侧信道攻击通用框架设计及应用

doi:10.3969/j.issn.1671-1122.2017.05.009

信息网络安全 ›› 2017, Vol. 17 ›› Issue (5): 57-62.doi: 10.3969/j.issn.1671-1122.2017.05.009

侧信道攻击通用框架设计及应用

王庆¹, 屠晨阳², shenjiahui@iie.ac.cn²

1.中国信息安全测评中心,北京 100085
2. 中国科学院信息工程研究所,北京 100093

收稿日期:2017-04-20 出版日期:2017-05-20 发布日期:2020-05-12
作者简介:
作者简介：王庆（1980—）,男,北京,助理研究员,硕士,主要研究方向为信息安全风险评估; 屠晨阳（1988—）,男,北京,助理研究员,博士,主要研究方向为信息安全;沈嘉荟（1989—）,女,辽宁,助理工程师,硕士,主要研究方向为网络与系统安全。
基金资助:
国家自然科学基金[U163620068];中科院战略合作专项[AQ-1708 AQ-1703]

Design and Application of General Framework for Side Channel Attack

Qing WANG¹, Chenyang TU², shenjiahui@iie.ac.cn²

1. China Information Technology Security Evaluation Center, Beijing 100085, China
2. Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China

Received:2017-04-20 Online:2017-05-20 Published:2020-05-12

摘要/Abstract

摘要：

目前,密码算法、模块、设备在设计生产时都增加了评估侧信道风险这一过程。侧信道攻击的对象主要分为无保护的密码算法/模块和有保护的密码算法/模块两大类,如果针对每种攻击对象单独设计攻击方案是费时费力的,所以,基于实际侧信道攻击基础理论,结合经典侧信道分析思路,文章提出一种通用型分析框架涵盖所有攻击流程。文章将实际侧信道攻击分为3个递进的步骤,分别是侧信道逻辑漏洞评估、侧信道信息采集以及侧信道分析优化,详细阐述各步骤的实现方法,并利用该框架对改进的低熵掩码与指令乱序的双重方案对被保护的软件进行攻击测试。实验结果表明该框架具备合理性和有效性,能应对绝大多数侧信道攻击。

关键词: 密码算法, 密码设备, 侧信道风险评估, 侧信道攻击, 通用型分析框架

Abstract:

At present, many cryptographic algorithms and cryptographic devices add the process of evaluating the risk of side channel when being designed. Side channel attack object is divided into two categories: unprotected cipher algorithm / module and protected cipher algorithm / module. If the attacks are designed separately for each attack object, it is time-consuming and laborious. Therefore, this paper proposes a new generalized analysis framework which can be applied to the vast majority of side channel attacks. Actual side channel attacks would be divided into three steps, the progressive side channel logic vulnerability assessment, side channel information collection, and side channel analysis optimization, in this paper, we detail the realization method of each step. Then, this framework covers all attacking processes and can be applied on the software which is protected by improved low entropy mask and out-of-order instructions. The experiment results verify the rationality and validity of the framework which adapts to most side channel attacks.

Key words: cryptographic algorithm, cipher device, side channel risk assessment, side channel attack, generalized analysis framework

中图分类号:

TP309

王庆, 屠晨阳, shenjiahui@iie.ac.cn. 侧信道攻击通用框架设计及应用[J]. 信息网络安全, 2017, 17(5): 57-62.

Qing WANG, Chenyang TU, shenjiahui@iie.ac.cn. Design and Application of General Framework for Side Channel Attack[J]. Netinfo Security, 2017, 17(5): 57-62.

