有学习的高阶DPA攻击

吴震; 王燚; 周冠豪

doi:10.11959/j.issn.1000-436x.2018164

您当前的位置：

首页 >

文章列表页 >

有学习的高阶DPA攻击

论文Ⅲ：学术论文 | 更新时间：2024-06-05

- 有学习的高阶DPA攻击
- High order DPA with profiling
- 通信学报 2018年39卷第9期页码：135-146
- 作者机构：
  
  1. 成都信息工程大学网络空间安全学院，四川成都 610225
  2. 北京智慧云测设备技术有限公司，北京 102300
- 作者简介：
  
  [ "吴震（1975-），男，江苏苏州人，成都信息工程大学副教授，主要研究方向为信息安全、密码学、侧信道攻击与防御、信息安全设备设计与检测。" ]
  [ "王燚（1968-），男，四川成都人，博士，成都信息工程大学教授，主要研究方向为机器学习、侧信道攻击与防御、自然语言处理。" ]
  [ "周冠豪（1993-），男，江西南昌人，北京智慧云测设备技术有限公司技术工程师，主要研究方向为信息安全、机械学习、侧信道攻击与防御、物联网安全。" ]
- 基金信息：
  
  国家重大科技专项基金资助项目(2014ZX01032401-001);四川省科技计划基金资助项目(2017GZ0313);四川省教育厅科研基金资助项目(17ZB0082)
- DOI：10.11959/j.issn.1000-436x.2018164
  中图分类号： TP309.1
- 网络出版日期：2018-09，
  
  纸质出版日期：2018-09-25
- 稿件说明：
移动端阅览
吴震, 王燚, 周冠豪. 有学习的高阶DPA攻击[J]. 通信学报, 2018,39(9):135-146.

Zhen WU, Yi WANG, Guanhao ZHOU. High order DPA with profiling[J]. Journal on communications, 2018, 39(9): 135-146.
吴震, 王燚, 周冠豪. 有学习的高阶DPA攻击[J]. 通信学报, 2018,39(9):135-146. DOI： 10.11959/j.issn.1000-436x.2018164.

Zhen WU, Yi WANG, Guanhao ZHOU. High order DPA with profiling[J]. Journal on communications, 2018, 39(9): 135-146. DOI： 10.11959/j.issn.1000-436x.2018164.

摘要

在侧信道攻击中，作为抵抗一阶 DPA 攻击的对策，掩码策略是当前使用最为广泛的防御方式之一。目前，针对掩码策略，通常使用高阶DPA及高阶模板攻击等攻击方式。但由于高阶DPA攻击的是多种信息的联合泄露，需要对多个位置的能耗进行交叉组合，导致其攻击效率低下。高阶模板攻击则需要在学习阶段了解每次加密中使用的随机掩码，攻击条件往往难以满足。针对目前这些攻击方式的不足与局限性，有学习的高阶 DPA 采用神经网络建立能耗对无掩中间组合值的拟合模型，基于拟合无掩中间组合值与猜测无掩中间组合值的相关系数进行攻击。这种方法消除了在学习阶段必须了解掩码的要求，同时避免了高阶 DPA 对能耗交叉组合的需求，降低了攻击条件，且提高了攻击的效率。实验证实了该攻击算法的可行性和高效性。

Abstract

In side channel attack

the masking implementation is one of the most popular counter measures again first order DPA.Presently

high order DPA and high order template attack are often used to attack against masking counter measures.High order DPA

however

targets joint leakage of multiple types of information and therefore needs cross combination of powers at corresponding positions

which is the root of the inefficiency of high order DPA.High order template attack

on the other hand

has to know the random mask in each encrypting at its learning phase

which is rarely satisfied for most adversaries.Be aware of these shortcomings and limitations

the algorithm of high order DPA with profiling used neural network to establish the model of fitting the combination of un-masked intermediate values.Attacking was based on the correlation coefficient between the fitted combination intermediate value and the guessing combination intermediate value.This method eliminated the requirement of knowing the masks at the learning phase of template attack and the requirement of cross combination of powers for high order DPA

and therefore lowered the requirement of learning as well as improved attacking efficiency.Experiments have confirmed the feasibility of this algorithm

as well as its efficiency.

关键词

Keywords

references

KOCHER P , JAFFE J , JUN B . Differential power analysis [C ] // Annual International Cryptology Conference . 1999 : 388 - 397 .

POPP T , MANGARD S , OSWALD E . Power analysis attacks and countermeasures [J ] . IEEE Design ＆ test of Computers , 2007 , 24 ( 6 ): 535 - 543 .

MESSERGES T , . Using second-order power analysis to attack DPA resistant software [C ] // International Workshop on Cryptographic Hardware and Embedded Systems . 2000 : 238 - 251 .

WADDLE J , WAGNER D . Towards efficient second-order power analysis [C ] // International Workshop on Cryptographic Hardware and Embedded Systems . 2004 : 1 - 15 .

JOYE M , PAILLIER P , SCHOENMAKERS B . On second-order differential power analysis [C ] // International Workshop on Cryptographic Hardware and Embedded Systems . 2005 : 293 - 308 .

王敏 , 吴震 , 饶金涛 , 等 . 针对密码芯片频域互信息能量分析攻击 [J ] . 通信学报 , 2015 , 36 ( Z1 ): 131 - 135 .

WANG M , WU Z , RAO J T , et al . Mutual information power analysis attack in the frequency domain of the crypto chip [J ] . Journal on Communications , 2015 , 36 ( Z1 ): 131 - 135 .

OSWALD E , MANGARD S , HERBST C , et al . Practical second-order DPA attacks for masked smart card implementations of block ciphers [C ] // Cryptographers’ Track at the RSA Conference . 2006 : 192 - 207 .

OSWALD E , MANGARD S . Template attacks on masking—resistance is futile [C ] // Cryptographers’ Track at the RSA Conference . 2007 : 243 - 256 .

LEMKE-RUST K , PAAR C . Gaussian mixture models for higher-order side channel analysis [C ] // International Workshop on Cryptographic Hardware and Embedded Systems . 2007 : 14 - 27 .

LERMAN L , BONTEMPI G , MARKOWITCH O . A machine learning approach against a masked AES [J ] . Journal of Cryptographic Engineering , 2015 , 5 ( 2 ): 123 - 139 .

GILMORE R , HANLEY N , O'NEILL M . Neural network based attack on a masked implementation of AES [C ] // 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) . 2015 : 106 - 111 .

DURVAUX F , STANDAERT F X . From improved leakage detection to the detection of points of interests in leakage traces [C ] // Annual International Conference on the Theory and Applications of Cryptographic Techniques . 2016 : 240 - 262 .

DURVAUX F , STANDAERT F X , VEYRAT-CHARVILLON N , , et al . Efficient selection of time samples for higher-order DPA with projection pursuits [C ] // International Workshop on Constructive SideChannel Analysis and Secure Design . 2015 : 34 - 50 .

张洪欣 , 李静 , 张帆 , 等 . 基于能耗旁路泄露的密码芯片模板攻击算法研究 [J ] . 电波科学学报 , 2015 , 30 ( 5 ): 987 - 992 .

ZHANG H X , LI J , ZHANG F , et al . A study on template attack of chip base on side channel power leakage [J ] . Chinese Journal of Radio Science , 2015 , 30 ( 5 ): 987 - 992 .

阮越 , 陈汉武 , 刘志昊 , 等 . 量子主成分分析算法 [J ] . 计算机学报 , 2014 , 37 ( 3 ): 666 - 676 .

WAN Y , CHEN H W , LIU Z H , et al . Quantum principal component analysis algorithm [J ] . Chinese Journal of Computers , 2014 , 37 ( 3 ): 666 - 676 .

浏览量

1174

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

对加掩加密算法的盲掩码模板攻击

基于阵列的神经网络水声通信信号多参数联合估计算法

基于神经网络的恶意DNS流量检测方法

基于可见光和射频融合的通信定位一体化系统

基于特征依赖图的源代码漏洞检测方法