一种基于奇异值分解的功耗轨迹筛选方法

doi:10.3969/j.issn.0372-2112.2017.09.028

电子学报 ›› 2017, Vol. 45 ›› Issue (9): 2250-2255.DOI: 10.3969/j.issn.0372-2112.2017.09.028

一种基于奇异值分解的功耗轨迹筛选方法

周新平^1,2, 孙德刚^1,2, 王竹^1,2, 欧长海^1,2

1. 中国科学院信息工程研究所, 北京 100093;
2. 中国科学院大学网络空间安全学院, 北京 100049

收稿日期:2016-06-12 修回日期:2016-11-15 出版日期:2017-09-25
- 通讯作者:
- 王竹
- 作者简介:
- 周新平,男,1990年出生于江西樟树,现为中国科学院信息工程研究所博士研究生.主要研究领域为密码学,侧信道分析.E-mail:zhouxinping@iie.ac.cn;孙德刚,男,1970年出生于吉林磐石,现为中国科学院信息工程研究所研究员,博士生导师,主要研究领域为信号处理理论与技术、电磁检测与防护;欧长海,男,1989年出生于贵州铜仁,现为中国科学院信息工程研究所博士研究生.主要研究领域为密码学与侧信道分析.
- 基金资助:
- 国家自然科学基金项目 (No.61372062）

A Method Based on Singular Value Decomposition for Enhancement of Differential Power Analysis

ZHOU Xin-ping^1,2, SUN De-gang^1,2, WANG Zhu^1,2, OU Chang-hai^1,2

1. Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;
2. School of Cyber Security University of Chinese Academy of Sciences, Beijing 100049, China

Received:2016-06-12 Revised:2016-11-15 Online:2017-09-25 Published:2017-09-25
- Supported by:
- National Natural Science Foundation of China (No.61372062)

摘要/Abstract

摘要： 功耗分析攻击是侧信道分析中针对密码设备最有效的分析手段之一，它利用密码设备消耗的功耗来分析密码设备的敏感信息.差分功耗分析是最早提出的功耗分析方法，也是目前最基本的分析方法之一.但是在实际使用差分功耗分析过程中，由于功耗轨迹存在噪声等因素，往往使得花了较多的功耗轨迹，差分功耗分析的效果一般，难以恢复出正确密钥.针对这个问题，本文提出了一种基于奇异值分解的选择功耗轨迹方法，这种方法可以选择一些质量好的功耗轨迹用于差分功耗分析，提高差分功耗分析的攻击效率.本文的实验验证了该方法的有效性，在同等分析条件下，对于我们自己采集的功耗数据，使用该方法情况下仅需124条功耗轨迹就可以达到80%的成功率，而普通差分功耗分析需要490条；对于DPA Contest 2008/2009提供的数据，使用该方法仅需53条功耗轨迹可以达到80%的成功率，而普通差分功耗分析需要195条.两个不同的实验对象都说明了该方法的有效性.

关键词: 差分功耗分析, 选择功耗轨迹, 奇异值分解

Abstract: Power analysis is one of the most effective techniques in side channel analysis.This technique utilizes the power consumption that are relative to the intermediate state of cryptographic algorithm to recover the secret information in the cryptographic devices.Differential power analysis is the first method of power analysis and it is one of the most fundamental analysis techniques.However,in practical scenario,the efficiency of differential power analysis is largely affected by the noise of power traces.Consequently,this leads to the low efficiency of differential power analysis and it is hard to recover the secret key.To address this issue,a new method that is based on singular value decomposition to select power traces is proposed.The power traces of high quality can be selected when this method is applied to improve the efficiency of differential power analysis.The experiments verify the validity of the method.Further,the experimental results show that our method is much better compared with the existing method.Using the method of this paper only 124 power traces is needed to achieve the success rate of 80%,while the normal differential power analysis needs 490 power traces.In addition,when analyzing the data of DPA Contest V1,using the method of this paper only 53 power traces is needed to achieve the success rate of 80%,while the normal differential power analysis needs 195 power traces.Two experiments on different subjects verify the effectiveness of our method.

