A Comprehensive Protection Implementation of SM4 Algorithm Based on Threshold and Infection Technology

JIAO Zhi-peng; YAO Fu; CHEN Hua; WANG Jian; KUANG Xiao-yun; HUANG Kai-tian

doi:10.12263/DZXB.20210223

您当前的位置：

首页 >

文章列表页 >

A Comprehensive Protection Implementation of SM4 Algorithm Based on Threshold and Infection Technology

PAPERS | 更新时间：2025-12-08

- A Comprehensive Protection Implementation of SM4 Algorithm Based on Threshold and Infection Technology
- ACTA ELECTRONICA SINICA Vol. 50, Issue 5, Pages: 1066-1074(2022)
- 作者机构：
  
  1.中国科学院软件研究所可信计算与信息保障实验室,北京 100190
  2.中国科学院大学,北京 100049
  3.南方电网科学研究院,广东广州 510663
- 作者简介：
- 基金信息：
- DOI：10.12263/DZXB.20210223
  CLC： TN918;TP309
- Received：04 February 2021，
  
  Revised：2021-06-03，
  
  Published：25 May 2022
- 稿件说明：
移动端阅览
焦志鹏,姚富,陈华等.一种基于门限与感染技术的SM4算法综合防护实现[J].电子学报,2022,50(05):1066-1074.

JIAO Zhi-peng,YAO Fu,CHEN Hua,et al.A Comprehensive Protection Implementation of SM4 Algorithm Based on Threshold and Infection Technology[J].ACTA ELECTRONICA SINICA,2022,50(05):1066-1074.
焦志鹏,姚富,陈华等.一种基于门限与感染技术的SM4算法综合防护实现[J].电子学报,2022,50(05):1066-1074. DOI： 10.12263/DZXB.20210223.

JIAO Zhi-peng,YAO Fu,CHEN Hua,et al.A Comprehensive Protection Implementation of SM4 Algorithm Based on Threshold and Infection Technology[J].ACTA ELECTRONICA SINICA,2022,50(05):1066-1074. DOI： 10.12263/DZXB.20210223.

摘要

侧信道攻击和故障攻击对于密码算法的实现安全性有着巨大的威胁.针对这样的现状，本文结合门限实现和乘法感染防护思想构造了一种具有抵抗侧信道攻击和故障攻击能力的综合防护方案，以门限实现思想为基础实现了对于侧信道攻击的防护，以乘法感染思想为基础实现了对于故障攻击的防护，二者相互结合使得综合防护方案同时具有抵抗侧信道攻击和故障攻击的能力.此外以门限实现改善了乘法感染防护中随机数为0的缺陷，并且结合随机置换思想进一步提高了防护方案抵抗故障攻击的能力.随后本文依据以上综合防护理论构造了一种适用于SM4算法的综合防护实现方案，并在现场可编程门阵列（Field Programmable Gate Array，FPGA）上进行了具体的实现，最后通过理论分析和安全性评估实验验证了该综合防护方案的安全性.

Abstract

Side channel attack and fault attack are great threats to the security of cryptography implementation. In view of this situation

this paper combines the threshold implementation(TI) and multiplicative infection protection idea to construct a comprehensive protection scheme with the ability to resist side channel attack and fault attack. Based on the idea of threshold implementation

the protection against side channel attack is realized. Based on the idea of multiplicative infection

the protection against fault attack is realized. The combination of the two theory makes the comprehensive protection scheme capable of resisting side channel attack and fault attack at the same time. In addition

threshold implementation improves the flaw of multiplicative infection when the random number is 0

and the ability of the protection scheme to resist fault attack is further improved by combining the idea of random permutation. Then

based on the above comprehensive protection theory

this paper constructs a comprehensive protection implementation scheme suitable for SM4 algorithm

and carries out a specific implementation on field programmable gate array(FPGA). Finally

the security of the comprehensive protection scheme is verified through theoretical analysis and security evaluation experiments.

