一种抗侧信道攻击的随机功耗方法
|
摘要
针对RSA密码算法的实现电路有多种攻击方法。功耗平衡技术常用来抵抗侧信道攻击。为了解决抗侧信道攻击算法中开销大的问题。通过混淆比特位为0运算单元之间的功耗,提出一种随机功耗方法来抵抗侧信道攻击。通过对该方法的分析,证明该随机功耗算法能够实现抗计时攻击和能量攻击的目的,功耗能够减少30%左右,且不降低方案的安全性。
The implementation of RSA cryptosystems has a variety of attack methods. Equivalent power consumption is often used to resist the side channel attacks. In order to solve the problem of high cost problem against side channel attack algorithms,we proposed random power consumption to against the side channel attacks by confusing the power consumption of the 0 bit arithmetic units in this paper. Through the analysis of the method,it was proved that the stochastic power consumption algorithm achieved the purpose of anti-clock attack and energy attack,and the power consumption was reduced by about 30% without reducing the security of the scheme.
The implementation of RSA cryptosystems has a variety of attack methods. Equivalent power consumption is often used to resist the side channel attacks. In order to solve the problem of high cost problem against side channel attack algorithms,we proposed random power consumption to against the side channel attacks by confusing the power consumption of the 0 bit arithmetic units in this paper. Through the analysis of the method,it was proved that the stochastic power consumption algorithm achieved the purpose of anti-clock attack and energy attack,and the power consumption was reduced by about 30% without reducing the security of the scheme.
引文
[1]Rivest R L,Shamir A,Adleman L.A method for obtaining digital signatures and public-key cryptosystems[J].Communications of the Acm,1978,26(2):96-99.
[2]韩立东,王小云,许光午.RSA密码系统小CRT解密指数的攻击分析[J].中国科学:信息科学,2011,41(2):173-180.
[3]Zou H.An Prime Generating Scheme to Avoid Effectively Common Modulus Attack on RSA[J].Computer Engineering&Applications,2004,40(27):88-91.
[4]姜正涛,怀进鹏,王育民.RSA推广循环攻击实效性与弱模问题的研究与分析[J].通信学报,2009,30(6):70-74.
[5]Kocher P C.Timing Attacks on Implementations of DiffieHellman,RSA,DSS,and Other Systems[C]//International Cryptology Conference on Advances in Cryptology.SpringerVerlag,1996:104-113.
[6]Cimato S,Mella S,Susella R.Partial Key Exposure Attacks on RSA with Exponent Blinding[C]//International Conference on E-Business and Telecommunications.Springer International Publishing,2015:364-385.
[7]Schindler W.Exclusive Exponent Blinding May Not Suffice to Prevent Timing Attacks on RSA[M]//Cryptographic Hardware and Embedded Systems-CHES 2015.Springer Berlin Heidelberg,2015:229-247.
[8]Schindler W,Wiemers A.Power attacks in the presence of exponent blinding[J].Journal of Cryptographic Engineering,2014,4(4):213-236.
[9]Menezes A J.Elliptic Curve Public Key Cryptography[J].International Course on the State of the Art&Evolution of Computer Security&Industrial Cryptography Location Leuven Be Date,1993(3):76-79.
[10]Kocher P,Jaffe J,Jun B.Differential Power Analysis[C]//International Cryptology Conference on Advances in Cryptology.Springer-Verlag,1999:388-397.
[11]任燕婷,乌力吉,李翔宇,等.抗攻击低功耗RSA处理器设计与实现[J].清华大学学报(自然科学版),2016,56(1):1-6.
[12]陈运,吴震,陈俊,等.防范边信道攻击的等功耗编码实现算法[J].电子科技大学学报,2008,37(2):168-171.
[13]Gebotys C H.A table masking countermeasure for low-energy secure embedded systems[J].IEEE Transactions on Very Large Scale Integration Systems,2006,14(7):740-753.
[14]陈运,龚耀寰.大数幂剩余的二进制冗余数Montgomery算法[J].电子科技大学学报,2000,29(6):587-590.
[2]韩立东,王小云,许光午.RSA密码系统小CRT解密指数的攻击分析[J].中国科学:信息科学,2011,41(2):173-180.
[3]Zou H.An Prime Generating Scheme to Avoid Effectively Common Modulus Attack on RSA[J].Computer Engineering&Applications,2004,40(27):88-91.
[4]姜正涛,怀进鹏,王育民.RSA推广循环攻击实效性与弱模问题的研究与分析[J].通信学报,2009,30(6):70-74.
[5]Kocher P C.Timing Attacks on Implementations of DiffieHellman,RSA,DSS,and Other Systems[C]//International Cryptology Conference on Advances in Cryptology.SpringerVerlag,1996:104-113.
[6]Cimato S,Mella S,Susella R.Partial Key Exposure Attacks on RSA with Exponent Blinding[C]//International Conference on E-Business and Telecommunications.Springer International Publishing,2015:364-385.
[7]Schindler W.Exclusive Exponent Blinding May Not Suffice to Prevent Timing Attacks on RSA[M]//Cryptographic Hardware and Embedded Systems-CHES 2015.Springer Berlin Heidelberg,2015:229-247.
[8]Schindler W,Wiemers A.Power attacks in the presence of exponent blinding[J].Journal of Cryptographic Engineering,2014,4(4):213-236.
[9]Menezes A J.Elliptic Curve Public Key Cryptography[J].International Course on the State of the Art&Evolution of Computer Security&Industrial Cryptography Location Leuven Be Date,1993(3):76-79.
[10]Kocher P,Jaffe J,Jun B.Differential Power Analysis[C]//International Cryptology Conference on Advances in Cryptology.Springer-Verlag,1999:388-397.
[11]任燕婷,乌力吉,李翔宇,等.抗攻击低功耗RSA处理器设计与实现[J].清华大学学报(自然科学版),2016,56(1):1-6.
[12]陈运,吴震,陈俊,等.防范边信道攻击的等功耗编码实现算法[J].电子科技大学学报,2008,37(2):168-171.
[13]Gebotys C H.A table masking countermeasure for low-energy secure embedded systems[J].IEEE Transactions on Very Large Scale Integration Systems,2006,14(7):740-753.
[14]陈运,龚耀寰.大数幂剩余的二进制冗余数Montgomery算法[J].电子科技大学学报,2000,29(6):587-590.