ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2016, Vol. 53 ›› Issue (8): 1850-1856.doi: 10.7544/issn1000-1239.2016.20150052

• 信息安全 • 上一篇    下一篇

抗简单功耗攻击的SM2原子算法

韩晓薇,乌力吉,王蓓蓓,王安   

  1. (清华大学微电子学研究所 北京 100084) (hanxiaoweihxw@gmail.com)
  • 出版日期: 2016-08-01
  • 基金资助: 
    “核高基”国家科技重大专项基金项目(2014ZX01032205,2014ZX01032401-001-Z05);国家自然科学基金项目(61402252,61402536);信息保障技术重点实验室开放基金项目(KJ-14-006);北京理工大学青年教师学术启动计划项目

Atomic Algorithm Against Simple Power Attack of SM2

Han Xiaowei, Wu Liji, Wang Beibei,Wang An   

  1. (Institute of Microelectronics, Tsinghua University, Beijing 100084)
  • Online: 2016-08-01

摘要: SM2算法是中国国家密码管理局颁布的商用椭圆曲线公钥密码标准算法.传统密码算法通常存在安全漏洞,攻击者往往针对算法中的安全薄弱环节展开攻击,分析提取密钥,对密码系统和人们的财产安全构成很大威胁.功耗攻击是最常见的攻击方式,它具有较小密钥搜索空间及较高分析效率等诸多优点.功耗攻击利用密码算法运行过程中的功耗泄漏,采集功耗曲线分析恢复得到密钥.为有效抵抗功耗攻击,提高SM2算法安全性,参考国际椭圆曲线密码算法,将原子概念运用到SM2中,提出一种新型结构的原子算法.经理论分析,在运算量方面相比基本算法降低了27.4%,并且均低于已有的原子算法.经由SAKURA-G FPGA仿真验证结果表明,能够成功抵抗简单功耗攻击.

关键词: SM2算法, 密码系统, 功耗攻击, 椭圆曲线密码算法, 原子算法

Abstract: SM2 algorithms are commercial elliptic curve public-key algorithms, which are released by Chinese Cryptography Administration and similar to ECC. Traditional cryptographic algorithms always have security flaws. Attackers often attack on security weaknesses of algorithms and analyze the secret-key, which poses great threat to cryptographic systems and peoples property. There are various kinds of attacks, such as power attack, fault attack and electromagnetic attack. Among these attacks, power attack is the most traditional one, which has many advantages such as small secret-key searching space and high analysis efficiency. Usually, power attack utilizes the power leakage during operation processes of cryptographic algorithms, acquires power waves and retrieves the secret key. In order to resist power attack and enhance the security of SM2 algorithms, this article learns from elliptic curve cryptography algorithms, applies the atomic concept into SM2 and proposes a novel atomic algorithm. According to theoretical comparison between the proposed algorithm and other former algorithms, it shows that the proposed algorithm saves 27.4% of computation in comparison to double-and-add always algorithm. Besides, it has less computation amount than other atomic algorithms. Furthermore, implementation has been fulfilled on SAKURA-G FPGA board. Simulation results demonstrate that the proposed algorithm can resist simple power attack successfully.

Key words: SM2, cryptographic system, power attack, elliptic curve cryptographic algorithm, atomic algorithm

中图分类号: