CN103067155A - Method and test circuit for preventing data encryption algorithm (DES) attack based on power analysis - Google Patents

Method and test circuit for preventing data encryption algorithm (DES) attack based on power analysis Download PDF

Info

Publication number
CN103067155A
CN103067155A CN2012105787546A CN201210578754A CN103067155A CN 103067155 A CN103067155 A CN 103067155A CN 2012105787546 A CN2012105787546 A CN 2012105787546A CN 201210578754 A CN201210578754 A CN 201210578754A CN 103067155 A CN103067155 A CN 103067155A
Authority
CN
China
Prior art keywords
mask
des
power consumption
algorithm
xor
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN2012105787546A
Other languages
Chinese (zh)
Inventor
刘波
孙华芳
时龙兴
李�杰
金海坤
郭银涛
吕宇翔
单伟伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Southeast University
Original Assignee
Southeast University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Southeast University filed Critical Southeast University
Priority to CN2012105787546A priority Critical patent/CN103067155A/en
Publication of CN103067155A publication Critical patent/CN103067155A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention discloses a method and test circuit for preventing data encryption algorithm (DES) attack based on power analysis. Before a first subkey K1 carries out operation on data, an algorithm process is kept the same with an original DES process, after xor is conducted on a plaintext through the subkey K1 in a first round, a mask off code X is led in, operation of encryption processes from a following second round to a fifteenth round is similar, only numerical values of random numbers of the xor are different, and correctness of processing procedures in the arithmetic is ensured. At last, the mask off code X on the xor is output in a sixteenth round, real ciphertext information is restored through inverse permutation between initial permutation (IP) and final permutation (FP) and a mask off code X4. According to the DES, due to the fact that values and positions of mask off codes added in the first round and the last round are different from those of other rounds, namely encryption by non symmetrical mask off codes, so that effects of the mask off codes cannot be eliminated by adoption of a hamming distance model, and therefore power attack on the DES can be prevented, and the purpose of ensuring safety of a DES secret key is achieved.