图/表 4

参考文献 24

[1]	KOCHER P, JAFFE J, JUN B.Differential Power Analysis[C] // CRYPTO’99. Advances in Cryptology—CRYPTO’99, August 15-19, 1999,Santa Barbara, California, USA . Berlin, Heidelberg:Springer, 1999: 789-789.
[2]	KESLSEY J, SCHNEIER B, WAGNER D, et al.Side Channel Cryptanalysis of Product Ciphers[J]. European Symposium on Computer Security-esorics , 1998 , 8(23) :97-110.
[3]	AGRAWAL D, ARCHAMBEULT B, RAO J R, et al. The EM Side-Channel(s):Attacks and Assessment Methodologies[EB/OL].,2017-4-15.
[4]	LEMKE K, SCHRAMM K, PAAR C.DPA on n -Bit Sized Boolean and Arithmetic Operations and Its Application to IDEA, RC6, and the HMAC-Construction[J].Lecture Notes in Computer Science, 2004 , 3156(4) :205-219.
[5]	GANDOLFI K, MOURTEL C, OLIVIER F. Electromagnetic Analysis: Concrete Results[EB/OL]. .
[6]	HUTTER M, MANGARD S, FELDHOFER M.Power and EM Attacks on Passive 13.56MHz RFID Devices[C] // ACM. CHES ‘07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems ,September 10 - 13, 2007, Vienna, Austria. Berlin, Heidelberg:Springer, 2007: 320-333.
[7]	CORON J S. Resistance Against Differential Power Analysis For Elliptic Curve Cryptosystems[EB/OL]..
[8]	矢敏,叶伟伟,欧庆于.>不需双线性对的基于身份的认证密钥协商协议[J]. 信息网络安全,2016(10):21-27.
[9]	MANGARD S. A Simple Power-Analysis (SPA) Attack on Implementations of the AES Key Expansion[EB/OL]. .
[10]	FISCHER W, GAMMEL B M, KNIFFLER O, et al. Differential Power Analysis of Stream Ciphers[EB/OL]. .
[11]	YUAN K, GU D, GUO Z, et al.A Highly Efficient Correlation Power Analysis on PRINT Cipher[C] // CIS ‘12.2012 Eighth International Conference on Computational Intelligence and Security, November 17 - 18, 2012 ,Guangzhou, China.New York: IEEE, 2012: 442-446.
[12]	ZHANG J, GU D, GUO Z, et al.Differential Power Cryptanalysis Attacks Against PRESENT Implementation[C] // IEEE.Advanced Computer Theory and Engineering (ICACTE),August20-22,2010 ,Chengdu, China. New York:IEEE, 2010: 61-65.
[13]	EISENBARTH T, KASPER T, MORADI A, et al.On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoq Code Hopping Scheme[C] //Springer .Advances in Cryptology - CRYPTO 2008, August 17-21, 2008, Santa Barbara, California, USA. Berlin, Heidelberg:Springer, 2008: 203-220.
[14]	ZHOU Y, YU Y, STANDAERT F X, et al.On the Need of Physical Security for Small Embedded Devices: A Case Study with COMP128-1 Implementations in SIM Cards[C] // Springer .International Conference on Financial Cryptography and Data Security 2013, April 1-5, 2013,Okinawa, Japan. Berlin, Heidelberg:Springer, 2013, 230-238.
[15]	GENKIN D, PIPMAN I, TROMER E.Get Your Hands off My Laptop: Physical Side-channel Key-extraction Attacks on PCs[J]. Journal of Cryptographic Engineering, 2015, 5(2): 95-112.
[16]	黑客与极客.中国教授在BlackHat 现场演示破解SIM 卡AES-128 加密[EB/OL]. , 2015-8-8.
[17]	BIHAM E,SHAMIR A.Power Analysis of the Key Scheduling of the AES Candidates[EB/OL] .,2017-4-15.
[18]	GIERLICHS B, BATINA L, CLAVIER C, et al. Susceptibility of eSTREAM Candidates Towards Side Channel analysis[EB/OL]. 2017-4-15.
[19]	FIPS PUB 140-2.Security Requirements for Cryptographic Modules[EB/OL]..
[20]	YAMADA A.A Generalization of ISO/IEC 24761 to Enhance Remote Authentication with Trusted Product at Claimant[C] // Springer . 30th IFIP TC 11 International Conference, SEC 2015, May 26-28, 2015,Hamburg, Germany. Berlin, Heidelberg:Springer, 2015: 145-158.
[21]	GM/T 0028-2014 密码模块安全技术要求[S]M/T 0028-2014 密码模块安全技术要求[S].北京:中国电力出版社,2015.
[22]	GENKIN D, SHAMIR A, TROMER E.RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis[C] // CRYPTO 2014. 34th Annual Cryptology Conference, August 17-21, 2014 ,Santa Barbara, CA, USA. Berlin, Heidelberg:Springer, 2014: 444-461.
[23]	GENKIN D, PACHMANOV L, PIPMAN I, et al.Stealing Keys from PCs Using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation[C] //CHES 2015. Cryptographic Hardware and Embedded Systems 7th International Workshop, September 13-16, 2015, Saint-Malo, France. Berlin, Heidelberg:Springer,2015: 207-228.
[24]	DPA Contest. DPA Contest V4.2竞赛结果 [EB/OL]..

侧信道攻击通用框架设计及应用

Design and Application of General Framework for Side Channel Attack

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 4

参考文献 24

相关文章 10

编辑推荐

Metrics

本文评价

[1]	吴志红, 赵建宁, 朱元, 陆科. 国密算法和国际密码算法在车载单片机上应用的对比研究[J]. 信息网络安全, 2019, 19(8): 68-75.
[2]	张良峰, 汪毅, 吴源燚, 孔睿. 基于统计的浏览器指纹采集技术[J]. 信息网络安全, 2019, 19(11): 49-55.
[3]	邹翔, 陈兵. 基于国产密码算法的印章防伪技术研究[J]. 信息网络安全, 2019, 19(1): 76-82.
[4]	项川, 潘无穷, 黎火荣, 林璟锵. 支持商密算法TLS浏览器的设计与实现[J]. 信息网络安全, 2017, 17(4): 26-33.
[5]	贾徽徽, 王潮, 顾健, 陆臻. 基于Grover量子中间相遇搜索算法的ECC攻击错误bit的修正[J]. 信息网络安全, 2016, 16(6): 28-34.
[6]	陈宇航, 贾徽徽, 姜丽莹, 王潮. 基于Grover算法的ECC扫描式攻击[J]. 信息网络安全, 2016, 16(2): 28-32.
[7]	陈庆;杨磊. SSL协议应用中安全技术问题探究[J]. , 2012, 12(4): 0-0.
[8]	屠晨阳;荆继武;王雷;向继. HTTPS服务器密码算法测试工具设计与实现[J]. , 2011, 11(9): 0-0.
[9]	李继中;舒辉. 密码算法识别技术研究[J]. , 2011, 11(11): 0-0.
[10]	范永清. 密码学及其在现代通讯中的应用[J]. , 2009, 9(3): 0-0.