在能量分析攻击中,为了提高攻击效率,减少噪声的影响,越来越多的预处理方法被使用,取得了很多显著的效果。该文以在ATmega16上运行的AES-128算法作为攻击目标,对采集的原始能量曲线进行滑动平均滤波,再通过相关能量分析(Correlation Power Analysis, CPA)攻击确定滑动平均滤波的最优参数。通过与原始数据和经过Hanning窗低通滤波器滤波后的数据对比,可以看出经过滑动平均滤波处理后,使用正确密钥所得的CPA相关系数较原始数据或低通滤波处理后所得系数大,而错误密钥所得相关系数小。经过滑动平均处理后,不仅可以发现AES-128的10轮加密过程,而且经过差分能量分析攻击所得的尖峰较原始的更为明显。实验结果表明经过滑动平均滤波预处理后,能量分析攻击的效率可明显提高。
In order to improve the efficiency of attack and reduce the influence of noise on power analysis, a growing number of preprocessing methods are discussed and numerous remarkable results are reported. The AES-128 algorithm running on the ATmega16 is taken as the target in this paper. The original energy curves are moved average and the optimal parameter of moving average filter is determined by Correlation Power Analysis (CPA) subsequently. The experimental results demonstrate that compared with the original data and the data after Hanning window low-pass filter, the correlation coefficient obtained by the correct key with the using of moving average filter is evidently promoted, while the correlation coefficient obtained by the incorrect key is decreased. With the moving average approaching, the process of the ten encryption of AES-128 can be discovered obviously. The peak of Differential Power Analysis (DPA)obtained by the data using moving average is more obvious than that obtained by the original data. Numerical results show that the moving average approaching can improve the efficiency of power analysis evidently.
王建新,方华威,段晓毅,佘高健. 基于滑动平均的能量分析攻击研究与实现[J]. 电子与信息学报, 2017, 39(5): 1256-1260.
WANG Jianxin, FANG Huawei, DUAN Xiaoyi, SHE Gaojian. Research and Implementation of Power Analysis Based on Moving Average. JEIT, 2017, 39(5): 1256-1260.
KOCHER P. Timing attacks on implementations of Diffie- Hellman, RSA, DSS, and other systems[C]. International Cryptology Conference on Advances in Cryptology, Stanford, USA, 2010: 104-113.
[2]
KOCHER P, JAE, and JUN B. Differential power analysis[C]. International Cryptology Conference on Advances in Cryptology. San Francisco, USA, 1999: 388-397.
[3]
AGRAWAL D, ARCHAMBEAULT B, JOSYULA R R, et al. The EM Side-Channel(s)[M]. Berlin: Springer, 2002: 29-45.
[4]
GANDOLFI K, MOURTEL C, and OLIVIER F. Electromagnetic analysis: Concrete results[C]. Cryptographic Hardware and Embedded Systems, Paris, France, 2001: 251-261.
[5]
QUISQUATER J J and SAMYDE D. ElectroMagnetic Analysis (EMA): Measures and counter- measures for smart cards[C]. Proceedings of the International Conference on Research in Smart Cards: Smart Card Programming and Security, Cannes, France, 2001: 200-210.
[6]
GENKIN D, SHAMIR A, and TROMER E. RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis [M]. Berlin: Springer, 2014: 444-461.
[7]
JULIE F and HLAVAC M. When AES-128 blinks: Introducing optical side channel[J]. IET Information Security, 2008, 2(3): 94-98. doi: 10.1049/iet-ifs:20080038.
[8]
HUTTER M and SCHMIDT J M. The temperature side- channel and heating fault attacks[C]. Smart Card Research and Advanced Applications-Cardis, Graz, Austria, 2013: 219-235.
[9]
BRIER E, CLAVIER C, and OLIVIER F. Correlation Power Analysis with a Leakage Model[M]. Berlin: Springer, 2004: 8004-8010.
[10]
GIERLICHS B, BATINA L, and TUYLS P. Mutual information analysis-a universal differential side-channel attack[J]. Journal of Cryptology, Springer, USA, 2007, 24(2): 269-291.
[11]
ALIOTO M, GIANCANE L, SCOTTI G, et al. Leakage power analysis attacks: Well-defined procedure and first experimental results[C]. 2009 International Conference on Microelectronics (ICM), Marrakech, Morocco, 2009: 46-49.
[12]
ALIOTO M, GIANCANE L, SCOTTI G, et al. Leakage power analysis attacks: A novel class of attacks to nanometer cryptographic circuits[J]. IEEE Transactions on Circuits & Systems I Regular Papers, 2010, 57-I(2): 355-367. doi: 10. 1109/TCSI.2009.2019411.
[13]
MORADI A. Side-Channel Leakage Through Static Power Should We Care About in Practice[M]. Cryptographic Hardware and Embedded Systems, Berlin: Springer, 2014: 562-579.
[14]
LE T-H, CLEDIERE J, SERVIERE C, et al. Noise reduction in side channel attack using Fourth-Order Cumulant[J]. IEEE Transactions on Information Forensics & Security, 2007, 2(4): 710-720. doi: 10.1109/TIFS.2007.910252.
[15]
SOUISSI Y, GUILLEY S, DANGER J-L, et al. Improvement of power analysis attacks using Kalman filter[C]. IEEE International Conference on Acoustics, Speech, & Signal Processing, Dallas, Texas, USA, 2010: 1778-1781.
[16]
WHITNALL C and OSWALD E. Robust Profiling for DPA- Style Attacks[M]. Cryptographic Hardware and Embedded Systems. Berlin: Springer, 2015: 3-21.
[17]
POZO S M D and STANDAERT F-X. Blind Source Separation from Single Measurements Using Singular Spectrum Analysis[M]. Cryptographic Hardware and Embedded Systems. Berlin: Springer, 2015: 42-62.
ZHANG Peng, DENG Gaoming, ZOU Cheng, et al. Signal processing and analysis techniques in differential power analysis[J]. Microelectronics & Computer, 2009, 26(11): 1-4.
HUANG Yongyuan, CHEN Yun, CHEN Jun, et al. CPA for AES-128 by using frequency domain auxiliary analysis[J]. Journal of Sichuan University (Natural Science Edition), 2014, 51(3): 459-466. doi: 10.3969/j.issn.0490-6756.2014.03. 009.
CAI Chen, CHEN Yun, WAN Wunan, et al. Correlation power analysis for AES-128 based -on principal component analysis[J]. Application of Electronic Technique, 2015, 41(8): 101-105. doi: 10.16157/j.issn.0258-7998.2015.08.02.9.
[21]
刘松雨. 基于单比特信号的互相关算法研究[D]. [硕士论文], 哈尔滨理工大学, 2015.
LIU Songyu. Research of cross-correlation algorithm based on single-bit signal[D]. [Master dissertation], Harbin University of Science and Technology, 2015.
PEI Yixuan and GUO Min. The fundamental principle and application of sliding average method[J]. Gun Launch & Control Journal, 2001, (1): 21-23. doi: 10.3969/j.issn.1673- 6524.2001.01.007.
HUANG Kaiming. Research on the parameters of sliding averaging for digital filtering[J]. Journal of Jimei University (Natural Science), 2006, 11(4): 381-384. doi: 10.3969/j.issn. 1007-7405.2006.04.020.