential property of a class of dynamic S-box[J]. Journal of Electronics &Information Technology, 2014, 36(1): 74–81. doi: 10.3724/SP.J.1146.2013.00416

臧鴻雁, 黃慧芳. 基于均勻化混沌系統(tǒng)生成S盒的算法研究[J]. 電子與信息學(xué)報(bào), 2017, 39(3): 575–581. doi: 10.11999/JEIT160535

ZANG Hongyan and HUANG Huifang. Research on algorithm of generating S-box based on uniform chaotic system[J]. Journal of Electronics &Information Technology, 2017, 39(3): 575–581. doi: 10.11999/JEIT160535

鐘衛(wèi)東, 孟慶全, 張帥偉, 等. 基于秘密共享的AES的S盒實(shí)現(xiàn)與優(yōu)化[J]. 工程科學(xué)與技術(shù), 2017, 49(1): 191–196. doi: 10.15961/j.jsuese.2017.01.025

ZHONG Weidong, MENG Qingquan, ZHANG Shuaiwei, et al. Implementation and optimization of S-box on AES based on secret sharing[J]. Advanced Engineering Sciences, 2017, 49(1): 191–196. doi: 10.15961/j.jsuese.2017.01.025

張偉, 高俊雄, 王耕波, 等. 一種優(yōu)化的AES算法及其FPGA實(shí)現(xiàn)[J]. 計(jì)算機(jī)與數(shù)字工程, 2017, 45(1): 502–505. doi: 10.3969/j.issn.1672-9722.2017.03.020

ZHANG Wei, GAO Junxiong, WANG Yunbo, et al. An optimized AES algorithm and its FPGA implementation[J]. Computer &Digital Engineering, 2017, 45(1): 502–505. doi: 10.3969/j.issn.1672-9722.2017.03.020

RIVAIN M and PROUFF E. Provably secure higher-order masking of AES[C]. Cryptographic Hardware and Embedded Systems, Santa Barbara, USA, 2010: 413–427.

CARLET C, GOUBIN L, PROUFF E, et al. Higher-order masking schemes for s-boxes[C]. International Conference on FAST Software Encryption, Washington, DC, USA, 2012: 366–384.

ROY A and VIVEK S. Analysis and improvement of the generic higher-order masking scheme of FSE 2012[C]. Cryptographic Hardware and Embedded Systems-CHES 2013, Santa Barbara, USA, 2013: 417–434.

CORON J S, PROUFF E, RIVAIN M, et al. Higher-order side channel security and mask refreshing[C]. International Workshop on Fast Software Encryption 2013, Singapore, 2013: 410–424.

王曉東. 最短加法鏈算法[J]. 小型微型計(jì)算機(jī)系統(tǒng), 2001, 22(10): 1250–1253. doi: 10.3969/j.issn.1000-1220.2001.10.026

WANG Xiaodong. Shortest addition chain algorithm[J]. Mini-Micro System, 2001, 22(10): 1250–1253. doi: 10.3969/j.issn.1000-1220.2001.10.026

劉艷萍, 李秋慧. AES算法的研究與其密鑰擴(kuò)展算法改進(jìn)[J]. 現(xiàn)代電子技術(shù), 2016, 39(10): 5–8. doi: 10.16652/j.issn.1004-373x.2016.10.002

LIU Yanping and LI Qiuhui. Analysis of AES algorithm and its key extension algorithm improvement[J]. Modern Electronics Technique, 2016, 39(10): 5–8. doi: 10.16652/j.issn.1004-373x.2016.10.002

OSWALD E, MANGARD S, PRAMSTALLER N, et al. A side-channel analysis resistant description of the AES S-box[C]. International Workshop on Fast Software Encryption 2005, Paris, France, 2005: 413–423.

夏克維, 李冰. AES算法中S-box和列混合單元的優(yōu)化及FPGA實(shí)現(xiàn)[J]. 現(xiàn)代電子技術(shù), 2009, 32(24): 11–14. doi: 10.16652/j.issn.1004-373x.2009.24.029

XIA Kewei and LI Bing. Optimization of S-box and Mixcolumn blocks in AES encryption algorithm and FPGA implementation[J]. Modern Electronics Technique, 2009, 32(24): 11–14. doi: 10.16652/j.issn.1004-373x.2009.24.029

崔琦, 王思翔, 段曉毅, 等. 一種AES算法的快速模板攻擊方法[J]. 計(jì)算機(jī)應(yīng)用研究, 2017, 34(6): 1801–1804. doi: 10.3969/j.issn.1001-3695.2017.06.045

CUI Qi, WANG Sixiang, DUAN Xiaoyi, et al. Fast template DPA attack against AES algorithm[J]. Application Research of Computers, 2017, 34(6): 1801–1804. doi: 10.3969/j.issn.1001-3695.2017.06.045

王建新, 方華威, 段曉毅, 等. 基于滑動(dòng)平均的能量分析攻擊研究與實(shí)現(xiàn)[J]. 電子與信息學(xué)報(bào), 2017, 39(5): 1256–1260. doi: 10.11999/JEIT160637

WANG Jianxin, FANG Huawei, DUAN Xiaoyi, et al. Research and implementation of power analysis based on moving average[J]. Journal of Electronics &Information Technology, 2017, 39(5): 1256–1260. doi: 10.11999/JEIT160637

段曉毅, 王思翔, 崔琦, 等. 一種帶掩碼AES算法的高階差分功耗分析攻擊方案[J]. 計(jì)算機(jī)工程, 2017, 43(10): 120–125. doi: 10.3969/j.issn.1000-3428.2017.10.021

DUAN Xiaoyi, WANG Sixiang, CUI Qi, et al. A high-order differential power analysis attack scheme with masked AES algorithm[J]. Computer Engineering, 2017, 43(10): 120–125. doi: 10.3969/j.issn.1000-3428.2017.10.021

ISHAI Y, SAHAI A, and WAGNER D. Private circuits: Securing hardware against probing attacks[C]. CRYPTO 2003: Advances in Cryptology – CRYPTO, Santa Barbara, USA, 2003: 463–481.

ZHANG Xinmiao and PARHI K K. High-speed VLSI architectures for the AES algorithm[J]. IEEE Transactions on Very Large Scale Integration Systems, 2004, 12(9): 957–967. doi: 10.1109/TVLSI.2004.832943

JUNGK B, ST?TTINGER M, GAMPE J, et al. Side-channel resistant AES architecture utilizing randomized composite field representations[C]. International Conference on Field-Programmable Technology, Seoul, Korea, 2012: 125–128.

BONNECAZE A, LIARDET P, and VENELLI A. AES side-channel countermeasure using random tower field constructions[J]. Designs, Codes and Cryptography, 2013, 69(3): 331–349. doi: 10.1007/s10623-012-9670-x

相關(guān)文章

施引文獻(xiàn)

資源附件(0)

訪問(wèn)統(tǒng)計(jì)