高级检索

    一种基于最大偏差的AES功耗分析攻击方法

    Power Analysis Attacks Against AES Based on Maximal Bias Signal

    • 摘要: 针对高级加密标准(AES)密码算法的电路实现,提出了一种改进的功耗攻击方法.该方法的基本思想是选取2次不同明文输入下的汉明重量差为改进功耗模型,通过选择明文能够最大可能性地增大功耗偏差,从而恢复出密钥.采用UMC 0.25μm 1.8v标准CMOS工艺库,利用Synopsys公司的EDA工具得到AES电路加密过程的功耗仿真曲线,建立起功耗攻击平台,并在此平台上进行多种功耗攻击方法的分析和比较.实验结果表明,与普通的差分功耗分析(DPA)和相关功耗分析(CPA)攻击方法比较,提出的改进攻击方法能够以适当的功耗测量次数,以及更小的计算复杂度实现DPA攻击.

       

      Abstract: Any circuit implementation of a cryptographic system might cause power leakages to reveal more information about the processed secret. A new way is proposed to enhance power analysis attacks on AES circuit implementations. The proposed method adopts Hamming difference of intermediate results as power model and arranges plaintext inputs to maximize the difference of power traces in order to retrieve the key value. Using UMC 0.25μm 1.8v technology library and Synopsys EDA tools, a simulation-based power acquisition environment is set up. On the simulation-based platform, various power attacks are conducted on AES circuit implementation. As the partitioning criterions of single-bit and multi-bit differential power analysis (DPA) are usually abstract and simple, these two DPA methods can not retrieve any useful information even with 6000 power measurements. Although the correlation power analysis (CPA) attack can extract the right subkey based on 4000 power measurements, its computational complexity sometimes exhibits a bottle-neck. Experimental results show that the proposed method improves the success rate effectively using acceptable power measurements. Furthermore, the proposed DPA traces can be built through simple summing and subtracting operations instead of complex statistic techniques. Therefore, compared with the original DPA and CPA attacks, the presented DPA approach excels them in both effectiveness and computation requirements.

       

    /

    返回文章
    返回