CN101924600B - Method for detecting capability of resisting energy analysis attacks of cryptographic module - Google Patents

Method for detecting capability of resisting energy analysis attacks of cryptographic module Download PDF

Info

Publication number
CN101924600B
CN101924600B CN 201010241607 CN201010241607A CN101924600B CN 101924600 B CN101924600 B CN 101924600B CN 201010241607 CN201010241607 CN 201010241607 CN 201010241607 A CN201010241607 A CN 201010241607A CN 101924600 B CN101924600 B CN 101924600B
Authority
CN
China
Prior art keywords
reference value
module
crypto module
sub
delta
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN 201010241607
Other languages
Chinese (zh)
Other versions
CN101924600A (en
Inventor
黄金刚
周永彬
刘继业
陈海宁
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Institute of Software of CAS
Original Assignee
Institute of Software of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Software of CAS filed Critical Institute of Software of CAS
Priority to CN 201010241607 priority Critical patent/CN101924600B/en
Publication of CN101924600A publication Critical patent/CN101924600A/en
Application granted granted Critical
Publication of CN101924600B publication Critical patent/CN101924600B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The present invention discloses a kind of method for detecting capability of resisting energy analysis attacks of cryptographic module, includes the following steps: 1) to implement power analysis to crypto module, obtains the reference value of each candidate sub-key si 2) reference value based on all sub-keys calculates reference value span delta t; 3) crypto module power analysis resilience factor of safety r is calculated according to reference value span delta t; 4) ability of resisting energy analysis attacks of cryptographic module is measured according to the size of r value. Resilience and factor of safety r are positively correlated. Based on the present invention, the safety and safe coefficient of the anti-power analysis of the calculating equipment containing crypto module can be accurately and rapidly measured, provides necessary basic methods and branch stake tool for the design and analysis and assessment of crypto module.