Description

A kind of method and test circuit that prevents based on the DES algorithm attack of power consumption analysis
Technical field
The present invention relates to a kind of method and test circuit that prevents based on the DES algorithm attack of power consumption analysis, a kind of method and circuit of the DES algorithm being attacked based on power consumption analysis of preventing specifically, can utilize asymmetric mask cryptographic calculation to prevent from power consumption attack to the DES algorithm chip belonging to the Research on Integrated Circuit Security technical field.
Background technology
American National security bureau (NIST) announced a kind of cryptographic algorithm by the computer cryptology research project group development of IBM in 1977, ratify it as the data encryption standard of non-confidential departments, vehicle economy S.The DES algorithm is to be widely used the most in the world up to now and popular a kind of symmetric cryptographic algorithm.Although DES is substituted by new Encryption Standard AES now, domestic a lot of encryption chips are still using the DES algorithm, and it has worked laying a foundation property to development and the application of modern symmetric encipherment algorithm.The DES algorithm of realizing carries out physical attacks to obtain key wherein, and common physical attacks method comprises time series analysis attack method, electromagnetic radiation method and power consumption attack method, and wherein the power consumption attack method is the most effective attack method.
1999, Kocher proposes simple power consumption attack (SPA, Simple Power Analysis) and differential power consumption is attacked (DPA, Differential Power Analysis) method.And utilize this method successfully the smart card of des encryption to be attacked.
A large amount of CMOS (Complementary Metal Oxide Semiconductor complementary metal oxide semiconductors (CMOS)) pipe has been used in the manufacturing of integrated circuit, and this has caused encrypting the power consumption difference that different keys consumes.Like this, in program operation process, the variation of power consumption can reflect the content of the key that uses, the basis that Here it is attacks based on power consumption analysis.
Simple power consumption analysis be the DES algorithm chip be encrypted with decrypting process in, directly measure the power consumption situation of chip, sample to obtain abundant sample value in the fixing moment.Analyze by the power consumption that encryption and decryption are consumed, these power consumptions and corresponding key are mapped, thereby reach the purpose of attack.
Differential power consumption analysis is to extract the relevant information of key with error correcting technique by statistical analysis from the power consumption information that gathers.Generally, simple power consumption analysis need to be known the application specific details of object code.Therefore, only in the situation that guarantees certain signal to noise ratio, simple power consumption analysis could be effectively.And differential power consumption analysis is much smaller to the requirement of signal to noise ratio, but need to obtain the power consumption number of a large amount of different samples, and corresponding sample is carried out statistical analysis just can obtain corresponding key.
The DES chip is carried out the power consumption attack method normally: at first, select certain median of DES implementation, this median will by cipher key operation, in most of Attack Scenarios, generally be chosen plaintext or ciphertext as this median; Then, measure the actual power loss of des encryption process, if gather D ciphering process, the each encryption gathers T power consumption point, then obtains the power consumption matrix of a D * T, is designated as matrix T; And calculate the median of hypothesis, and suppose that key k has the K kind possible, go out median for computations each time, can obtain the matrix V of a D * K; Then median is mapped as the analog power consumption value, and adopts power consumption model (Hamming distance or Hamming weight model), calculate the matrix of a D * K, be designated as the H matrix; Calculate again the correlation between analog power consumption matrix and the actual power loss matrix, draw the matrix of a K * T, be designated as the Z matrix, its every delegation is the key of corresponding a kind of conjecture respectively, the corresponding coefficient correlation between this moment analog power consumption and actual power loss of each row, computing formula is as shown in Equation 1; Utilize at last the Z matrix to draw out curve (key-correlation curve) by row, the curve that peak value occurs is corresponding power consumption attack result.
cov i , j = Σ d = 1 D ( h d , i - h i ‾ ) · ( t d , j - t j ‾ ) Σ d = 1 D ( h d , i - h i ‾ ) 2 · Σ d = 1 D ( t d , j - t j ‾ ) 2 - - - ( 1 )
H wherein D, iBe H entry of a matrix element, i=1~K, t D, jBe T entry of a matrix element, j=1 ~ T.
At present strick precaution is roughly adopted several measure described below to the method that the DES chip carries out power consumption attack.
1) introduces random noise.In system, increase by one and produce the at random module of power consumption, and when Montgomery Algorithm is worked, enable this module, thereby so that the at random power consumption of these generations is superimposed on the power consumption mark of assailant's acquisition, so that useful power consumption information falls into oblivion fully in useless at random power consumption, effective information and the signal difference score value of all Some Related Algorithms operations all can not appear in the power consumption trajectory diagram.Can increase the difficulty that the assailant obtains useful power consumption mark although introduce random noise, so that it is more difficult to decode key, if but the at random power consumption of introducing is not ideal enough, and the power consumption curve that the assailant obtains is abundant, the at random power consumption that the designer introduces still can be filtered out.
2) make the execution sequential randomization of circuit.Encryption device can the frequency of utilization change at random internal clocking, suppose the cryptographic calculation of one of each clock cycle processing, randomly the selective system clock so that the power consumption mark that ciphering process produces can't align because of the difference of clock cycle, if directly carry out calculus of differences, the correct track that the difference mark that obtains neither be required.But like this so that a plurality of clocks occurred in a system, so that the implementation complexity of rear end promotes greatly.
Summary of the invention
Goal of the invention: for problems of the prior art and deficiency, the invention provides a kind of method and test circuit that prevents based on the DES algorithm attack of power consumption analysis, can take precautions against the DES chip is carried out power consumption attack, make the assailant can't obtain by simple power consumption analysis and differential power consumption analysis method the key of DES.
Technical scheme: a kind of preventing comprises the steps: based on the method for the DES algorithm attack of power consumption analysis
At first sub-key K 1Before data not being operated, it is identical with original DES flow process that the cryptographic algorithm flow process keeps, at first round sub-key K 1Introduce mask X to expressly carrying out behind the XOR;
The the 2nd to the 15th ciphering process of taking turns subsequently, mode of operation is similar, and only the random number numerical value of XOR is not identical, is intended to keep the correctness of algorithm intermediate treatment process function;
Mask X on the XOR before the 16th takes turns ciphering process output passes through IP inverse permutation (FP) and also adds mask X at last 4The cipher-text information of rediscover.