Key words: differential power analysis, selecting power traces, singular value decomposition

中图分类号:

TP309.7

周新平, 孙德刚, 王竹, 等. 一种基于奇异值分解的功耗轨迹筛选方法[J]. 电子学报, 2017, 45(9): 2250-2255.

ZHOU Xin-ping, SUN De-gang, WANG Zhu, et al. A Method Based on Singular Value Decomposition for Enhancement of Differential Power Analysis[J]. Acta Electronica Sinica, 2017, 45(9): 2250-2255.

参考文献

[1] Kocher P,Jaffe J,Jun B.Differential power analysis[A].Advances in Cryptology-CRYPTO'99[C].Berlin Heidelberg:Springer,1999.388-397.
[2] Clavier C,Coron J S,Dabbous N.Differential power analysis in the presence of hardware countermeasures[A].Cryptographic Hardware and Embedded Systems-CHES 2000[C].Berlin Heidelberg:Springer,2000.252-263.
[3] Joye M,Paillier P,Schoenmakers B.On second-order differential power analysis[A].Cryptographic Hardware and Embedded Systems-CHES 2005[C].Berlin Heidelberg:Springer,2005.293-308.
[4] Tiri K,Akmal M,Verbauwhede I.A dynamic and differential CMOS logic with signal independent power consumption to withstand differential power analysis on smart cards[A].Solid-State Circuits Conference,2002.ESSCIRC 2002[C].Florence Italy:IEEE,2002.403-406.
[5] Guilley S,Hoogvorst P,Pacalet R.Differential power analysis model and some results[A].CARDIS[C].Berlin Heidelberg:Springer,2004,4.127-142.
[6] Prouff E,Rivain M,Bévan R.Statistical analysis of second order differential power analysis[J].Computers,IEEE Transactions on,2009,58(6):799-811.
[7] Fischer W,Gammel B M,Kniffler O,et al.Differential power analysis of stream ciphers[A].Topics in Cryptology-CT-RSA 2007[C].Berlin Heidelberg:Springer,2006.257-270.
[8] Gebotys C H,Ho S,Tiu C C.EM analysis of Rijndael and ECC on a wireless Java-based PDA[A].Cryptographic Hardware and Embedded Systems-CHES 2005[C].Berlin Heidelberg:Springer,2005.250-264.
[9] Plos T,Hutter M,Feldhofer M.On comparing side-channel preprocessing techniques for attacking RFID devices[A].Information Security Applications[C].Busan,Korea:Springer,2009.163-177.
[10] Barenghi A,Pelosi G,Teglia Y.Improving first order differential power attacks through digital signal processing[A].Proceedings of the 3rd International Conference on Security of Information and Networks[C].New York USA:ACM,2010.124-133.
[11] Kasper T,Oswald D,Paar C.Side-Channel Analysis of Cryptographic RFIDs with Analog Demodulation[M].RFID.Security and Privacy.Berlin Heidelberg:Springer,2012:61-77.
[12] Cao,Yuchen,Yongbin Zhou,Zhenmei Yu.On the negative effects of trend noise and its applications in side-channel cryptanalysis[J].Chinese Journal of Electronics,2014,23(2):366-370.
[13] Kim Y,Sugawara T,Homma N,et al.Biasing power traces to improve correlation power analysis attacks[A].First International Workshop on Constructive Side-Channel Analysis and Secure Design (COSADE 2010)[C].Berlin Heidelberg:Springer,2010.77-80.
[14] Kim Y,Ko H.Using principal component analysis for practical biasing of power traces to improve power analysis attacks[A].Information Security and Cryptology-ICISC 2013[C].Berlin Heidelberg:Springer,2014.109-120.
[15] Brier E,Clavier C,Olivier F.Correlation power analysis with a leakage model[A].Cryptographic Hardware and Embedded Systems-CHES 2004[C].Berlin Heidelberg:Springer,2004.16-29.
[16] Hu W,Wu L,Wang A,et al.Adaptive chosen-plaintext correlation power analysis[A].Computational Intelligence and Security (CIS),2014 Tenth International Conference on[A].Kunming:IEEE,2014.494-498.
[17] Batina L,Hogenboom J,van Woudenberg J G J.Getting more from PCA:First results of using principal component analysis for extensive power analysis[A].Topics in Cryptology-CT-RSA 2012[C].Berlin Heidelberg:Springer,2012.383-397.
[18] Hongying L I U,Xin J I N,Tsunoo Y.Correlated noise reduction for electromagnetic analysis[J].IEICE Transactions on Fundamentals of Electronics,Communications and Computer Sciences,2013,96(1):185-195.
[19] Andrews H C,Patterson Ⅲ C L.Singular value decomposition (SVD) image coding[J].Communications,IEEE Transactions on,1976,24(4):425-432.
[20] Golub G H,Reinsch C.Singular value decomposition and least squares solutions[J].Numerische mathematik,1970,14(5):403-420.
[21] Standaert F X,Malkin T G,Yung M.A unified framework for the analysis of side-channel key recovery attacks[A].Advances in Cryptology-EUROCRYPT 2009[C].Berlin Heidelberg:Springer,2009.443-461.

