基于Bartlett和多分类F检验侧信道泄露评估

王娅茹; 唐明

doi:10.11959/j.issn.1000-436x.2021235

您当前的位置：

首页 >

文章列表页 >

基于Bartlett和多分类F检验侧信道泄露评估

学术论文 | 更新时间：2024-06-05

- 基于Bartlett和多分类F检验侧信道泄露评估
- Side channel leakage assessment with the Bartlett and multi-classes F-test
- 通信学报 2021年42卷第12期页码：35-43
- 作者机构：
  
  1. 武汉大学国家网络安全学院，湖北武汉 430072
  2. 武汉大学空天信息安全与可信计算教育部重点实验室，湖北武汉 430072
- 作者简介：
  
  [ "王娅茹（1989- ），女，河南驻马店人，武汉大学博士生，主要研究方向为侧信道泄露检测、密码学、信息安全等" ]
  [ "唐明（1976- ），女，湖北武汉人，博士，武汉大学教授、博士生导师，主要研究方向为CPU安全、信息安全、侧信道攻击与检测等" ]
- 基金信息：
  
  国家自然科学基金资助项目(61972295);武汉市科技项目应用基础前沿专项基金资助项目(2019010701011407)
- DOI：10.11959/j.issn.1000-436x.2021235
  中图分类号： TP309
- 网络出版日期：2021-12，
  
  纸质出版日期：2021-12-25
- 稿件说明：
移动端阅览
王娅茹, 唐明. 基于Bartlett和多分类F检验侧信道泄露评估[J]. 通信学报, 2021,42(12):35-43.

Yaru WANG, Ming TANG. Side channel leakage assessment with the Bartlett and multi-classes F-test[J]. Journal on communications, 2021, 42(12): 35-43.
王娅茹, 唐明. 基于Bartlett和多分类F检验侧信道泄露评估[J]. 通信学报, 2021,42(12):35-43. DOI： 10.11959/j.issn.1000-436x.2021235.

Yaru WANG, Ming TANG. Side channel leakage assessment with the Bartlett and multi-classes F-test[J]. Journal on communications, 2021, 42(12): 35-43. DOI： 10.11959/j.issn.1000-436x.2021235.

摘要

为了解决测试向量泄露评估（TVLA）技术进行侧信道泄露检测时，两组功耗样本（固定明文和随机明文）的均值差异较小时，t 检验存在漏检以及可能导致评估出现假阴性的问题。基于此，提出对样本的均值与方差等参数进行差异评估，进而提出基于Bartlett和多分类F检验侧信道泄露评估（Bartlett-F检验）方法。在Bartlett-F检验中，将Bartlett检验用于均值差异小于方差差异的功耗样本以解决漏检问题，将多分类F检验用于均值差异大于方差差异的功耗样本以解决评估出现假阴性的问题。在检验中，若P值小于阈值，则有泄露。实验结果表明，当均值差异小于方差差异时，Bartlett检验的P值小于阈值时所需样本量为1.5×10

，而t检验则需要更大的样本量。当方差差异小于均值差异时，t检验的P值小于阈值时所需样本量为2.0×10

，而F检验所需样本量仅为t检验的1 10。因此，Bartlett-F检验可以解决TVLA技术在泄露检测中存在的问题。

Abstract

In order to solve the problem that when test vector leakage assessment （TVLA） technology is used for side channel leakage detection， the mean difference between the two groups of power consumption samples （fixed plaintext and random plaintext） is small， and the t-test may miss detection and lead to false negative evaluation.The Bartlett and multi-classification F-test side channel leakage assessment method （Bartlett-F test） was proposed.In the Bartlett-F test， the Bartlett-test was used to the power samples with greater variance difference than mean difference to solve the problem of missing detection， and the multi-classification F-test was used to the power samples with greater mean difference than variance difference to solve the problem of false negative evaluation.In the test， there is leakage if the P-value is less than the threshold.The experimental results show that when the mean difference is less than the variance difference， the sample size required by Bartlett-test is 1.5×10

when the P-value of Bartlett-test is less than the threshold， while the sample size required by t-test is larger.When the variance difference is less than the mean difference， the sample size required by t-test is 2.0×10

when the P-value of t-test is less than the threshold， while the sample size required by F-test is only 1/10 of t-test.Therefore， Bartlett-F test can solve the problems of TVLA technology in leak detection.

关键词

Keywords

references

KOCHER P , JAFFE J , JUN B . Differential power analysis [C ] // Advances in Cryptology — CRYPTO’ 99 . Berlin:Springer , 1999 : 388 - 397 .

MATHER L , OSWALD E , BANDENBURG J , et al . Does my device leak information? an a priori statistical power analysis of leakage detection tests [C ] // Advances in Cryptology — ASIACRYPT 2013 . Berlin:Springer , 2013 : 486 - 505 .

GIERLICHS B , BATINA L , TUYLS P , et al . Mutual information analysis [C ] // Cryptographic Hardware and Embedded Systems —CHES 2008 . Berlin:Springer , 2008 : 426 - 442 .