Described mask X is random number, mask X 1~ X 4Equal random numbers for being calculated by X, computational methods are: X 1=P (X), X 2=EP (X 1),
Figure BDA00002660426900031
X 4=IP ([X 3, X 3]), wherein P () expression P box is replaced, the displacement of EP () expression E box, and IP () expression IP displacement, [X3, X3] represents with two mask X 3The variable that is spliced into of head and the tail, thereby mask X is 32bit, mask X 1Be 32bit, mask X 2Be 48bit, mask X 3Be 32bit, mask X 4Be 64bit.
A kind of test circuit that prevents based on the DES algorithm attack of power consumption analysis, mainly by oscilloscope, PC, difference detector, power supply, daughter board and motherboard consist of; Oscilloscope records the electric current that produces when motherboard moves cryptographic calculation in real time by being connected on the difference detector at the resistance two ends that are series between motherboard and the power supply.After current value is converted into corresponding power consumption number, by netting twine power consumption data is transferred to PC.PC also will send excitation to motherboard except receiving and process the power consumption data.Wherein, FPGA is as motherboard, respectively burning the image file of original DES algorithm and the improved DES algorithm of this paper.In addition, a microprocessor that utilizes the UART interface integrated is as daughter board, for motherboard and PC provide interface, makes things convenient for the transmission of excitation vectors between PC and FPGA.
Beneficial effect: with respect to prior art, among the present invention, because the mask value that the first run of DES and end wheel add and position all differ from other and take turns, be non-to covering encryption, so that effect that can't the cancellation mask when it is adopted the Hamming distance model, thereby reach the protection to the power consumption attack of DES algorithm, guarantee the purpose of DES secret key safety.
Description of drawings
Fig. 1 is the flow chart of the embodiment of the invention;
Fig. 2 is the circuit diagram of the asymmetric mask DES of the embodiment of the invention;
Fig. 3 is the asymmetric mask DES simulation waveform of the embodiment of the invention;
Fig. 4 is that the CPA of the embodiment of the invention attacks the asymmetric mask DES of experimental result (a) symmetrical DES algorithm (b) algorithm.
Embodiment
Below in conjunction with specific embodiment, further illustrate the present invention, should understand these embodiment only is used for explanation the present invention and is not used in and limits the scope of the invention, after having read the present invention, those skilled in the art all fall within the application's claims limited range to the modification of the various equivalent form of values of the present invention.
For overcoming the potential safety hazard of using same mask to bring between traditional symmetric cryptography two-wheeled, the present invention's proposition prevents the method based on the DES algorithm attack of power consumption analysis, its core concept is that mask value that the first run of DES and end wheel are added and position all differ from other and take turns, so that effect that can't the cancellation mask when it is adopted the Hamming distance model.The idiographic flow of this programme as shown in Figure 1, wherein X is random number, X 1~ X 4Equal random numbers for being calculated by X, computational methods are: X 1=P (X), X 2=EP (X 1),
Figure BDA00002660426900041
X 4=IP ([X 3, X 3]), wherein P () expression P box is replaced, the displacement of EP () expression E box, and IP () expression IP displacement, [X3, X3] represents with two X 3The variable that is spliced into of head and the tail, thereby X is 32bit, X 1Be 32bit, X 2Be 48bit, X 3Be 32bit, X 4Be 64bit.
The method is at first sub-key K 1Before data not being operated, it is identical with original DES flow process that algorithm flow keeps, at first round sub-key K 1Introduce mask X to expressly carrying out behind the XOR; The the 2nd to the 15th ciphering process of taking turns subsequently, mode of operation is similar, and only the random number numerical value of XOR is not identical, is intended to keep the correctness of algorithm intermediate treatment process function; Mask X on the XOR before the 16th takes turns output passes through IP inverse permutation (FP) and also adds mask X at last 4The cipher-text information of rediscover.
Can find out that from the method only after key information was introduced, just to mask on the register superposition, after this random number directly affected the upset of register, thereby change the actual power loss that algorithm produces.If adopt above-mentioned CPA attack method to this algorithm is same, still choosing value after the IP displacement and the output valve of the first run is the point of attack.Take the first round as example; Hamming distance between value in this scheme after the IP displacement and the output valve of the first run is shown in the formula (2), wherein R 0The 32-63bit part that plaintext M is carried out the data behind the initial permutation, R 1The 32-63bit part of first round output data, the Hamming distance of visible this programme because XOR random number X 1And become random number.
Ham = R 0 ⊕ R 1 ⊕ X 1 = IP ( M ) 32 - 63 ⊕ R 1 ⊕ X 1 - - - ( 2 )
And corresponding to original DES, Hamming distance still is shown in the formula (3), and the impact of random number is eliminated:
Ham = R 0 ⊕ R 1 = IP ( M ) 32 - 63 ⊕ R 1 - - - ( 3 )
Can find out, owing to introduced random number X 1, so that the Hamming distance of this scheme is different from the Hamming distance of standard DES.Be that the assailant utilizes the Hamming distance model can't characterize out actual power consumption consumption.Therefore concerning CPA attacked, even the conjecture key is correct, coefficient correlation also can't obtain maximum.
The DES algorithm comprises 16 interative computations of taking turns, and wherein, except the first run and end wheel, each breast wheel operating process is identical.Therefore, 16 take turns operation can use same set of hardware configuration realization in difference constantly by the bound fraction control logic, and namely one-period is finished a cryptographic calculation of taking turns.Need 16 cycles so finish once complete cryptographic calculation.Sub-key generation method is identical with standard DES algorithm, only needs shift operation and in-place computation to realize.In addition, this algorithm is except mask type S box, and the residue in-place computation is all identical with the DES standard, is not described in detail in this.
Down the circuit unit that relates to the mask operation is described in detail.
Random number generation circuit:
Employed random number is to be produced by the pseudorandom number generator (RNG) of hardware description in the design of this paper, and implementation method is linear feedback shift register.
Mask circuit between wheel:
Mask circuit between wheel, for generation of asymmetrical at random Mask, owing to take turns in the iteration at each, each intermediate object program of 64 is divided into left and right sides two parts, and left and right sides two parts are processed as 32 separate bit data.
The 1st takes turns: random mask X on the left-half XOR.Right half part is random mask X on the output XOR of S box, and obtains after the displacement of P box.Owing to take turns S box unmodified at this, the displacement of P box is linear operation, therefore is somebody's turn to do mask X on the Output rusults XOR of taking turns right half part 1
The the 2nd to 15 takes turns interative computation: left-half is the output of last round of right half part, i.e. random mask X on the left-half XOR 1Right half part is after the S box behind the expansion of E box, the mask, the displacement of P box, and Output rusults keeps mask X on the XOR 1So that algorithm flow keeps the symmetry of height, guarantee that also the function of algorithm is correct like this.
The 16th takes turns: random mask X on the left-half XOR; The computing of right half part and the 15th is taken turns class of operation seemingly, and unique difference is mask X on P box output XOR only.So so that mask X on the two-part output difference XOR of the left and right sides 4
Mask type S box circuit:
Mask type S box circuit is done in the S-BOX wheel according to the Mask algorithm and is replaced, and revised circuit is SM-BOX; It is the core place of computing in the wheel that S-BOX replaces, and is nonlinear, in order to adapt to the correction of Mask algorithm needs.Take turns to the 16th in the 2nd of this paper design and to take turns in the operation, adopt corrected SM-BOX, shown in (4), P in the following formula wherein -1Computing need be constructed a P -1Box carries out conversion, P -1Box is the inverse permutation computing of P box.Adopt look-up tables'implementation S-BOX and SM-BOX.
SM - Box ( A ) = S - Box ( A ⊕ X 2 ) ⊕ P - 1 ( X 1 ) - - - ( 4 )
P wherein -1Box is the inverse permutation computing of P box.
Final displacement (FP) circuit:
Final displacement (FP) circuit can under the prerequisite that guarantees algorithm security, remove mask and restore correct cipher-text information.Because initial permutation (IP) and final displacement (FP) are reciprocal linear operation, therefore, structure mask X4 operates in this scheme, finally to replace (FP) at algorithm and to guarantee under the prerequisite of algorithm security, removes mask and restores correct cipher-text information.
The signaling interface of encrypted circuit comprises clock end (clk), reset terminal (reset_n), loads mask signal (ld), loads expressly signal (load_i), enciphering/deciphering signal (encrypt_i), expressly (data_i), key (key_i), ciphertext (data_o) and encrypt settling signal (ready_o) as shown in Figure 2.The encrypt_i control circuit is operated in encrypted state or decrypted state; When appearring in load_i, high level represents to encrypt beginning; Ld represents to load mask when being high level, circuit has decorrelation power consumption attack ability; When appearring in ready_o, high level pulse shows then to encrypt and finishes that ciphertext is exported by data_o.
Verilog code emulation result
With above-mentioned module Verilog language design, each cycle is realized a cryptographic operation of taking turns.And will design under the platform of ModelSim and test, the test vector that utilizes the FIPS-81 standard to provide is inputted as plaintext, and the encryption and decryption result who draws is correct.For example be input as h ' 68652074696d6520, key is taken as h ' 0123456789abcdef, and the input in module adds excitation respectively, and the waveform that obtains as shown in Figure 3.Can find out that from waveform the clock cycle is 100ns, one time ciphering process needs 16 cycles to finish.When output signal was effective, encrypted result was h ' 6a271787ab8883f9, with coming to the same thing that test vector provides, and in ciphering process, and mask value X, X1, X2, X3, X4 all keep constant, and random number is different in the encryption of homogeneous not.Similarly, as shown in Figure 3, under the FPGA platform, also carried out the test of many groups test vector, the result is correct.So the DES algorithm that the asymmetric mask scheme of utilizing this paper to design realizes is realized the encryption and decryption functions of the DES algorithm of standard fully on function.
The FPGA circuit is realized
Test circuit as shown in Figure 4, this platform is mainly by oscilloscope, PC, difference detector, power supply, daughter board and motherboard consist of.Oscilloscope records the electric current that produces when motherboard moves cryptographic calculation in real time by being connected on the difference detector at the resistance two ends that are series between motherboard and the power supply.After current value is converted into corresponding power consumption number, by netting twine power consumption data is transferred to PC.PC also will send excitation to motherboard except receiving and process the power consumption data.Wherein, FPGA is as motherboard, respectively burning the image file of original DES algorithm and the improved DES algorithm of this paper.In addition, a microprocessor that utilizes the UART interface integrated is as daughter board, for motherboard and PC provide interface, makes things convenient for the transmission of excitation vectors between PC and FPGA.
Anti-power consumption attack experiment and result
Choose the first round of attacking the DES algorithm, and crack as one group take 6 seat keys.Attack flow process according to the 1st joint CPA, utilize formula (1) to calculate coefficient correlation, thereby guess correct key value by the peak value of seeking coefficient correlation.First original DES algorithm is carried out CPA and attack, input 20000 groups expressly, fix a group key, oscillographic sample frequency is 1GHz.8500 power consumption points of oscilloscope sampling in ciphering process.So generate 20000 * 8500 power consumption T matrix.Take 6 seat keys as one group, attack by group.To guess first six keys as example, the sub-key of conjecture has 2 6=64 kinds of possibilities, the size of the power consumption H matrix that therefore measures is 20000 * 64.
After the power consumption data of two matrixes is directed into Matlab, calculates coefficient correlation and draw out curve.Intercept the coefficient correlation track in front 4 cycles shown in Fig. 4 (a).Can see that when the conjecture key is 43 (being correct sub-key 101011) obvious peak value appears to coefficient correlation (light color expression) in (first round is encrypted the finish time approximately) at the 1000th power consumption point place, i.e. first 6 seat cipher key attacks successes.Fortune uses the same method and attacks remaining 42 keys, namely remaining 7 S boxes are carried out CPA and attack, find that peak value still appears in coefficient correlation when the conjecture sub-key is identical with true subkey, therefore can from coefficient correlation, guess real key value, so the CPA success attack.
Use the same method under FPGA power consumption attack environment, asymmetric mask DES algorithm in this paper is carried out power consumption attack, attack sample and be increased to 100000, the coefficient correlation track is shown in Fig. 4 (b).Can find out that when the conjecture key was 43, the coefficient correlation of its drafting (light color expression) fell into oblivion in other power consumption marks.Then fortune uses the same method and attacks remaining 42 keys, namely remaining 7 S boxes being carried out CPA attacks, find that when the conjecture sub-key is identical with true subkey correctly the coefficient correlation track of key generation is still without obvious peak value occurring, so can't from the power consumption mark, infer and correct key.
Power consumption attack experimental result to above-mentioned different DES nuclears is added up and can be found out, owing to introduced asymmetric mask random number, so that the Hamming distance of this scheme is changed by random number, namely the assailant utilizes the Hamming distance model can't characterize out actual power consumption consumption.Therefore concerning CPA attacked, even the conjecture key is correct, coefficient correlation also can't obtain maximum, even take the attack sample that increases by 500 as cost, the key of asymmetric mask DES nuclear still can't be obtained by coefficient correlation.And compare the power consumption matrix operation of processing two 20,000 row, the time of processing the matrix operation cost of two 100,000 row significantly promotes.Experimental result shows that the asymmetric mask DES nuclear of this Project design has good anti-CPA attack effect.

Claims (3)

1. a method that prevents from attacking based on the DES algorithm of power consumption analysis is characterized in that: comprise the steps:
At first sub-key K 1Before data not being operated, it is identical with the DES flow process that the cryptographic algorithm flow process keeps, at first round sub-key K 1Introduce mask X to expressly carrying out behind the XOR;
The the 2nd to the 15th ciphering process of taking turns subsequently, mode of operation is similar, and only the random number numerical value of XOR is not identical;
Mask X on the XOR before the 16th takes turns ciphering process output passes through the IP inverse permutation and also adds mask X at last 4The cipher-text information of rediscover.
2. the method for attacking based on the DES algorithm of power consumption analysis of preventing as claimed in claim 1, it is characterized in that: described mask X is random number, mask X 1~ X 4Equal random numbers for being calculated by X, computational methods are: X 1=P (X), X 2=EP (X 1),
Figure FDA00002660426800011
X 4=IP ([X 3, X 3]), wherein P () expression P box is replaced, the displacement of EP () expression E box, and IP () expression IP displacement, [X3, X3] represents with two mask X 3The variable that is spliced into of head and the tail, thereby mask X is 32bit, mask X 1Be 32bit, mask X 2Be 48bit, mask X 3Be 32bit, mask X 4Be 64bit.
3. one kind prevents from it is characterized in that based on the test circuit of the DES algorithm attack of power consumption analysis: mainly by oscilloscope, and PC, difference detector, power supply, daughter board and motherboard consist of; Oscilloscope is by being connected on the difference detector at the resistance two ends that are series between motherboard and the power supply, the electric current that produces when recording in real time motherboard operation cryptographic calculation, current value is converted into corresponding power consumption number after, by netting twine power consumption data is transferred to PC; PC also will send excitation to motherboard except receiving and process the power consumption data; Wherein, FPGA is as motherboard, respectively burning the image file of original DES algorithm and the improved DES algorithm of this paper; In addition, a microprocessor that utilizes the UART interface integrated is as daughter board, for motherboard and PC provide interface, makes things convenient for the transmission of excitation vectors between PC and FPGA.
CN2012105787546A 2012-12-27 2012-12-27 Method and test circuit for preventing data encryption algorithm (DES) attack based on power analysis Pending CN103067155A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2012105787546A CN103067155A (en) 2012-12-27 2012-12-27 Method and test circuit for preventing data encryption algorithm (DES) attack based on power analysis

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2012105787546A CN103067155A (en) 2012-12-27 2012-12-27 Method and test circuit for preventing data encryption algorithm (DES) attack based on power analysis

Publications (1)

Publication Number Publication Date
CN103067155A true CN103067155A (en) 2013-04-24

Family

ID=48109627

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2012105787546A Pending CN103067155A (en) 2012-12-27 2012-12-27 Method and test circuit for preventing data encryption algorithm (DES) attack based on power analysis

Country Status (1)

Country Link
CN (1) CN103067155A (en)

Cited By (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103532973A (en) * 2013-10-25 2014-01-22 东南大学 Differential power attack testing method for DES (data encryption standard) algorithm circuit
CN103560929A (en) * 2013-10-29 2014-02-05 武汉大学 Practical intelligent card general testing system based on power consumption analysis
CN103618595A (en) * 2013-09-13 2014-03-05 杭州晟元芯片技术有限公司 Cryptographic algorithm substitution circuit of resisting power consumption analysis
CN103647638A (en) * 2013-12-03 2014-03-19 北京中电华大电子设计有限责任公司 DES masking method for resisting side-channel attack
CN103646219A (en) * 2013-11-29 2014-03-19 东南大学 Power consumption compensation and attack resisting circuit based on neural network power consumption predication and control method
CN103647640A (en) * 2013-12-03 2014-03-19 北京中电华大电子设计有限责任公司 Power consumption attacking method for DES second-round L register reversal
CN103905182A (en) * 2014-04-25 2014-07-02 东南大学 Anti-attack method based on middle data storage position dynamic change and circuit implementation
CN104158649A (en) * 2013-05-14 2014-11-19 上海复旦微电子集团股份有限公司 Security SBOX realization method and apparatus
CN104410491A (en) * 2014-08-27 2015-03-11 北京中电华大电子设计有限责任公司 A protecting method for defending template attack on secret key loading
CN104598828A (en) * 2013-10-31 2015-05-06 上海复旦微电子集团股份有限公司 Anti-attack method and device for data
CN104639312A (en) * 2013-11-08 2015-05-20 国家电网公司 Anti-power-attack method and device for DES (Data Encrypt Standard) algorithm
CN105092923A (en) * 2014-05-22 2015-11-25 特克特朗尼克公司 Dynamic mask testing
CN105099684A (en) * 2014-05-08 2015-11-25 国民技术股份有限公司 Processing method, equipment and password device of modular exponentiation
CN105871536A (en) * 2016-06-14 2016-08-17 东南大学 AES-algorithm-oriented power analysis attack resistant method based on random time delay
CN105897398A (en) * 2016-06-03 2016-08-24 深圳视融达科技有限公司 Key protection method and system for use in DES (Data Encryption Standard) encryption process
CN106156615A (en) * 2016-06-21 2016-11-23 上海观源信息科技有限公司 Based on class separability sentence away from bypass circuit sectionalizer method and system
CN107466453A (en) * 2017-03-16 2017-12-12 深圳大趋智能科技有限公司 The method and device of the anti-DPA attacks of DES softwares
CN107769910A (en) * 2017-11-15 2018-03-06 东南大学 A kind of anti-side channel analysis DES means of defences and circuit based on Latch PUF
CN108646072A (en) * 2018-05-16 2018-10-12 电子科技大学 A kind of triggering generation device based on Hamming distance
CN108847929A (en) * 2018-05-28 2018-11-20 数字乾元科技有限公司 The thresholding restoration methods and system of private key storage
CN108959980A (en) * 2018-07-25 2018-12-07 北京智芯微电子科技有限公司 The public key means of defence and public key guard system of safety chip
CN109413051A (en) * 2018-10-09 2019-03-01 深圳南方德尔汽车电子有限公司 Data ciphering method, device, computer equipment and storage medium
CN110190951A (en) * 2019-06-17 2019-08-30 中金金融认证中心有限公司 A kind of power consumption attack method and system for the overturning of DES algorithm L register
CN110417540A (en) * 2019-08-05 2019-11-05 李春旺 A kind of information ciphering method of resisting differential power consumption analysis

