基于秘密共享的LBlock的S盒防御方案

doi:10.3969/j.issn.1671-1122.2021.07.010

信息网络安全 ›› 2021, Vol. 21 ›› Issue (7): 80-86.doi: 10.3969/j.issn.1671-1122.2021.07.010

基于秘密共享的LBlock的S盒防御方案

陈柏沩¹^,², 夏璇¹, 钟卫东¹^,²(), 吴立强¹

1.武警工程大学密码工程学院,西安710086
2.网络与信息安全武警部队重点实验室,西安 710086

收稿日期:2021-01-12 出版日期:2021-07-10 发布日期:2021-07-23
通讯作者: 钟卫东 E-mail:wdesat@163.com
作者简介:陈柏沩（1997—）,男,江苏,硕士研究生,主要研究方向为侧信道攻击与防御|夏璇（1998—）,男,湖南,硕士研究生,主要研究方向为侧信道攻击与防御|钟卫东（1970—）,男,河北,教授,博士,主要研究方向为信息安全|吴立强（1987—）,男,陕西,讲师,硕士,主要研究方向为信息安全
基金资助:
国家重点研发计划(2017YFB0802000);武警工程大学基础基金(WJY201914)

The Defense Scheme of S-box on LBlock Based on Secret Sharing

CHEN Bowei¹^,², XIA Xuan¹, ZHONG Weidong¹^,²(), WU Liqiang¹

1. College of Cryptographic Engineering, Engineering University of PAP, Xi’an 710086, China
2. Network and Information Security Key Laboratory of PAP, Xi’an 710086, Chin

Received:2021-01-12 Online:2021-07-10 Published:2021-07-23
Contact: ZHONG Weidong E-mail:wdesat@163.com

摘要/Abstract

摘要：

针对LBlock算法在侧信道攻击前脆弱的问题,文章提出一种可以抵抗一阶和二阶差分功耗攻击（Differential Power Analysis,DPA）的门限防护方案。该方案以秘密共享原理为基础理论,并且在算法进行运算时采用了复合域的概念,将算法的运算域由GF(2⁴)转移到GF(2²)上,减少硬件消耗的同时,又提高了算法的安全性。在乘法器分组中采用虚拟值方法,以保证满足门限方案的均匀性,并在反相器中引入分解法,以保证各信息分组相关独立且线性无关。分析验证表明,方案满足门限方案所需要的各项性质,并且可以抵御一阶、二阶DPA攻击。所有的信息分组都是独立且无联系的,所以该方案对于glitch攻击也具有相应的防护能力,具有较好的实用性。

关键词: 秘密共享, DPA攻击, 防御方案, glitch攻击, S盒

Abstract:

Aiming at the problem that the LBlock algorithm is very fragile before side-channel attacks, the article proposes a threshold protection scheme that can resist first-order and second-order Differential Power Analysis (DPA). This scheme is based on the principle of secret sharing, and adopts the concept of compound domain when the algorithm is operated, and transfers the operation domain of the algorithm from GF(2⁴) to GF(2²). While reducing hardware consumption, it also improves the security of the algorithm. The virtual value method is used in the multiplier grouping to ensure the uniformity of the threshold scheme, and the decomposition method is introduced in the inverter to ensure that each information group is independent and linearly independent. Through analysis and verification, the scheme satisfies all the properties required by the threshold scheme and can resist first-order and second-order DPA attacks. Because all information groups are independent and unrelated, the solution also has corresponding protection against glitch attacks and has good practicability.

Key words: secret sharing, DPA attacks, defense scheme, glitch attack, S-box

中图分类号:

TP309

陈柏沩, 夏璇, 钟卫东, 吴立强. 基于秘密共享的LBlock的S盒防御方案[J]. 信息网络安全, 2021, 21(7): 80-86.

CHEN Bowei, XIA Xuan, ZHONG Weidong, WU Liqiang. The Defense Scheme of S-box on LBlock Based on Secret Sharing[J]. Netinfo Security, 2021, 21(7): 80-86.

图/表 9

图1

表1

图2

图3

图4

图5

图6

图7

图8

参考文献 16

[1]	BOGDANOV A, KNUDSEN L R, LEANDER G, et al. PRESENT: An Ultra-lightweight Block Cipher[EB/OL]. http://link.springer.com/10.1007/978-3-540-74735-2_31, 2020-07-22.
[2]	GUO J, PEYRIN T, POSCHMANN A, et al. The LED Block Cipher[EB/OL]. http://link.springer.com/10.1007/978-3-642-23951-9_22, 2020-07-22.
[3]	WU Wenling, ZHANG Lei. LBlock: A Lightweight Block Cipher[EB/OL]. http://link.springer.com/10.1007/978-3-642-21554-4_19, 2020-09-25.
[4]	SHIBUTANI K, ISOBE T, HIWATARI H, et al. Piccolo: An Ultra-Lightweight Blockcipher[EB/OL]. http://link.springer.com/10.1007/978-3-642-23951-9_23. 2011/June 22, 2021, 2020-12-06.
[5]	KOCHER P C. Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems[EB/OL]. http://link.springer.com/10.1007/3-540-68697-5_9, 2020-12-06.
[6]	LI Wei, WU Yixin, GU Dawu, et al. Analysis of Ciphertext-only Failure of LBlock Lightweight Cryptographic Algorithm[J]. Journal of Computer Research and Development, 2018, 55(10):2174-2184.
	李玮, 吴益鑫, 谷大武, 等. LBlock轻量级密码算法的唯密文故障分析[J]. 计算机研究与发展, 2018, 55(10):2174-2184.
[7]	WU Yixin. Research on Ciphertext Failure Analysis of Lightweight Block Cipher[D]. Shanghai: Donghua University, 2019.
	吴益鑫. 轻量级分组密码的唯密文故障分析研究[D]. 上海:东华大学, 2019.
[8]	KOCHER P, JAFFE J, JUN B. Differential Power Analysis[C]// Springer. International Cryptology Conference on Advances in Cryptology, October 17-19, 1999, Berlin. Berlin: Springer, 1999: 388-397.
[9]	Zheng Shuyu. Research on DPA Attack and Protection of AES Encryption Algorithm Based on SOC Chip[D]. Shenyang: Liaoning University, 2020.
	郑树宇. 基于SOC芯片的AES加密算法的DPA攻击与防护研究[D]. 沈阳:辽宁大学, 2020.
[10]	NIKOVA S, RECHBERGER C, RIJMEN V. Threshold Implementations Against Side-channel Attacks and Glitches[EB/OL]. http://link.springer.com/10.1007/11935308_38, 2021-01-05.
[11]	NIKOVA S, RIJMEN V, SCHLAFFER M. Secure Hardware Implementation of Nonlinear Functions in the Presence of Glitches[J]. Journal of Cryptology, 2011, 24(2):292-321. doi: 10.1007/s00145-010-9085-7 URL
[12]	AKKAR ML, GIRAUD C. An Implementation of DES and AES, Secure against Some Attacks[EB/OL]. http://link.springer.com/10.1007/3-540-44709-1_26, 2021-01-05.
[13]	LIANG Hao, WU Liji, ZHANG Xiangmin, et al. Design of a Masked S-box for SM4 Based on Composite Field.[EB/OL]. https://ieeexplore.ieee.org/abstract/document/7016923, 2021-01-05
[14]	UENO R, HOMMA N, AOKI T. A Systematic Design of Tamper-resistant Galois-field Arithmetic Circuits Based on Threshold Implementation with(d+1) Input Shares[EB/OL]. https://ieeexplore.ieee.org/abstract/document/7964980, 2021-01-05.
[15]	ZHONG Weidong, MENG Qingquan, ZHANG Shuaiwei, et al. Implementation and Optimization of S-box Based on Secret Sharing AES[J]. Engineering Science and Technology, 2017, 49(1):191-196.
	钟卫东, 孟庆全, 张帅伟, 等. 基于秘密共享的AES的S盒实现与优化[J]. 工程科学与技术, 2017, 49(1):191-196.
[16]	BILGIN B, NIKOVA S, NIKOV V, et al. Threshold Implementations of Small S-boxes[J]. Cryptography and Communications, 2015, 7(1):3-33. doi: 10.1007/s12095-014-0104-7 URL

S₀	E	9	F	0	D	4	A	B	1	2	8	3	7	6	C	5
S₁	4	B	E	9	F	D	0	A	7	C	5	6	2	8	1	3
S₂	1	E	7	C	F	D	0	6	B	5	9	3	2	4	8	A
S₃	7	6	8	B	0	F	3	E	9	A	C	D	5	2	4	1
S₄	E	5	F	0	7	2	C	D	1	8	4	9	B	A	6	3
S₅	2	D	B	C	F	E	0	9	7	A	6	3	1	8	4	5
S₆	B	9	4	E	0	F	A	D	6	C	5	7	3	8	1	2
S₇	D	A	F	0	E	4	9	B	2	1	8	3	7	5	C	6
S₈	8	7	E	5	F	D	0	6	B	C	9	A	2	4	1	3
S₉	B	5	F	0	7	2	9	D	4	8	1	C	E	A	3	6

基于秘密共享的LBlock的S盒防御方案

The Defense Scheme of S-box on LBlock Based on Secret Sharing

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 9

参考文献 16

相关文章 12

编辑推荐

Metrics

本文评价

[1]	刘晓芬, 陈晓峰, 连桂仁, 林崧. 基于d级单粒子的可认证多方量子秘密共享协议[J]. 信息网络安全, 2020, 20(3): 51-55.
[2]	郎为民, 王雪丽, 张汉, 裴云祥. 一种基于秘密共享算法的安全数据去重方案[J]. 信息网络安全, 2020, 20(11): 43-50.
[3]	刘成基, 李志慧, 司萌萌, 白晨明. 基于局域区分的六粒子正交纠缠态的量子秘密共享方案[J]. 信息网络安全, 2018, 18(4): 56-64.
[4]	孟庆全, 杨晓元, 钟卫东, 张帅伟. 抵抗差分功耗攻击的秘密共享S盒实现与优化[J]. 信息网络安全, 2018, 18(2): 71-77.
[5]	唐春明, 魏伟明. 基于安全两方计算的具有隐私性的回归算法[J]. 信息网络安全, 2018, 18(10): 10-16.
[6]	张言胜, 汪学明, 仇各各. 一种新的动态门限数字签名方案研究[J]. 信息网络安全, 2016, 16(6): 62-67.
[7]	程资, 靳俐荣, 石金晶. 基于RS码生成机制的(k,n)门限量子秘密共享方案[J]. 信息网络安全, 2016, 16(4): 44-49.
[8]	张璐;徐燕红;张浩;田伟. 基于秘密共享的安全云存储方案[J]. , 2013, 13(4): 0-0.
[9]	封化民;孙轶茹;孙莹. 基于身份认证加密的匿名私钥共享方案[J]. , 2013, 13(11): 0-0.
[10]	朱建忠;姚志强. 基于Asmuth-Bloom门限方案的小波域数字水印技术[J]. , 2012, 12(12): 0-0.
[11]	杨佳;鲁青远. C2密码防攻击技术研究[J]. , 2011, 11(5): 0-0.
[12]	邱伟星;关一鸣;黄华. DES加密算法在秘密共享中的应用[J]. , 2011, 11(3): 0-0.