WAN Wu-nan,CHEN Jun.A Second Order Cross Correlation Power Analysis Attack on Double Blinding Exponentiation Algorithms[J].Journal of Chengdu University of Information Technology,2016,(04):353-357.
针对双重掩码模幂算法的二阶互相关功耗分析攻击
- Title:
- A Second Order Cross Correlation Power Analysis Attack on Double Blinding Exponentiation Algorithms
- 文章编号:
- 2096-1618(2016)04-0353-05
- 分类号:
- TN918.4
- 文献标志码:
- A
- 摘要:
- 针对一阶互相关功耗分析(cross correlation power analysis,CCPA)攻击方法无法攻击基于底数和指数的模幂算法,提出一种基于方差的二阶互相关功耗分析攻击改进算法。在一阶CCPA算法基础上,对功耗曲线的相关系数进行二次处理,对模乘操作的每个功耗点的相关系数计算方差,然后挑选方差偏差大的功耗点作为有效攻击点,去除掉方差小的功耗点; 然后有效攻击点的相关系数相加和分类,有效区分不同指数,实现对底数掩码和指数重编码的模幂防御算法的指数提取。根据实验结果,100条功耗曲线攻击准确率达到99%。
- Abstract:
- According to the fact that the countermeasures for modular exponentiation algorithms based on the message blinding methods and the exponent blinding methods secure against the first order cross correlation power analysis(CCPA)attacks. An improved algorithm of a second order cross correlation power attacks based on variance is proposed in the paper, and the bits of the secret exponent of the message blinding methods and the exponent blinding methods can be defeated. On the basis of CCPA, we use the variation of correlation coefficients for each power point of every modular multiplication for the improved algorithm. Then the power points are selected as effective attack points, while the variance value is a bigger value in the power points, and other power points of the smaller variance value are discarded for reducing the noise. We can effectively distinguish the exponent bit through summing the value of correlation coefficients and classifying. The results of experiments show that recognition rate increases to99% with 100 power traces.
参考文献/References:
[1] Kocher P, Jaffe J, Jun B. Differential power analysis[C]. Advances in Cryptology-CRYPTO'99, California, USA: Springer, 1999: 789-789.
[2] A P Fouque,F Valette, The Doubling Attack—WhyUpwards is Better Than Down wards,Proc. Int'l Workshop Cryptographic Hardware and Embedded Systems(CHES '03),2003: 269-280.
[3] S M Yen, W C Lien, S.J. Moon,et al. Power Analysis by Exploiting Chosen Message and Internal Collisions-Vulnerability of Checking Mechanism for RSA-Decryption[C],Proc. Mycrypt '05,2005:183-195.
[4] Naofumi Homma, Atsushi Miyamoto,Takafumi Aoki,et al. Comparative power analysis of modular exponentiation algorithms[J]. IEEE Transations on computer,2010,59(6): 795-807.
[5] Kocher P. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems[C]. Advances in Cryptology-CRYPTO'96, California, USA: Springer,1996: 104-113.
[6] M F Witteman, Jasper G J van Woudenberg,Federico Menarini. Defeating RSAMultiply-Always and Message Blinding Countermeasures[C].The Cryptographers' Track at the RSA Conference 2011, San Francisco, CA, USA,2011,14-18.
[7] HeeSeok Kim, Tae Hyun Kim, Joong Chul Yoon,et al. Practical Second-Order Correlation Power Analysis on the Message Blinding Method and Its Novel Countermeasure for RSA[J]. ETRI Journal, 2010,32(1).
[8] E Akalp Kuzu, B Soysal, M Sahinoglu,et al.New cross correlation attack methods on the Montgomery Ladder implementation of RSA[C]. Advance Computing Conference(IACC), 2013 IEEE 3rd International,2013:138-142.
[9] E Akalp Kuzu, A Tangel.All bits cross correlation attack on the Montgomery Ladder implementation of RSA[C]. 18th International Conference on Digital Signal Processing(DSP),2013.
[10] E Akalp Kuzu,A Tangel.A new style CPA attack on the ML implementation of RSA[C].Computer Science and Engineering Conference(ICSEC),2014.
[11] C Clavier, B Feix, G Gagnerot,et al.Horizontal Correlation Analysis on Exponentiation[C]. Proc. ICICS, ser. Lecture Notes in Computer Science,2010,6476:46-61.
[12] A Bauer,E Jaulmes, E Prouff J Wild,et al.Side-Channel Attacksagainst Secure RSA Implementations[C]. Proc. CT-RSA, ser. Lecture Notes in Computer Science,2013,7779:1-17.
[13] A Bauer,E Jaulmes. Correlation Analysis against Protected SFM Implementations of RSA[C],Proc. INDOCRYPT, ser. Lecture Notes in Computer Science,2013,8520:98-115.
[14] S Bauer. Attacking Exponent Blinding in RSA without CRT[C].COSADE, ser. Lecture Notes in Computer Science,2012,7275:82-88.
[15] Werner Schindler. Exclusive Exponent Blinding May Not Suffice to Prevent Timing Attacks on RSA[C].Cryptographic Hardware and Embedded Systems-CHES 2015. Lecture Notes in Computer Science,2015,2523:229-247.
[16] JaeCheol Ha, ChuHun Jun,JeaHoon Park,et al.A new CRT-RST Scheme Resistant to Power Analysis and Fault Attack[C]. InThe third 2008 ICCHIT,2008:351-356.
相似文献/References:
[1]万武南,陈 俊.针对Montgomery模幂算法的选择明文SPA攻击[J].成都信息工程大学学报,2016,(04):348.
WAN Wu-nan,CHEN Jun.A Simple Power Analysis Attack on the Montgomery
Modular Exponentiation Algorithms[J].Journal of Chengdu University of Information Technology,2016,(04):348.
[2]匡晓云,黄开天,兰 天,等.针对SM4密码算法的模板攻击[J].成都信息工程大学学报,2021,36(05):499.[doi:10.16836/j.cnki.jcuit.2021.05.004]
KUANG Xiaoyun,HUANG Kaitian,LAN Tian,et al.Template Attack Against SM4 Cryptographic Algorithm[J].Journal of Chengdu University of Information Technology,2021,36(04):499.[doi:10.16836/j.cnki.jcuit.2021.05.004]
[3]曹家华,吴 震,王 燚,等.基于CNN-BPR的S-Box功耗随机化侧信道攻击[J].成都信息工程大学学报,2022,37(01):16.[doi:10.16836/j.cnki.jcuit.2022.01.003]
CAO Jiahua,WU Zhen,WANG Yi,et al.Side Channel Attack of S-box Power Randomization based on CNN-BPR[J].Journal of Chengdu University of Information Technology,2022,37(04):16.[doi:10.16836/j.cnki.jcuit.2022.01.003]
备注/Memo
收稿日期:2016-07-06 基金项目:国家自然科学基金面上资助项目(61572086); 四川省大数据与智慧城市创新开放基金资助项目(RWS-CYHKF-01-20150003); 四川省教育厅重点资助项目(16ZA0212)