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101196965A (en) * 2006-12-07 2008-06-11 上海安创信息科技有限公司 Algorithm of encrypted chip with anti-attack advanced encryption standard
CN101729241A (en) * 2008-10-23 2010-06-09 国民技术股份有限公司 AES encryption method for resisting differential power attacks

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101196965A (en) * 2006-12-07 2008-06-11 上海安创信息科技有限公司 Algorithm of encrypted chip with anti-attack advanced encryption standard
CN101729241A (en) * 2008-10-23 2010-06-09 国民技术股份有限公司 AES encryption method for resisting differential power attacks

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
李杰等: "一种抗相关功耗攻击 DES 算法及 FPGA 电路实现", 《东南大学学报(自然科学版)》, vol. 42, no. 6, 20 November 2012 (2012-11-20) *

Cited By (41)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104158649B (en) * 2013-05-14 2017-09-12 上海复旦微电子集团股份有限公司 Security SBOX implementation method and device
CN104158649A (en) * 2013-05-14 2014-11-19 上海复旦微电子集团股份有限公司 Security SBOX realization method and apparatus
CN103618595A (en) * 2013-09-13 2014-03-05 杭州晟元芯片技术有限公司 Cryptographic algorithm substitution circuit of resisting power consumption analysis
CN103618595B (en) * 2013-09-13 2017-03-29 杭州晟元数据安全技术股份有限公司 A kind of cryptographic algorithm substitution circuit of resisting power consumption analysis
CN103532973A (en) * 2013-10-25 2014-01-22 东南大学 Differential power attack testing method for DES (data encryption standard) algorithm circuit
CN103560929A (en) * 2013-10-29 2014-02-05 武汉大学 Practical intelligent card general testing system based on power consumption analysis
CN104598828A (en) * 2013-10-31 2015-05-06 上海复旦微电子集团股份有限公司 Anti-attack method and device for data
CN104598828B (en) * 2013-10-31 2017-09-15 上海复旦微电子集团股份有限公司 The anti-attack method and device of data
CN104639312A (en) * 2013-11-08 2015-05-20 国家电网公司 Anti-power-attack method and device for DES (Data Encrypt Standard) algorithm
CN104639312B (en) * 2013-11-08 2017-12-29 国家电网公司 A kind of method and device of the anti-Attacks of DES algorithms
CN103646219B (en) * 2013-11-29 2016-03-30 东南大学 Based on power consumption compensation anti-attack circuit and the control method of neural network power consumption prediction
CN103646219A (en) * 2013-11-29 2014-03-19 东南大学 Power consumption compensation and attack resisting circuit based on neural network power consumption predication and control method
CN103647638A (en) * 2013-12-03 2014-03-19 北京中电华大电子设计有限责任公司 DES masking method for resisting side-channel attack
CN103647640A (en) * 2013-12-03 2014-03-19 北京中电华大电子设计有限责任公司 Power consumption attacking method for DES second-round L register reversal
CN103905182B (en) * 2014-04-25 2017-02-15 东南大学 Anti-attack method based on middle data storage position dynamic change and circuit implementation
CN103905182A (en) * 2014-04-25 2014-07-02 东南大学 Anti-attack method based on middle data storage position dynamic change and circuit implementation
CN105099684A (en) * 2014-05-08 2015-11-25 国民技术股份有限公司 Processing method, equipment and password device of modular exponentiation
CN105099684B (en) * 2014-05-08 2019-08-16 国民技术股份有限公司 A kind of processing method of Montgomery Algorithm, device and encryption device
CN105092923B (en) * 2014-05-22 2020-12-08 特克特朗尼克公司 Dynamic mask testing
CN105092923A (en) * 2014-05-22 2015-11-25 特克特朗尼克公司 Dynamic mask testing
CN104410491A (en) * 2014-08-27 2015-03-11 北京中电华大电子设计有限责任公司 A protecting method for defending template attack on secret key loading
CN105897398A (en) * 2016-06-03 2016-08-24 深圳视融达科技有限公司 Key protection method and system for use in DES (Data Encryption Standard) encryption process
CN105871536A (en) * 2016-06-14 2016-08-17 东南大学 AES-algorithm-oriented power analysis attack resistant method based on random time delay
CN105871536B (en) * 2016-06-14 2019-01-29 东南大学 A kind of anti-power consumption attack method towards aes algorithm based on random delay
CN106156615A (en) * 2016-06-21 2016-11-23 上海观源信息科技有限公司 Based on class separability sentence away from bypass circuit sectionalizer method and system
CN106156615B (en) * 2016-06-21 2018-12-28 上海观源信息科技有限公司 Based on class separability sentence away from bypass circuit sectionalizer method and system
WO2018165949A1 (en) * 2017-03-16 2018-09-20 深圳大趋智能科技有限公司 Des software dpa attack prevention method and device
CN107466453A (en) * 2017-03-16 2017-12-12 深圳大趋智能科技有限公司 The method and device of the anti-DPA attacks of DES softwares
CN107466453B (en) * 2017-03-16 2020-11-24 深圳大趋智能科技有限公司 Method and device for preventing DPA attack of DES software
CN107769910A (en) * 2017-11-15 2018-03-06 东南大学 A kind of anti-side channel analysis DES means of defences and circuit based on Latch PUF
CN107769910B (en) * 2017-11-15 2020-08-04 东南大学 DES (data encryption Standard) protection method and circuit for resisting side channel attack based on L atch PUF (physical unclonable function)
CN108646072A (en) * 2018-05-16 2018-10-12 电子科技大学 A kind of triggering generation device based on Hamming distance
CN108646072B (en) * 2018-05-16 2019-12-27 电子科技大学 Trigger generating device based on Hamming distance
CN108847929B (en) * 2018-05-28 2020-12-01 数字乾元科技有限公司 Threshold recovery method and system for private key storage
CN108847929A (en) * 2018-05-28 2018-11-20 数字乾元科技有限公司 The thresholding restoration methods and system of private key storage
CN108959980A (en) * 2018-07-25 2018-12-07 北京智芯微电子科技有限公司 The public key means of defence and public key guard system of safety chip
CN109413051A (en) * 2018-10-09 2019-03-01 深圳南方德尔汽车电子有限公司 Data ciphering method, device, computer equipment and storage medium
CN109413051B (en) * 2018-10-09 2021-02-26 深圳南方德尔汽车电子有限公司 Data encryption method and device, computer equipment and storage medium
CN110190951A (en) * 2019-06-17 2019-08-30 中金金融认证中心有限公司 A kind of power consumption attack method and system for the overturning of DES algorithm L register
CN110190951B (en) * 2019-06-17 2022-09-27 中金金融认证中心有限公司 Power consumption attack method and system for DES algorithm L register turning
CN110417540A (en) * 2019-08-05 2019-11-05 李春旺 A kind of information ciphering method of resisting differential power consumption analysis

Similar Documents

Publication Publication Date Title
CN103067155A (en) Method and test circuit for preventing data encryption algorithm (DES) attack based on power analysis
CN107070630B (en) A kind of fast and safely hardware configuration of aes algorithm
CN104734842B (en) Method is resisted in circuits bypass attack based on pseudo-operation
CN102970132B (en) Protection method for preventing power analysis and electromagnetic radiation analysis on grouping algorithm
CN101009554A (en) A byte replacement circuit for power consumption attack prevention
CN103905182B (en) Anti-attack method based on middle data storage position dynamic change and circuit implementation
CN103916236B (en) Power attack prevention method oriented at AES algorithm and circuit achieving method thereof
CN103795527A (en) Software mask defense scheme capable of preventing attack on advanced encryption standard (AES) algorithm based on power analysis
CN103532973A (en) Differential power attack testing method for DES (data encryption standard) algorithm circuit
CN103530474A (en) AES (advanced encryption standard) algorithm circuit oriented method for testing differential power attack
CN104734845A (en) Side-channel attack protection method based on full-encryption algorithm pseudo-operation
CN103679008A (en) Efficient secure chip power consumption attack test method
CN102710413A (en) System and method with function of DPA/SPA (Differential Power Analysis/Simple Power Analysis) attack prevention
CN104301095A (en) DES round operation method and circuit
CN110190951A (en) A kind of power consumption attack method and system for the overturning of DES algorithm L register
Wang et al. A performance and area efficient ASIP for higher-order DPA-resistant AES
CN107483182A (en) A kind of anti-power consumption attack method towards aes algorithm based on Out-of-order execution
CN108650072A (en) It is a kind of to support a variety of symmetric cryptographic algorithm chips and its anti-attack circuit implementation method
CN106452725A (en) AES algorithm oriented power attack resisting method based on register mask
CN109347621A (en) The high speed AES encryption circuit of defensive collision attack based on random delay S box
CN103888245A (en) S box randomized method and system for smart card
CN104811295A (en) Side channel energy analysis method for ZUC cryptographic algorithm with mask protection
CN109936437B (en) power consumption attack resisting method based on d +1 order mask
CN108123792A (en) A kind of power consumption method for scrambling of SM4 algorithms circuit
CN103647640B (en) The power consumption attack method of L register upset is taken turns for DES second

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C12 Rejection of a patent application after its publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20130424