CHARI S , RAO J R , ROHATGI P . Template attacks [C ] // Cryptographic Hardware and Embedded Systems — CHES 2002 . Berlin:Springer , 2003 : 13 - 28 .

SCHRAMM K , WOLLINGER T , PAAR C . A new class of collision attacks and its application to DES [C ] // Fast Software Encryption . Berlin:Springer , 2003 : 206 - 222 .

GOODWILL G , JUN B , JAFFE J , et al . A testing methodology for side-channel resistance validation [C ] // NIST non-invasive attack testing workshop .[S.l.:s.n. ] , 2011 , 7 : 115 - 136 .

BECKER G , COOPER J , DEMULDER E , et al . Test Vector Leakage Assessment (TVLA) methodology in practice [C ] // International Cryptographic Module Conference .[S.l.:s.n. ] , 2013 :20.

WELCH B L . The generalization of ‘student’s’ problem when several different population variances are involved [J ] . Biometrika , 1947 , 34 ( 1/2 ): 28 .

AZOUAOUI M , BELLIZIA D , BUHAN I , et al . A systematic appraisal of side channel evaluation strategies [C ] // Security Standardisation Research . Berlin:Springer , 2020 : 46 - 66 .

YU H , HE Z H , WU L J , et al . Power leakage detection for a masked SM3-MAC hardware implementation [C ] // Proceedings of 2019 IEEE 13th International Conference on Anti-counterfeiting,Security,and Identification (ASID) . Piscataway:IEEE Press , 2019 : 224 - 228 .

GUILLEY S , KARRAY K , PERIANIN T , et al . Side-channel evaluation methodology on software [J ] . Cryptography , 2020 , 4 ( 4 ): 27 .

DING A A , CHEN C , EISENBARTH T . Simpler,faster,and more robust T-test based leakage detection [C ] // Constructive Side-Channel Analysis and Secure Design . Berlin:Springer , 2016 : 163 - 183 .

YANG W , JIA A N . Side-channel leakage detection with one-way analysis of variance [J ] . Security and Communication Networks , 2021 , 2021 : 1 - 13 .

WHITNALL C , OSWALD E . A cautionary note regarding the usage of leakage detection tests in security evaluation [R ] . 2019 .

MERINO D P S , STANDAERT F X . Getting the most out of leakage detection [C ] // Constructive Side-Channel Analysis and Secure Design . Berlin:Springer , 2017 : 264 - 281 .

WHITNALL C , OSWALD E . A critical analysis of ISO 17825 (‘testing methods for the mitigation of non-invasive attack classes against cryptographic modules’) [C ] // Lecture Notes in Computer Science . Berlin:Springer , 2019 : 256 - 284 .

STANDAERT F X , . How (not) to use Welch’s T-test in side-channel security evaluations [C ] // Smart Card Research and Advanced Applications . Berlin:Springer , 2019 : 65 - 79 .

DING A A , ZHANG L W , DURVAUX F , et al . Towards sound and optimal leakage detection procedure [C ] // Smart Card Research and Advanced Applications . Berlin:Springer , 2018 : 105 - 122 .

SCHNEIDER T , MORADI A . Leakage assessment methodology [J ] . Journal of Cryptographic Engineering , 2016 , 6 ( 2 ): 85 - 99 .

DURVAUX F , STANDAERT F X . From improved leakage detection to the detection of points of interests in leakage traces [C ] // Advances in Cryptology — EUROCRYPT 2016 . Berlin:Springer , 2016 : 240 - 262 .

CHEN H , XI W , FAN L M , et al . Side Channel Analysis and Evaluation on Cryptographic Products [J ] . Journal of Electronics and Information Technology , 2020 , 42 ( 8 ): 1836 - 1845 .

LEI W , WANG L H , SHAN W J , et al . A frequency-based leakage assessment methodology for side-channel evaluations [C ] // Proceedings of 2017 13th International Conference on Computational Intelligence and Security (CIS) . Piscataway:IEEE Press , 2017 : 590 - 593 .

BILGIN B , GIERLICHS B , NIKOVA S , et al . Higher-order threshold implementations [C ] // Lecture Notes in Computer Science . Berlin:Springer , 2014 : 326 - 343 .

DE CNUDDE T , BILGIN B , REPARAZ O , et al . Higher-order threshold implementation of the AES S-box [C ] // Smart Card Research and Advanced Applications . Berlin:Springer , 2016 : 259 - 272 .

PROUFF E , RIVAIN M , BEVAN R . Statistical analysis of second order differential power analysis [J ] . IEEE Transactions on Computers , 2009 , 58 ( 6 ): 799 - 811 .

BHASIN S , BRUNEAU N , DANGER J L , et al . Analysis and improvements of the DPA contest v4 implementation [C ] // Security,Privacy,and Applied Cryptography Engineering . Cham:Springer International Publishing , 2014 : 201 - 218 .

浏览量

565

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

对加掩加密算法的盲掩码模板攻击

有学习的高阶DPA攻击

密码芯片基于聚类的模板攻击