一种基于奇异值分解的功耗轨迹筛选方法

A Method Based on Singular Value Decomposition for Enhancement of Differential Power Analysis

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

[1]	廖勇, 杨馨怡, 杜洁汝. 基于两阶段的毫米波大规模MIMO低复杂度混合预编码算法[J]. 电子学报, 2021, 49(7): 1298-1304.
[2]	郑晨, 席晓莉, 宋忠国, 王梦蕾. 基于子空间技术中奇异向量分析的穿墙雷达杂波抑制方法[J]. 电子学报, 2019, 47(4): 848-854.
[3]	王金铭, 叶时平, 徐振宇, 陈超祥, 蒋燕君. 半张量积低存储压缩感知方法研究[J]. 电子学报, 2018, 46(4): 797-804.
[4]	张丹威, 王晓东, 黄国勇. 相关系数SVD增强随机共振的单向阀故障诊断[J]. 电子学报, 2018, 46(11): 2696-2704.
[5]	赵学智, 叶邦彦. 非零奇异值和频率的关系及其在信号分解中的应用[J]. 电子学报, 2017, 45(8): 2008-2018.
[6]	刘侍刚, 彭亚丽. 投影约束的遮挡点恢复方法[J]. 电子学报, 2017, 45(11): 2611-2616.
[7]	刘斌, 刘维杰, 罗益辉, 郭琳. 八通道MSVD构造及其在多聚焦图像融合中的应用[J]. 电子学报, 2016, 44(7): 1694-1701.
[8]	王录涛, 吴锡, 金钢, 邹见效. 一种基于奇异值谱加权的超声彩色多普勒成像杂波抑制算法[J]. 电子学报, 2016, 44(6): 1294-1299.
[9]	张晓帆, 李广军. 基于低硬件复杂度、高速CORDIC的SVD模块设计与实现[J]. 电子学报, 2015, 43(4): 738-742.
[10]	王晨旭, 韩良, 喻明艳, 王进祥. 一种适用于RFID标签的安全化密码算法实现[J]. 电子学报, 2014, 42(8): 1465-1473.
[11]	黄霞. 基于本体和奇异值分解的图像数据索引查询算法[J]. 电子学报, 2014, 42(2): 288-291.
[12]	王令赛, 姜淑娟, 张艳梅, 于巧. 基于正交搜索的粒子群优化测试用例生成方法[J]. 电子学报, 2014, 42(12): 2345-2351.
[13]	闫锋刚, 金铭, 乔晓林. 适用任意阵列的变换域二维波达角快速估计算法[J]. 电子学报, 2013, 41(5): 936-942.
[14]	袁晖坪. 泛延拓矩阵的奇异值分解[J]. 电子学报, 2012, 40(8): 1539-1543.
[15]	赵春晖;刘巍. 基于压缩感知的交互支持双水印算法[J]. 电子学报, 2012, 40(4): 681-687.