南京大学学报(自然科学版) ›› 2017, Vol. 53 ›› Issue (6): 1141.
陈 浩1*,王 韬1,赵新杰2,3,张 帆4,马云飞1,王晓晗1
Chen Hao1*,Wang Tao1,Zhao Xinjie2,3,Zhang Fan4,Ma Yunfei1,Wang Xiaohan1
摘要: 针对现有HIGHT轻量级分组密码代数故障攻击方法在故障失效发生的场景下故障位置判定出错进而影响攻击成功率的问题,提出并讨论了一种容错代数故障攻击方法.该方法首先对故障失效特性进行深入研究,利用故障注入位置、故障失效与密文差分之间的对应关系,构建了一个完备的故障位置区分器以实现对各种场景下故障位置的准确判定.然后在此基础上提取故障失效信息以实现故障信息最大化利用,并对故障信息等效代数方程组构建方法进行优化,实现了故障信息等效代数方程组的自动化构建.最后对提出的攻击方法的复杂度和成功率进行了分析和实验验证.实验结果表明,与现有攻击相比,提出的攻击方法容错能力更强,能检测出所有显性故障失效,攻击的成功率达到100%,且故障信息等效代数方程组构建自动化程度更高,解析器平均求解时间更少.
[1] Bogdanov A,Knudsen L R,Leander G,et al.PRESENT:An ultra-lightweight block cipher.In:Paillier P,Verbauwhede I.Cryptographic Hardware and Embedded Systems - CHES 2007.Springer Berlin Heidelberg,2007:4727:450-466. [2] Hong D,Sung J,Hong S,et al.HIGHT:A new block cipher suitable for low-resource device.In:Goubin L,Matsui M.Cryptographic Hardware and Embedded Systems - CHES 2006.Springer Berlin Heidelberg,2006:4249:46-59. [3] Guo J,Peyrin T,Poschmann A,et al.The LED block cipher.In:Preneel B,Takagi T.Cryptographic Hardware and Embedded Systems - CHES 2011.Springer Berlin Heidelberg,2011:6917:326-341. [4] Shibutani K,Isobe T,Hiwatari H,et al.Piccolo:An ultra-lightweight blockcipher.In:Preneel B,Takagi T.Cryptographic Hardware and Embedded Systems - CHES 2011.Springer Berlin Heidelberg,2011:6917:342-357. [5] Courtois N T,Ware D,Jackson K M.Fault-algebraic attacks on inner rounds of DES.In:Strategies Telecom and Multimedia.Montreuil,France:UCL,2010:22-24. [6] Zhang F,Zhao X J,Guo S Z,et al.Improved algebraic fault analysis:A case study on piccolo and applications to other lightweight block ciphers.In:The 2nd International Workshop on Constructive Side-Channel Analysis and Secure Design(COSADE 2013).Springer Berlin Heidelberg,2013,7864,2013:62-79. [7] 吴克辉,赵新杰,王 韬等.PRESENT密码代数故障攻击.通信学报,2012,33(8):85-92.(Wu K H,Zhao X J,Wang T,et al.Algebraic fault attack on PRESENT.Journal on Communications,2012,33(8):85-92.) [8] 赵新杰,郭世泽,王 韬等.Piccolo密码代数故障分析研究.计算机学报,2013,36(4):882-894.(Zhao X J,Guo S Z,Wang T,et al.Research of algebraic fault analysis on piccolo.Chinese Journal of Computers,2013,36(4):882-894.) [9] Mohamed M S E,Bulygin S,Bchmann J.Using SAT solving to improve differential fault analysis of Trivium.In:Kim T,Adeli H,Robles R J,et al.Information Security and Assurance.Springer Berlin Heidelberg,2011:62-71. [10] 范伟杰,吴文玲,张 蕾.HIGHT算法的差分故障攻击.中国科学院研究生院学报,2012,29(2):271-276.(Fan W J,Wu W L,Zhang L.Differential fault analysis on HIGHT.Journal of Graduate University of Chinese Academy of Sciences,2012,29(2):271-276.) [11] 陈 浩,王 韬,张 帆等.HIGHT密码代数故障分析.上海交通大学学报,2015,49(12):1817-1825,1832.(Chen H,Wang T,Zhang F,et al.Algebraic fault analysis of HIGHT.Journal of Shanghai Jiao Tong University,2015,49(12):1817-1825,1832.) [12] Joye M,Tunstall M.密码故障分析与防护.赵新杰,张世泽,张 帆等译.北京:科学出版社,2015,239-253.(Joye M,Tunstall M.Fault analysis in cryptography.Zhao X J,Zhang S J,Zhang F,et al.Beijing:Science Press,2015,239-253.) [13] 郭世泽,王 韬,赵新杰.密码旁路分析原理与方法.北京:科学出版社,2014,169.(Guo S Z,Wang T,Zhao X J.Principles and methodologies of side-channel analysis in cryptography.Beijing:Science Press,2014,169.) |
No related articles found! |
|