Description

Detect the method for capability of resisting energy analysis attacks of cryptographic module
Technical field
The present invention relates to field of information security technology, especially the physical security aspect of crypto module; Can be applicable to crypto module and realize the detection of capability of resisting energy analysis attacks, be mainly used in design and analysis and the test and appraisal of cryptographic system.
Background technology
Crypto module is widely used in the various electronic products that relate to cryptosecurity, such as smart card, Net silver key, RFID tag etc.And in practice, a large amount of attacks of carrying out for crypto module, decode the analysis and research activity, be directly connected to the fail safe of the electronic product of the module that accesses to your password.
Side-channel attack is an important branch of cryptanalysis research.It is by obtaining and analyze the signal of telecommunication or the variation of electromagnetic signal and the relation of intermediate value or executable operations in the crypto module operating process, then obtaining a kind of cryptographic attack means of key information.Research practice shows, even cryptographic algorithm is safe under mathematical meaning, the side channel information that any inappropriate realization is leaked still can cause serious potential safety hazard.Power analysis is exactly a kind of so powerful typical side-channel attack.This attack method actual effect is remarkable, is subject to extensive concern, has become the hot issue in side-channel attack field.The ability of resisting energy analysis attacks of cryptographic module has directly determined a little less than the high safety of corresponding electronic products.The present invention proposes a cover and detect crypto module to flow process and the basic skills of the defence capability of power analysis, for design and analysis and the assessment of cryptographic system provides necessary basic methods and supporting tool.
Summary of the invention
The invention provides a kind of method that detects capability of resisting energy analysis attacks of cryptographic module, use this appraisal procedure to carry out quantitative evaluation to the power of capability of resisting energy analysis attacks of cryptographic module.
In the energy spectrometer process, each candidate's sub-key s i(1≤i≤n) (n is the number of candidate's sub-key) is corresponding to the numerical value that is used for characterizing the correct possibility of this sub-key, and this numerical value is called as candidate's sub-key s iReference value
Figure GDA00002021845700011
Basic ideas of the present invention are with all candidate's sub-key s iCorresponding reference value Be converted to the stochastic variable sample of Gaussian distributed
Figure GDA00002021845700013
If all reference values Obey same or very approximate distribution, then the opponent is difficult to distinguish correct sub-key by the reference value of candidate's sub-key, and namely crypto module is safe to power analysis.
Based on above-mentioned thinking, technical scheme of the present invention is: a kind of method that detects capability of resisting energy analysis attacks of cryptographic module comprises following key step:
1) crypto module is implemented power analysis, obtain each candidate's sub-key s iReference value
Figure GDA00002021845700021
2) based on the reference value of all candidate's sub-keys
Figure GDA00002021845700022
Computing reference value span delta t;
3) calculate crypto module power analysis defensive ability/resistance ability factor of safety r according to reference value span delta t;
4) according to the big or small ability of assessing resisting energy analysis attacks of cryptographic module of r, factor of safety r and this ability positive correlation.
The below is described further the concrete operations of each step.At first, the 1st) the implementation flow and method in step is:
I. the plaintext of random generating cipher module;
Ii. will expressly input one by one crypto module, and carry out Password Operations and gather the energy mark (energy consumption curve) of crypto module;
Iii. guess one by one the sub-key of crypto module and utilize circuit sectionalizer to obtain each candidate's sub-key s iCorresponding reference value
Figure GDA00002021845700023
Wherein, ii goes on foot the method for described collection crypto module energy mark and is:
A) setting up password module;
B) crypto module is carried out cryptographic algorithm, and sends triggering signal to oscilloscope;
C) energy consumption values of oscilloscope sampled measurements crypto module and sampled result is transferred to computer;
D) repeating step b) to c), until satisfying, the energy mark quantity of sampling attacks needs.
The 2nd) step in, at first need according to selected circuit sectionalizer reference value
Figure GDA00002021845700024
Do corresponding conversion.If adopt equal value difference check as circuit sectionalizer, then to reference value
Figure GDA00002021845700025
Do identical transformation; If adopt Pearson correlation coefficient as circuit sectionalizer, then to reference value
Figure GDA00002021845700026
Do the Fisher conversion.Reference value after the conversion is designated as Follow computing reference value span delta t, method is:
Δt = re f ^ max - re f ^ min 2 * S
Wherein,
Figure GDA00002021845700029
With
Figure GDA000020218457000210
It is respectively the statistical estimate of reference value with the reference value of minimum of maximum; S is the statistical estimate of the standard deviation of all reference values, namely
Figure GDA000020218457000211
Be the statistical estimate of the average of all reference values, namely
Figure GDA000020218457000212
N is the number of candidate's sub-key.
The 3rd) computational methods of crypto module power analysis defensive ability/resistance ability factor of safety r are in the step:
r = P { | t | ≥ Δt } = ∫ - ∞ - Δt h ( t ) dt + ∫ Δt ∞ h ( t ) dt
Wherein, h (t) is the probability density function that t (n-1) distributes.T is Distribution Statistics.
Because crypto module power analysis defensive ability/resistance ability is stronger, maximum reference value then And minimum reference value
Figure GDA00002021845700033
Difference more not remarkable.Be that reference value span delta t is less, factor of safety r is larger; Otherwise reference value span delta t is larger, and then factor of safety r is less.
The 4th) step is judged the ability of resisting energy analysis attacks of cryptographic module according to r.Concrete, the threshold value r of setting r t, think greater than r tCrypto module be safe to power analysis, factor of safety r is less than threshold value r tCrypto module be unsafe for power analysis.r tValue between preferred 0.01~0.05.
Method of the present invention quantizes crypto module to the defensive ability/resistance ability of power analysis, fail safe and the safe coefficient of the safety product that is provided with the cryptographic calculations function of can helping to test and assess accurately and rapidly.Concrete, the present invention can be applied to smart card etc. based on embedded microprocessor, is widely used in special use or the universal computing device of the numerous areas such as finance, government, community service.By the present invention, ability that can the fast detecting resisting energy analysis attacks of cryptographic module.The present invention is that the anti-power analysis ability of the different crypto module products of same type is carried out across comparison, and the safety determination of the encryption device of wide range of types under power analysis provides effective basic support instrument.
