扩展的代数侧信道攻击及其应用

doi:10.3969/j.issn.0372-2112.2013.05.005

电子学报 ›› 2013, Vol. 41 ›› Issue (5): 859-864.DOI: 10.3969/j.issn.0372-2112.2013.05.005

扩展的代数侧信道攻击及其应用

彭昌勇^1,2, 朱创营³, 黄莉⁴, 祝跃飞¹, 王靳辉²

1. 解放军信息工程大学网络空间安全学院,河南郑州 450002;
2. 解放军信息工程大学理学院,河南郑州 450002;
3. 桂林电子科技大学,广西桂林 541004;
4. 解放军信息工程大学科研部,河南郑州 450002

收稿日期:2012-09-28 修回日期:2013-03-04 出版日期:2013-05-25
- 通讯作者:
- 彭昌勇 男,1974年生于湖南永州.解放军信息工程大学博士研究生.研究方向为分组密码. E-mail:cy.peng@163.com
- 作者简介:
- 朱创营 男,1986年生于河南尉氏.硕士生.研究方向为形式化验证和信息安全. E-mail:39463021@qq.com
- 基金资助:
- 郑州市科技创新团队项目 (No.10CXTD150)

Extended Algebraic-Side Channel Attack and Its Application

PENG Chang-yong^1,2, ZHU Chuang-ying³, HUANG Li⁴, ZHU Yue-fei¹, WANG Jin-hui²

1. Cyberspace Security College,PLA Information Engineering University,Zhengzhou,Henan 450002,China;
2. College of Science,PLA Information Engineering University,Zhengzhou,Henan 450002,China;
3. School of Computer and Control,Guillin University of Electronic Technology,Guilin,Guangxi 541004,China;
4. Scientific Research Department,PLA Information Engineering University,Zhengzhou,Henan 450002,China

Received:2012-09-28 Revised:2013-03-04 Online:2013-05-25 Published:2013-05-25
- Supported by:
- Science and Technology Innovation team project of Zhengzhou, Henan Province (No.10CXTD150)

摘要/Abstract

摘要： Renauld等人提出的代数侧信道攻击是将代数攻击和侧信道攻击结合起来的一种对分组密码的攻击方法.目前的研究主要针对算法的8-bit实现平台,对于更大的如64-bit实现平台,未见文献讨论.为此,本文提出一种扩展的代数侧信道攻击,直接将侧信道信息表示为密钥的显式函数.相比于通常的代数侧信道攻击,所需泄露信息更少.作为应用,给出了对LBlock轻量级分组密码的扩展的代数侧信道攻击,结果如下:对于64-bit平台实现的LBlock,假设其1-3轮输出的Hamming重量可以准确获得,则利用35个已知明文,便可建立关于LBlock 80-bit主密钥的非线性方程组;在普通的PC机上,利用Magma数学软件v2.12-16求Groebner基,1分钟内可以求得80-bit主密钥.这是对LBlock的首个代数侧信道攻击,同时说明Renauld等人给出的对代数侧信道攻击的其中一个防范方法:"将实现方法从8-bit平台转移到更大的设备"是不够的.

关键词: 轻量级分组密码, 鲁班锁分组密码, 代数侧信道攻击, Magma数学软件, Groebner基

Abstract: Algebraic-side channel attack(ASCA) was proposed by Renauld et al.which combines algebraic attack and side channel attack.The current research of ASCA mainly focuses on the 8-bit implementation of a block cipher.For 64-bit platform,there is no such research.This paper gives an extended algebraic side channel attack which represents the leaked information as explicit function of the key bits.Compared with the original ASCA,the extended ASCA needs less leaked information.As an application,we give an extended ASCA on LBlock light weight block cipher:For LBlock implemented on 64-bit platform,if the Hamming weight of the output of 1-3 round of LBlock can be obtained without error,then with 35 known plaintexts,an equation system concerning the 80 bit maser key can be set up;on a general PC,the 80 bit master key can be obtained in a minute by using Magma mathematical software v2.12-16 to find the Groebner basis.This is the first ASCA attack on LBlock,which shows that the method of moving form 8-bit platform to larger devices suggested by Renauld et al.to prevent ASCA is not enough.

Key words: lightweight block cipher, LBlock, algebraic side channel attack, Magma mathematical software, Groebner basis

中图分类号:

TP309

彭昌勇, 朱创营, 黄莉, 等. 扩展的代数侧信道攻击及其应用[J]. 电子学报, 2013, 41(5): 859-864.

PENG Chang-yong, ZHU Chuang-ying, HUANG Li, et al. Extended Algebraic-Side Channel Attack and Its Application[J]. Acta Electronica Sinica, 2013, 41(5): 859-864.

参考文献

[1] Wenling Wu,Lei Zhang.LBlock:A lightweight block cipher .J Lopez,G Tsudik.2011 9th International Conference on Applied Cryptography and Network Security .Spain:Springer-Verlag,LNCS 6715,2011.327-344.
[2] Bogdanov A,Knudsen L R,Leander G,Parr C,Poschmann A,Robshaw M J B,Seurin Y,Vikkelsoe C.PRESENT:an ultra-lightweight block cipher .Paillier,P,Verbauwhede,I.2007 Workshop on Cryptographic Hardware and Embedded Systems .Austria:Springer-Verlag,LNCS 4727,2007.450-466.
[3] De Canniere,C,Dunkelman,Orr,Knezevic,M.KATAN and KTANTAN-a family of small and effcient hardware-oriented block ciphers .Clavier,C,Gaj,K.2009 Workshop on Cryptographic Hardware and Embedded Systems .Switzerland:Springer-Verlag,LNCS 5747,2009.272-288.
[4] Lim C,Korkishko T.mCrypton-a lightweight block cipher for security of low-cost RFID tags and sensors .JooSeok Song,Taekyoung Kwon,Moti Yung.2005 6th Workshop on Information Security Applications .Korea:Springer-Verlag,LNCS 3786,2006.243-258.
[5] Leander G,Paar C,Poschmann A.New lightweight DES variants .Alex Biryukov.2007 14th Fast Software Encryption .Luxembourg:Springer-Verlag,LNCS 4593,2007.196-210.
[6] Izadi M,Sadeghiyan B,Sadeghian S,Khanooki H.MIBS:a new lightweight block cipher .Garay,Juan A.,Otsuka,Akira.2009 8th International Conference on Cryptology and Network Security .Japan:Springer-Verlag,LNCS 5888,2009.334-348.
[7] Guo J,Peyrin T,Poschmann A,Robshaw M.The LED block cipher .B.Preneel and T.Takagi.2011 Workshop on Cryptographic Hardware and Embedded Systems .Japan:Springer-Verlag,LNCS 6917,2011.326-341.
[8] 张文英,刘祥忠.对基于NLFSR分组密码KTANTAN32的相关密钥中间相遇代数攻击[J].电子学报,2012,40(10):2097-2100. ZHANG Wen-ying.LIU Xiang-zhong.An related-key meet-in-the-middle algebraic attack on the NLFSR based block cipher KTANTAN32[J].Acta Electronica Sinica,2012,40(10):2097-2100.(in Chinese)
[9] 唐学海,孙兵,李超.对8轮CLEFIA算法的一种现实攻击[J].电子学报,2011,20(7):1608-1612. Tang Xue-hai,Sun Bing,Li Chao.A real-world attack of 8-round CLEFIA[J].Acta Electronica Sinica,2011,20(7):1608-1612.(in Chinese)
[10] Mathieu Renauld,Francois-Xavier Standaert.Algebraic side-channel attacks .Feng Bao,Moti Yung,Dongdai Lin,and Jiwu Jing.2009 5th China International Conference on Information Security and Cryptology .China:Springer-Verlag,LNCS 6151,2009.393-410.
[11] Mathieu Renauld,Franois-Xavier Standaert,Nicolas Veyrat-Charvillon.Algebraic side-channel attacks on the AES:Why time also matters in DPA .Christophe Clavier and Kris Gaj.2009 Workshop on Cryptographic Hardware and Embedded Systems .Switzerland:Springer-Verlag,LNCS 5747,2009.97-111.
[12] X J Zhao,S Z Guo,F.Zhang,et al.MDASCA:an enhanced algebraic side-channel attack for error tolerance and new leakage model exploitation .Schindler,Werner;Huss,Sorin.2012 3rd International Workshop on Constructive Side-Channel Analysis and Secure Design .Germany:Springer-Verlag,LNCS 7275,2012.231-248.
[13] I Schaumuller-Bichl.Cryptanalysis of the data encryption standard by the method of formal coding .David Chaum.Advances in Cryptology,Proceedings of CRYPTO 1983 .USA:Springer-Verlag,LNCS 149,1983.235-255.
[14] 彭昌勇,祝跃飞,顾纯祥,米顺强.1~5轮LBlock的多项式表示及完全性分析[J].计算机工程,2012,38(9):155-157. Peng Chang-yong,Zhu Yue-fei,Gu Cun-xiang et al.Polynomial expression and completeness analysis of 1~5 round LBlock [J].Computer Engineering,2012,38(9):155-157.(in Chinese)

扩展的代数侧信道攻击及其应用

Extended Algebraic-Side Channel Attack and Its Application

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 2

编辑推荐

Metrics

[1]	李航, 任炯炯, 陈少真. 减轮LEA密码算法的积分攻击[J]. 电子学报, 2020, 48(1): 17-27.
[2]	彭昌勇, 朱创营, 黄莉, 祝跃飞, 王靳辉. 对分组密码的形式化函数分析及其应用[J]. 电子学报, 2013, 41(11): 2314-2316.