关键词

Keywords

references

KOCHER P C . Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems [C]// Advances in Cryptology—CRYPTO'96 . Berlin, Heidelberg : Springer-Verlag , 1996 : 104 ‑ 113 .

MESSERGES T S . Using second-order power analysis to attack DPA resistant software [C]// Cryptographic Hardware and Embedded Systems—CHES 2000 . Berlin, Heidelberg : Springer-Verlag , 2000 : 238 ‑ 251 .

FERRIGNO J , HLAVÁČ M . When AES blinks: introducing optical side channel [J]. IET Information Security , 2008 , 2 ( 3 ): 94 ‑ 98 .

GENKIN D , SHAMIR A , TROMER E . RSA key extraction via low-bandwidth acoustic cryptanalysis [C]// Advances in Cryptology—CRYPTO 2014 . Berlin, Heidelberg : Springer-Verlag , 2014 : 444 ‑ 461 .

BONEH D , DEMILLO R A , LIPTON R J . On the importance of checking cryptographic protocols for faults [C]// Advances in Cryptology—EUROCRYPT'97 . Berlin, Heidelberg : Springer-Verlag , 1997 : 37 ‑ 51 .

KOCHER P , JAFFE J , JUN B . Differential power analysis [C]// Advances in Cryptology—CRYPTO'99 . Berlin, Heidelberg : Springer-Verlag , 1999 : 388 ‑ 397 .

NIKOVA S , RECHBERGER C , RIJMEN V . Threshold implementations against side-channel attacks and glitches [C]// Information and Communications Security . Berlin, Heidelberg : Springer-Verlag , 2006 : 529 ‑ 545 .

PIRET G , QUISQUATER J J . A differential fault attack technique against SPN structures, with application to the AES and KHAZAD [C]// Cryptographic Hardware and Embedded Systems—CHES 2003 . Berlin, Heidelberg : Springer- Verlag , 2003 : 77 ‑ 88 .

FENG J Y , CHEN H , LI Y , et al . A framework for evaluation and analysis on infection countermeasures against fault attacks [J]. IEEE Transactions on Information Forensics and Security , 2020 , 15 : 391 ‑ 406 .

ISHAI Y , PRABHAKARAN M , SAHAI A , et al . Private circuits II: keeping secrets in tamperable circuits [C]// Advances in Cryptology—EUROCRYPT 2006 . Berlin, Heidelberg : Springer-Verlag , 2006 : 308 ‑ 327 .

DE CNUDDE T , NIKOVA S . More efficient private circuits II through threshold implementations [C]// 2016 Workshop on Fault Diagnosis and Tolerance in Cryptography(FDTC) . New Jersey : IEEE , 2016 : 114 ‑ 124 .

SCHNEIDER T , MORADI A , GÜNEYSU T . ParTI⁃towards combined hardware countermeasures against side-channel and fault-injection attacks [C]// Advances in Cryptology—CRYPTO 2016 . Berlin, Heidelberg : Springer-Verlag , 2016 : 302 ‑ 332 .

REPARAZ O , DE MEYER L , BILGIN B , et al . CAPA: the spirit of beaver against physical attacks [C]// Advances in Cryptology—CRYPTO 2018 . Berlin, Heidelberg : Springer-Verlag , 2018 : 121 ‑ 151 .

MEYER L D , ARRIBAS V , NIKOVA S , et al . M&M: Masks and macs against physical attacks [J]. IACR Transactions on Cryptographic Hardware and Embedded Systems , 2019 , 2019( 1 ): 25 ‑ 50 .

吕述望 , 苏波展 , 王鹏 , 等 . SM4分组密码算法综述 [J]. 信息安全研究 , 2016 , 2 ( 11 ): 995 ‑ 1007 .

LÜ Shu-wang , SU Bo-zhan , WANG Peng , et al . Overview on SM4 algorithm [J]. Journal of Information Security Research , 2016 , 2 ( 11 ): 995 ‑ 1007 . (in Chinese)

谭锐能 , 卢元元 , 田椒陵 . 抗侧信道攻击的SM4多路径乘法掩码方法 [J]. 计算机工程 , 2014 , 40 ( 05 ): 103 ‑ 108, 114 .

TAN Rui-neng , LU Yuan-yuan , TIAN Jiao-ling . SM4 multi-path multiplicative masking method against side-channel attack [J]. Computer Engineering , 2014 , 40 ( 05 ): 103 ‑ 108, 114 . ( in Chinese)

裴超 . 一种SM4掩码方法和抗DPA攻击分析 [J]. 密码学报 , 2016 , 3 ( 01 ): 79 ‑ 90 .

PEI Chao . A method of masking SM4 and analysis against DPA attacks [J]. Journal of Cryptologic Research , 2016 , 3 ( 01 ): 79 ‑ 90 . (in Chinese)

李新超 , 钟卫东 , 张帅伟 , 等 . 一种SM4算法S盒的门限实现方案 [J]. 密码学报 , 2018 , 5 ( 06 ): 641 ‑ 650 .

LI Xin-chao , ZHONG Wei-dong , ZHANG Shuai-wei , et al . A New Threshold Implementation of the S-box in SM4 [J]. Journal of Cryptologic Research , 2018 , 5 ( 06 ): 641 ‑ 650 . (in Chinese)

WEI Man , SUN Siwei , WEI Zihao , HU Lei . Unbalanced sharing: a threshold implementation of SM4 [J]. Science China(Information Sciences) , 2021 , 64 ( 05 ): 218 ‑ 220 .

辛小霞 . 抗故障攻击的硬件密码算法研究与实现 [D]. 湖南长沙 : 湖南大学 , 2015 .

XIN Xiao-xia . The Research and Implementation of Hardware Cryptographic Algorithms to Resist Fault Attack [D]. Changsha, Hunan : Hunan University , 2015 . (in Chinese)

REPARAZ O , BILGIN B , NIKOVA S , GIERLICHS B , VERBAUWHEDE I . Consolidating masking schemes in CRYPTO [C]// Advances in Cryptology—CRYPTO 2015 . Berlin, Heidelberg : Springer-Verlag , 2015 : 764 ‑ 783 .

MAO W , BAI X , WEN L . Methods and apparatus for secure and efficient implementation of block ciphers : CN2017/080318 [P]. 2017-04-12 .

CANRIGHT , D. A very compact S-Box for AES [C]// Cryptographic Hardware and Embedded Systems—CHES 2005 . Berlin, Heidelberg : Springer-Verlag , 2005 : 441 ‑ 455 .

CNUDDE T D , REPARAZ O , BILGINBEGÜL , et al . Masking AES with d +1 shares in hardware [C]// Cryptographic Hardware and Embedded Systems—CHES 2016 . Berlin, Heidelberg : Springer-Verlag , 2016 : 194 ‑ 212 .

SCHNEIDER T , MORADI A . Leakage assessment methodology [C]// Cryptographic Hardware and Embedded Systems—CHES 2015 . Berlin, Heidelberg : Springer-Verlag , 2015 : 495 ‑ 513 .

Views

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Low-Latency First-Order Threshold Implementation of uBlock

An Attack Method Against the Modular Reduction Within a RSA-CRT Implementation Based on Template Attack

Chosen Ciphertext Combined Attack Based on Round-Reduced Fault Against SM2 Decryption Algorithm

Related Author

Fu YAO

Hua CHEN

Jian WANG

Xiao-yun KUANG

Kai-tian HUANG

Zhi-peng JIAO

FAN Li-min

CHEN Hua

Related Institution

Electric Power Research Institute， China Southern Power Grid

Trusted Computing and Information Assurance Laboratory， Institute of Software， Chinese Academy of Sciences

School of Cyber Security， University of Chinese Academy of Sciences

Institute of Information Engineering， Chinese Academy of Sciences

National Research Center for Information Technology Security

⁰