Description of drawings
Fig. 1 is the flow chart of the method for detection capability of resisting energy analysis attacks of cryptographic module of the present invention
Fig. 2 is the power analysis schematic diagram
Fig. 3 is the fundamental measurement allocation plan of energy mark in the power analysis
Fig. 4 is the interaction sequences of each equipment room in the power analysis basic configuration
Embodiment
Detect the method for capability of resisting energy analysis attacks of cryptographic module, comprising:
1) crypto module is implemented power analysis, obtain each candidate's sub-key s iReference value
Figure GDA00002021845700034
2) based on the reference value of all candidate's sub-keys
Figure GDA00002021845700035
Computing reference value span delta t;
3) calculate crypto module power analysis defensive ability/resistance ability factor of safety r according to reference value span delta t;
4) according to the big or small ability of assessing resisting energy analysis attacks of cryptographic module of r, factor of safety r and this ability positive correlation.
Referring to Fig. 1, its concrete flow and method is as follows:
S101: obtain each candidate's sub-key s by crypto module is implemented power analysis iReference value
Figure GDA00002021845700041
S102: the maximum of obtaining the reference value of candidate's sub-key
Figure GDA00002021845700042
And minimum value
Figure GDA00002021845700043
S103: calculate the standard deviation of all reference values, namely Wherein,
Figure GDA00002021845700045
Be the average of all reference values, namely N is the number of candidate's sub-key.
S104: be calculated as follows reference value span
Figure GDA00002021845700047
S105: calculate crypto module power analysis defensive ability/resistance ability factor of safety r:
r = P { | t | ≥ Δt } = ∫ - ∞ - Δt h ( t ) dt + ∫ Δt ∞ h ( t ) dt
Wherein, h (t) is the probability density function that t (n-1) distributes.
S106: the ability of assessing resisting energy analysis attacks of cryptographic module according to the size of factor of safety.Factor of safety r is larger, shows that then crypto module power analysis defensive ability/resistance ability is stronger; Factor of safety r is less, shows that then crypto module power analysis defensive ability/resistance ability is more weak.If crypto module power analysis defensive ability/resistance ability is greater than given secure threshold r t, think that then this crypto module is safe to power analysis, otherwise be unsafe.Usually, secure threshold r tValue is 0.01 to 0.05.
Wherein, step S101 obtains each candidate's sub-key s by crypto module is implemented power analysis iReference value
Figure GDA00002021845700049
This process is exactly to carry out the process of power analysis.Its concrete principle comprises the steps: referring to Fig. 2
I. the plaintext of random generating cipher module;
Ii. at key s cEffect under, when target device was carried out q cryptographic operation, the opponent sampled and obtains q bar energy mark L q=[l 1, l 2, K, l q].For each bar energy mark l i(i=1,2, K, q), opponent preserve corresponding plaintext x iTo vectorial X q=[x 1, x 2, K, x q] in.
Iii. for each sub-key conjecture s i∈ S is done as follows:
A) for vectorial X q=[x 1, x 2, K, x q] in each x expressly iWith sub-key conjecture s, the median in opponent's target of prediction equipment
Figure GDA000020218457000410
And be kept at vector
Figure GDA000020218457000411
In.
B) in the vector
Figure GDA00002021845700051
Each median
Figure GDA00002021845700052
The opponent calculates its corresponding energy consumption according to the energy leakage model and leaks
Figure GDA00002021845700053
And deposit it in vector
Figure GDA00002021845700054
C) opponent calculates sub-key conjecture s according to statistical method iCorresponding reference value
Figure GDA00002021845700055
Iiii. use and reference value is done corresponding conversion (when adopting equal value difference check to distinguish device, reference value is done identical transformation; When adopting the Pearson came associated safety factor to distinguish device, reference value is done the Fisher conversion) so that reference value corresponding to each sub-key conjecture can be portrayed with normal distribution, the result who establishes after the adjustment is
Figure GDA00002021845700056
Energy mark when ii goes on foot the execution Password Operations that needs the measurement crypto module need to be built the special-purpose energy consumption measurement environment of a cover.
The critical piece of measuring configuration comprises: power supply, clock generator, crypto module, measuring circuit (EM probe/probe), a number of units word oscilloscope and a PC, as shown in Figure 3.Measuring circuit provides signal for the digital sample oscilloscope, and this signal is directly proportional with the instantaneous energy consumption of encryption device.PC is used for the energy mark of measuring acquisition is controlled, stored to crypto module and digital oscilloscope, and the energy mark is analyzed.
When crypto module was carried out Password Operations, for the energy consumption of measuring equipment, above-mentioned basic module need to carry out alternately according to following basic procedure, as shown in Figure 4.At first, step (1) crypto module powers on and the receive clock signal.At this moment, the module starting state that has been in operable state and can have taken orders.Next, in step (2), PC is configured oscilloscope.In step (3), the input of crypto module is set expressly, crypto module begins to carry out cryptographic algorithm, and sends triggering signal to oscilloscope.The term of execution of algorithm, the energy consumption values of execution in step (4) oscilloscope measurement crypto module, energy consumption values is measured by measuring circuit.In step (5), PC obtains the output of cryptographic algorithm from module, and last execution in step (6) PC obtains the energy mark that samples from oscilloscope.Constantly repeating step (2) is attacked needs to step (6) until the energy mark quantity of sampling satisfies.
Need the ben the present invention of being to be equally applicable to the attack of the other types such as Electromagnetic attack.Although disclose for the purpose of illustration instantiation of the present invention and accompanying drawing, its purpose is to help to understand content of the present invention and implemented, but it will be appreciated by those skilled in the art that: without departing from the spirit and scope of the invention and the appended claims, various replacements, variation and modification all are possible.The present invention should not be limited to this specification most preferred embodiment and the disclosed content of accompanying drawing, and the scope of protection of present invention is as the criterion with the scope that claims define.

Claims (6)

1. detect the method for capability of resisting energy analysis attacks of cryptographic module, comprise the steps:
1) crypto module is implemented power analysis, obtain each candidate's sub-key s iReference value
Figure FDA00002021845600011
Its step comprises:
1-1) the plaintext of random generating cipher module;
1-2) will expressly input one by one crypto module, and carry out Password Operations and gather the energy mark of crypto module;
1-3) guess one by one the sub-key of crypto module and utilize circuit sectionalizer to obtain each candidate's sub-key s iCorresponding reference value
Figure FDA00002021845600012
2) based on the reference value of all candidate's sub-keys
Figure FDA00002021845600013
Computing reference value span delta t; Its step comprises:
2-1) to reference value
Figure FDA00002021845600014
Do corresponding conversion, the reference value after the conversion is
2-2) computing reference value span delta t:
Δt = re f ^ max - re f ^ min 2 * S
Wherein,
Figure FDA00002021845600017
With
Figure FDA00002021845600018
It is respectively the statistical estimate of reference value with the reference value of minimum of maximum; Statistical estimate for the standard deviation of all reference values;
Figure FDA000020218456000110
Statistical estimate for the average of all reference values; N is the number of candidate's sub-key;
3) calculate crypto module power analysis defensive ability/resistance ability factor of safety according to reference value span delta t r = P { | t | ≥ Δt } = ∫ - ∞ - Δt h ( t ) dt + ∫ Δt ∞ h ( t ) dt ,
Wherein, h (t) is the probability density function that t (n-1) distributes;
4) according to the big or small ability of assessing resisting energy analysis attacks of cryptographic module of r.
2. the method for detection capability of resisting energy analysis attacks of cryptographic module according to claim 1 is characterized in that utilizing circuit sectionalizer to reference value
Figure FDA000020218456000112
Do corresponding conversion.
3. the method for detection capability of resisting energy analysis attacks of cryptographic module according to claim 2 is characterized in that adopting equal value difference check as circuit sectionalizer, to reference value
Figure FDA000020218456000113
Do identical transformation.
4. the method for detection capability of resisting energy analysis attacks of cryptographic module according to claim 2 is characterized in that adopting Pearson correlation coefficient as circuit sectionalizer, to reference value Do the Fisher conversion.
5. the method for detection capability of resisting energy analysis attacks of cryptographic module according to claim 1 is characterized in that the described the 4th) the threshold value r of factor of safety r is set in the step t, determine that factor of safety r is greater than threshold value r tCrypto module be safe for power analysis; Factor of safety r is less than threshold value r tCrypto module be unsafe for power analysis.
6. the method for detection capability of resisting energy analysis attacks of cryptographic module according to claim 5 is characterized in that described threshold value r tIt is the value between 0.01~0.05.
CN 201010241607 2010-07-30 2010-07-30 Method for detecting capability of resisting energy analysis attacks of cryptographic module Active CN101924600B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 201010241607 CN101924600B (en) 2010-07-30 2010-07-30 Method for detecting capability of resisting energy analysis attacks of cryptographic module

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 201010241607 CN101924600B (en) 2010-07-30 2010-07-30 Method for detecting capability of resisting energy analysis attacks of cryptographic module

Publications (2)

Publication Number Publication Date
CN101924600A CN101924600A (en) 2010-12-22
CN101924600B true CN101924600B (en) 2013-01-02

Family

ID=43339271

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 201010241607 Active CN101924600B (en) 2010-07-30 2010-07-30 Method for detecting capability of resisting energy analysis attacks of cryptographic module

Country Status (1)

Country Link
CN (1) CN101924600B (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102546150A (en) * 2012-02-07 2012-07-04 中国科学院软件研究所 Cryptographic-equipment-oriented energy leakage acquisition method and system
CN103199983B (en) * 2013-01-31 2016-04-27 国家密码管理局商用密码检测中心 N rank local energy model in the channel energy analysis of side and application thereof
CN103973651B (en) * 2013-02-01 2018-02-27 腾讯科技(深圳)有限公司 Setting, querying method and device are identified based on the account password of salt cryptographic libraries is added
CN104572541B (en) * 2013-10-10 2017-09-29 上海华虹集成电路有限责任公司 Gather the system and method that USBKEY runs power consumption
CN103516509B (en) * 2013-10-24 2016-05-11 中国科学院信息工程研究所 Side information leakage segmented acquisition approach and the system of cryptographic-equipment-oriented
CN105205016A (en) * 2015-10-22 2015-12-30 成都芯安尤里卡信息科技有限公司 Instrument for extracting energy trace of CPU smart card
CN106936561B (en) * 2015-12-29 2020-06-02 航天信息股份有限公司 Side channel attack protection capability assessment method and system
DE102016205183A1 (en) * 2016-03-30 2017-10-05 Robert Bosch Gmbh Method for generating a cryptographic key, device and electrical system
CN106301755B (en) * 2016-08-12 2019-08-27 中国科学院信息工程研究所 A kind of noise-reduction method and system of the energy leakage signal based on wavelet analysis

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004112306A3 (en) * 2003-06-12 2005-02-10 Philips Intellectual Property Method for defence against differential power analysis attacks
CN101197668A (en) * 2007-12-06 2008-06-11 上海交通大学 Elliptic curve anti-bypass attack method based on randomizing multiplication with symbol scalar
CN101494537A (en) * 2009-02-27 2009-07-29 深圳先进技术研究院 Quantification and evaluation method for cipher safe chip side channel safe degree
CN101562522A (en) * 2009-05-06 2009-10-21 深圳先进技术研究院 Realization method of elliptic curve cryptosystem for preventing side-channel attack

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004112306A3 (en) * 2003-06-12 2005-02-10 Philips Intellectual Property Method for defence against differential power analysis attacks
CN101197668A (en) * 2007-12-06 2008-06-11 上海交通大学 Elliptic curve anti-bypass attack method based on randomizing multiplication with symbol scalar
CN101494537A (en) * 2009-02-27 2009-07-29 深圳先进技术研究院 Quantification and evaluation method for cipher safe chip side channel safe degree
CN101562522A (en) * 2009-05-06 2009-10-21 深圳先进技术研究院 Realization method of elliptic curve cryptosystem for preventing side-channel attack

Also Published As

Publication number Publication date
CN101924600A (en) 2010-12-22

Similar Documents

Publication Publication Date Title
CN101924600B (en) Method for detecting capability of resisting energy analysis attacks of cryptographic module
Wang et al. Dynamic data injection attack detection of cyber physical power systems with uncertainties
CN106789955A (en) A kind of network security situation evaluating method
Kang et al. False data injection attacks on contingency analysis: Attack strategies and impact assessment
KR20170098732A (en) Method of testing the resistance of a circuit to a side channel analysis of second order or more
CN108604981A (en) Method and apparatus for estimating secret value
CN109064018A (en) A kind of information security risk evaluation system and method
CN101494537B (en) Quantification and evaluation method for cipher safe chip side channel safe degree
CN103199983B (en) N rank local energy model in the channel energy analysis of side and application thereof
CN103679008B (en) A kind of efficient secure chip power consumption attack test method
Soltan et al. EXPOSE the line failures following a cyber-physical attack on the power grid
Sreenath et al. A recursive state estimation approach to mitigate false data injection attacks in power systems
EP2919148A1 (en) Privacy measurement and quantification
CN106375344A (en) Intelligent grid load integrity attack detection method for cloud storage
Cui et al. Multifractal characterization of distribution synchrophasors for cybersecurity defense of smart grids
KR20110060570A (en) Analysis method of side-chnnel analyzer
CN108011707B (en) Frequency security analysis system and method for hardware encryption equipment
Jiang et al. Retrospective forecasting test of a statistical physics model for earthquakes in Sichuan-Yunnan region
Díaz et al. Security estimation in wireless sensor network simulator
Duan et al. Research on the grouping method of side-channel leakage detection
Jiang et al. A lightweight defense scheme for industrial data transmission against eavesdropping attacks and integrity attacks
Melzani et al. Enhancing fault sensitivity analysis through templates
CN107947969A (en) Integrated circuit fault-resistant injection attacks safety evaluation method based on comentropy
Agosta et al. Design space extension for secure implementation of block ciphers
Gong et al. Anybody home? Keeping user presence privacy for advanced metering in future smart grid

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant