CN109165531B - AES mask method, electronic equipment and storage medium - Google Patents
AES mask method, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN109165531B CN109165531B CN201811056989.2A CN201811056989A CN109165531B CN 109165531 B CN109165531 B CN 109165531B CN 201811056989 A CN201811056989 A CN 201811056989A CN 109165531 B CN109165531 B CN 109165531B
- Authority
- CN
- China
- Prior art keywords
- mask
- plaintext
- round
- round operation
- aes
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/75—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation
- G06F21/755—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation with measures against power attack
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
- H04L9/003—Countermeasures against attacks on cryptographic mechanisms for power analysis, e.g. differential power analysis [DPA] or simple power analysis [SPA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
Abstract
The invention discloses an AES mask method, electronic equipment and a storage medium, wherein the method comprises the following steps: dividing the AES round operation after the mask into two independent circuits, and adding random numbers on the circuit space as the mask; the mask round operation and the mask plaintext round operation are separated to carry out independent operation, and the mask is not removed in the final result after the calculation; and storing the ciphertext after the mask and the mask after the round operation as a final result. The invention relates to a method for generating a mask value, which is characterized in that a power consumption value in the cryptographic operation is irrelevant to a plaintext or a secret key value participating in the operation by adopting a full-flow mask technology, meanwhile, the calculation process of the plaintext and the secret key after the mask is independently separated from the calculation process of the mask value, the mask information is not removed from the calculation result, the calculation result after the mask and the calculated mask value are directly stored, the differential power consumption analysis attack and the template attack can be resisted, and the real power consumption information cannot be leaked in the calculation and transmission process of the whole data.
Description
Technical Field
The present invention relates to the field of computer application technologies, and in particular, to an AES masking method, an electronic device, and a storage medium.
Background
The password device can reveal the power consumption information related to the variables participating in the operation in the execution process, and based on the dependency relationship, an attacker can acquire the secret information in the device by analyzing the leaked power consumption information. The known means for defending side channel attack mainly includes a mask technology and a hiding technology, wherein the mask technology adds a random number in the algorithm execution process to change the power consumption of the device, so that the energy consumption of the device is related to the random number.
When a hardware circuit executes AES (Advanced Encryption Standard) cryptographic operation, power consumption information is leaked, the power consumption information is sampled and subjected to statistical analysis, and key information can be deduced from the power consumption information. Common side channel attack (a method for attacking encryption equipment by side channel information leakage such as time consumption, power consumption or electromagnetic radiation in the operation process of the encryption electronic equipment) methods include differential power consumption analysis attack (a side channel attack method for acquiring a cryptographic chip key) and template attack (various templates are adopted, the search space of the key is reduced, and the AES is brute force attacked so that the AES is successfully cracked), so that the protection problems of the differential power consumption analysis attack and the template attack in the execution process of the hardware AES circuit are solved.
Accordingly, the prior art is yet to be improved and developed.
Disclosure of Invention
The invention aims to solve the technical problem that the invention provides an AES mask method, electronic equipment and a storage medium aiming at the defects of the prior art, and by adopting dual-path time-sharing independent operation, the AES mask method, the electronic equipment and the storage medium can not only analyze attack of differential power consumption, but also resist template attack and the like, and can ensure that real power consumption information is not leaked in the whole operation and transmission process of data.
The technical scheme adopted by the invention for solving the technical problem is as follows:
an AES masking method, wherein the AES masking method comprises:
dividing the AES round operation after the mask into two independent circuits, and adding random numbers on the circuit space as the mask;
the mask round operation and the mask plaintext round operation are separated to carry out independent operation, and the mask is not removed in the final result after the calculation; and storing the ciphertext after the mask and the mask after the round operation as a final result.
The AES masking method, wherein the masked round operation specifically includes:
and carrying out XOR operation on the plaintext mask and the key mask, and then carrying out mask round operation to generate a mask ciphertext.
The AES masking method, wherein the round operation of the plaintext with the mask specifically includes:
and performing exclusive OR operation on the plaintext mask and the plaintext, performing exclusive OR operation on the round key and the key mask, and performing round operation on the plaintext with the mask on the results of the two exclusive OR operations to generate a masked ciphertext.
The AES masking method, wherein the AES masking method specifically includes: the encryption process full flow mask and the decryption process full flow mask.
The AES masking method, wherein the encryption process full-flow masking specifically includes:
when the encryption starting operation is detected, reading a random number R;
judging whether the current bit of the random number R is 0 or not;
if the operation is yes, performing mask operation and then plaintext operation, otherwise, performing mask operation and then plaintext operation;
and dividing the final operation result into a masked ciphertext and a mask subjected to round operation, and storing the masked ciphertext and the mask subjected to round operation in an internal memory.
The AES masking method, wherein the performing masking before plaintext operation and then performing masking operation specifically includes: inputting a mask after inputting a plaintext, performing plaintext round operation after the mask, and performing mask round operation;
the first performing the operation of the mask, and then performing the operation of the plaintext after the mask specifically includes:
and performing mask round operation after inputting the mask, and performing mask round operation after inputting the plaintext.
The AES masking method, wherein the decryption process full flow masking specifically includes:
when the decryption starting operation is detected, reading a random number R;
judging whether the current bit of the random number R is 0 or not;
if yes, firstly executing mask code and then ciphertext decryption operation, and then executing mask code operation, otherwise, firstly executing mask code operation, and then executing mask code and then ciphertext decryption operation;
and dividing the final operation result into a decrypted plaintext and a mask subjected to round operation, and storing the plaintext and the mask in an internal memory.
The AES mask method, wherein the first performing the mask and then the ciphertext decryption operation, and then performing the mask operation specifically includes:
inputting a mask after inputting a ciphertext, performing ciphertext decryption round operation after the mask, and performing mask round operation;
the first performing the operation of the mask code and then performing the operation of decrypting the ciphertext after the mask code specifically comprises:
and after inputting the mask, performing mask round operation, and then inputting the ciphertext, and performing ciphertext decryption round operation after the mask.
An electronic device, wherein the electronic device comprises: a memory, a processor and an AES masking program stored on the memory and executable on the processor, the AES masking program when executed by the processor implementing the steps of the AES masking method as described above.
A storage medium, wherein the storage medium stores an AES masking program that, when executed by a processor, implements the steps of the AES masking method as described above.
The invention discloses an AES mask method, electronic equipment and a storage medium, wherein the method comprises the following steps: dividing the AES round operation after the mask into two independent circuits, and adding random numbers on the circuit space as the mask; the mask round operation and the mask plaintext round operation are separated to carry out independent operation, and the mask is not removed in the final result after the calculation; and storing the ciphertext after the mask and the mask after the round operation as a final result. The invention relates to a method for generating a mask value, which is characterized in that a power consumption value in the cryptographic operation is irrelevant to a plaintext or a secret key value participating in the operation by adopting a full-flow mask technology, meanwhile, the calculation process of the plaintext and the secret key after the mask is independently separated from the calculation process of the mask value, the mask information is not removed from the calculation result, the calculation result after the mask and the calculated mask value are directly stored, the differential power consumption analysis attack and the template attack can be resisted, and the real power consumption information cannot be leaked in the calculation and transmission process of the whole data.
Drawings
FIG. 1 is a flow chart of a preferred embodiment of the AES masking method of the present invention;
FIG. 2 is a diagram illustrating mask round operations in a preferred embodiment of the AES masking system of the present invention;
FIG. 3 is a diagram illustrating a round operation of masked plaintext according to an embodiment of the AES masking system;
FIG. 4 is a flow chart of the encryption full flow mask in the preferred embodiment of the AES mask system of the present invention;
FIG. 5 is a flow chart of the decryption process full flow mask in the preferred embodiment of the AES mask system of the present invention;
FIG. 6 is a diagram illustrating an operating environment of an electronic device according to a preferred embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer and clearer, the present invention is further described in detail below with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
As shown in fig. 1, the AES masking method according to the preferred embodiment of the present invention includes the following steps:
step S10, dividing the AES round operation after masking into two independent circuits, and adding random numbers as masks in the circuit space; step S20, the round operation of the mask and the round operation of the plaintext with the mask are separately carried out independent operation, and the mask is not removed in the final result after calculation;
and step S30, storing the ciphertext after the mask and the mask after the round operation as a final result.
Specifically, the AES round operation after the mask is divided into two independent circuits, the random number is added on the circuit space to serve as the mask, the round operation of the mask is separated from the round operation of the plaintext with the mask, the two independent circuits are used for performing the operation, the mask is not removed from the final result after the calculation, and the ciphertext after the mask and the mask after the round operation are directly stored as the final result.
That is, one round of AES after adding a mask against side channel attack requires one round of operation on the plaintext and one round of operation on the mask.
The protection measures for side channel attacks generally adopt random number masks, and the masked circuit and mask values participate in the operation at the same time, that is, the power consumption generated by the masks is actually related to the power consumption generated by the masked data, and for boolean masks (a logic mask), it is possible to reduce the power consumption generated by the masks by using a high-order power consumption attack method.
Wherein, the mask is a string of binary codes to carry out bit AND operation on the target field and shield the current input bit; plaintext is data that has not been encrypted; the key is used for encrypting a plain password, in a symmetric encryption algorithm, the encryption key and the decryption key are the same, the key is generated by the negotiation between a receiver and a sender, but cannot be directly transmitted on the network, otherwise, the key is leaked, the key is usually encrypted through an asymmetric encryption algorithm and then transmitted to the other party through the network, or a face-to-face commercial quantity key is directly transmitted, the key cannot be leaked absolutely, otherwise, an attacker restores a ciphertext and steals confidential data; the ciphertext is the data processed by the encryption function.
Further, as shown in fig. 2, the mask round operation specifically includes performing an exclusive-or operation on a plaintext mask and a key mask, and then performing a mask round operation to generate a mask ciphertext, where ⊕ represents the exclusive-or operation.
Further, as shown in fig. 3, the masked plaintext round operation specifically includes performing an exclusive or operation on the plaintext mask and the plaintext, performing an exclusive or operation on the round key and the key mask, and performing a round operation on the results of the two exclusive or operations on the masked plaintext to generate a masked ciphertext, where ⊕ represents an exclusive or operation.
The AES masking method of the present invention specifically includes: the encryption process full flow mask and the decryption process full flow mask.
As shown in fig. 4, the whole flow mask of the encryption process is implemented as follows:
s101, encryption starting operation;
s102, reading a random number R;
s103, judging whether the current bit (R [ i ]) of the random number R is 0, if so, executing S104, and if not, executing S108;
s104, inputting a plaintext;
s105, inputting a mask;
s106, performing masked plaintext round operation;
s107, performing mask round operation;
s108, inputting a mask;
s109, performing mask round operation;
s110, inputting a plaintext;
and S111, performing masked plaintext round operation.
After the operation is finished, the final operation result is divided into a masked ciphertext and a mask after the round operation, and the masked ciphertext and the mask after the round operation are stored in an internal memory.
As shown in fig. 5, the whole flow mask of the decryption process is implemented as follows:
s201, starting operation of decryption;
s202, reading a random number R;
s203, judging whether the current bit (R [ i ]) of the random number R is 0, if so, executing S204, and if not, executing S208;
s204, inputting a ciphertext;
s205, inputting a mask;
s206, carrying out cipher decryption round operation after mask;
s207, performing mask wheel operation;
s208, inputting a mask;
s209, performing mask round operation;
s210, inputting a ciphertext;
and S211, performing the ciphertext decryption round operation after the mask.
After the end, the final operation result is divided into a decrypted plaintext and a mask subjected to round operation, and the decrypted plaintext and the mask are stored in an internal memory.
The present invention preferably compares the current bit of the random number R with 0, and different operations can be performed with a bit of the random number being 0 or 1, so as to further randomize the order of the mask and plaintext operations, thereby improving security.
The plaintext round operation refers to performing AES operation on the plaintext, and the mask round operation refers to performing AES operation on the mask.
The whole process of the invention adopts double-path time-sharing independent operation, not only can resist differential power consumption analysis attack, but also can resist template attack and the like, and can ensure that real power consumption information is not leaked in the whole operation and transmission process of data.
As shown in fig. 6, based on the AES masking method, the present invention also provides an electronic device, which includes a processor 10, a memory 20, and a display 30. Fig. 6 shows only some of the components of the electronic device, but it is to be understood that not all of the shown components are required to be implemented, and that more or fewer components may be implemented instead.
The memory 20 may in some embodiments be an internal storage unit of the electronic device, such as a hard disk or a memory of the electronic device. The memory 20 may also be an external storage device of the electronic device in other embodiments, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, which are provided on the electronic device. Further, the memory 20 may also include both an internal storage unit and an external storage device of the electronic device. The memory 20 is used for storing application software installed in the electronic device and various types of data, such as program codes of the installed electronic device. The memory 20 may also be used to temporarily store data that has been output or is to be output. In one embodiment, the memory 20 stores an AES masking program 40, and the AES masking program 40 may be executed by the processor 10 to implement the network switch control method of the present application.
The processor 10 may be a Central Processing Unit (CPU), a microprocessor or other data Processing chip in some embodiments, and is used for executing the program codes stored in the memory 20 or Processing data, such as executing the network switching control method.
The display 30 may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch panel, or the like in some embodiments. The display 30 is used for displaying information at the electronic device and for displaying a visual user interface. The components 10-30 of the electronic device communicate with each other via a system bus.
In one embodiment, when the processor 10 executes the network switch control program 40 in the memory 20, the following steps are implemented:
dividing the AES round operation after the mask into two independent circuits, and adding random numbers on the circuit space as the mask;
the mask round operation and the mask plaintext round operation are separated to carry out independent operation, and the mask is not removed in the final result after the calculation; and storing the ciphertext after the mask and the mask after the round operation as a final result.
The round operation of the mask specifically includes:
and carrying out XOR operation on the plaintext mask and the key mask, and then carrying out mask round operation to generate a mask ciphertext.
The round operation of the plaintext with the mask specifically includes:
and performing exclusive OR operation on the plaintext mask and the plaintext, performing exclusive OR operation on the round key and the key mask, and performing round operation on the plaintext with the mask on the results of the two exclusive OR operations to generate a masked ciphertext.
The AES masking method specifically includes: the encryption process full flow mask and the decryption process full flow mask.
The encryption process full-flow mask specifically includes:
when the encryption starting operation is detected, reading a random number R;
judging whether the current bit of the random number R is 0 or not;
if the operation is yes, performing mask operation and then plaintext operation, otherwise, performing mask operation and then plaintext operation;
and dividing the final operation result into a masked ciphertext and a mask subjected to round operation, and storing the masked ciphertext and the mask subjected to round operation in an internal memory.
The performing the mask first and then the plaintext operation, and then performing the mask operation specifically includes:
inputting a mask after inputting a plaintext, performing plaintext round operation after the mask, and performing mask round operation;
the first performing the operation of the mask, and then performing the operation of the plaintext after the mask specifically includes:
and performing mask round operation after inputting the mask, and performing mask round operation after inputting the plaintext.
The decryption process full-flow mask specifically includes:
when the decryption starting operation is detected, reading a random number R;
judging whether the current bit of the random number R is 0 or not;
if yes, firstly executing mask code and then ciphertext decryption operation, and then executing mask code operation, otherwise, firstly executing mask code operation, and then executing mask code and then ciphertext decryption operation;
and dividing the final operation result into a decrypted plaintext and a mask subjected to round operation, and storing the plaintext and the mask in an internal memory.
The first performing the mask and then the ciphertext decryption operation and the second performing the mask operation specifically include:
inputting a mask after inputting a ciphertext, performing ciphertext decryption round operation after the mask, and performing mask round operation;
the first performing the operation of the mask code and then performing the operation of decrypting the ciphertext after the mask code specifically comprises:
and after inputting the mask, performing mask round operation, and then inputting the ciphertext, and performing ciphertext decryption round operation after the mask.
The present invention also provides a storage medium, wherein the storage medium stores an AES masking program, which when executed by a processor implements the steps of the AES masking method as described above; as described above.
In summary, the present invention provides an AES masking method, an electronic apparatus, and a storage medium, where the method includes: dividing the AES round operation after the mask into two independent circuits, and adding random numbers on the circuit space as the mask; the mask round operation and the mask plaintext round operation are separated to carry out independent operation, and the mask is not removed in the final result after the calculation; and storing the ciphertext after the mask and the mask after the round operation as a final result. The invention relates to a method for generating a mask value, which is characterized in that a power consumption value in the cryptographic operation is irrelevant to a plaintext or a secret key value participating in the operation by adopting a full-flow mask technology, meanwhile, the calculation process of the plaintext and the secret key after the mask is independently separated from the calculation process of the mask value, the mask information is not removed from the calculation result, the calculation result after the mask and the calculated mask value are directly stored, the differential power consumption analysis attack and the template attack can be resisted, and the real power consumption information cannot be leaked in the calculation and transmission process of the whole data.
Of course, it will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be automatically performed by instructing relevant hardware (such as a processor, a controller, etc.) through a computer program, and the program can be stored in a computer-readable storage medium, and the program can include the processes of the embodiments of the methods described above when executed. The storage medium may be a memory, a magnetic disk, an optical disk, etc.
It is to be understood that the invention is not limited to the examples described above, but that modifications and variations may be effected thereto by those of ordinary skill in the art in light of the foregoing description, and that all such modifications and variations are intended to be within the scope of the invention as defined by the appended claims.
Claims (6)
1. An AES masking method, comprising:
dividing the operation into two independent circuits, and adding a random number as a mask on the circuit space;
the mask round operation and the mask plaintext round operation are separated to carry out independent operation, and the mask is not removed in the final result after the calculation; storing the mask after the round operation and the ciphertext after the mask as a final result;
the round operation of the mask specifically includes:
carrying out XOR operation on the plaintext mask and the key mask, and then carrying out mask round operation to generate a mask ciphertext;
the round operation of the plaintext with the mask specifically includes:
performing exclusive-or operation on the plaintext mask and the plaintext, performing exclusive-or operation on the round key and the key mask, and performing round operation on the plaintext with the mask on the results of the two exclusive-or operations to generate a masked ciphertext;
the AES masking method specifically includes: encrypting a whole process mask and decrypting the whole process mask;
the encryption process full-flow mask specifically includes:
when the encryption starting operation is detected, reading a random number R;
judging whether the current bit of the random number R is 0 or not;
if the number of the plaintext is not the same as the number of the plaintext, performing round operation of the plaintext with the mask, and if the number of the plaintext is not the same as the number of the plaintext with the mask, performing round operation of the plaintext with the mask;
and dividing the final operation result into a ciphertext after the mask operation and a mask after the round operation, and storing the ciphertext and the mask after the round operation in an internal memory.
2. The AES masking method of claim 1, wherein the performing a masked round of operations on the plaintext first and then performing a masked round of operations specifically comprises:
inputting a mask after inputting a plaintext, performing round operation on the plaintext with the mask, and performing round operation on the mask;
the performing the round operation of the mask first and then the round operation of the plaintext with the mask specifically includes:
and performing mask round operation after inputting the mask, and performing mask round operation after inputting the plaintext.
3. The AES masking method of claim 1, wherein the decryption process full flow masking specifically comprises: when the decryption starting operation is detected, reading a random number R;
judging whether the current bit of the random number R is 0 or not;
if yes, performing mask code-then-ciphertext decryption operation, and then performing mask code round operation, and if not, performing mask code round operation, and then performing mask code-then-ciphertext decryption operation;
and dividing the final operation result into a decrypted plaintext and a mask after round operation, and storing the plaintext and the mask in an internal memory.
4. The AES masking method of claim 3, wherein the performing the mask-then-ciphertext decryption operation before performing the mask round specifically includes:
inputting a cipher text and then inputting a mask code, performing cipher text decryption round operation after the mask code, and then performing round operation of the mask code;
the first round of mask execution and the second round of mask execution and ciphertext decryption specifically include:
and after the mask code is input, performing mask code round operation, and then inputting the ciphertext, and performing ciphertext decryption round operation after the mask code is input.
5. An electronic device, characterized in that the electronic device comprises: memory, a processor and an AES masking program stored on the memory and executable on the processor, the AES masking program when executed by the processor implementing the steps of the AES masking method of any one of claims 1-4.
6. A storage medium, characterized in that the storage medium stores an AES masking program, which when executed by a processor implements the steps of the AES masking method of any one of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811056989.2A CN109165531B (en) | 2018-09-11 | 2018-09-11 | AES mask method, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811056989.2A CN109165531B (en) | 2018-09-11 | 2018-09-11 | AES mask method, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109165531A CN109165531A (en) | 2019-01-08 |
| CN109165531B true CN109165531B (en) | 2020-04-07 |
Family
ID=64894892
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811056989.2A Active CN109165531B (en) | 2018-09-11 | 2018-09-11 | AES mask method, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109165531B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112422272B (en) * | 2019-08-20 | 2022-10-21 | 深圳市航顺芯片技术研发有限公司 | AES encryption method and circuit for preventing power consumption attack |
| CN110717201B (en) * | 2019-09-12 | 2021-06-11 | 华中科技大学 | Gaussian sampling circuit capable of resisting simple power consumption analysis attack |
| CN112787800B (en) * | 2021-01-19 | 2022-06-17 | 清华大学 | Encryption and decryption method and device based on second-order mask, electronic equipment and storage medium |
| CN114531239B (en) * | 2022-04-20 | 2022-08-12 | 广州万协通信息技术有限公司 | Data transmission method and system for multiple encryption keys |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102752103A (en) * | 2012-07-26 | 2012-10-24 | 上海爱信诺航芯电子科技有限公司 | Enhanced MASK code method for resisting DES (data encryption standard) power consumption attack |
| WO2016094195A2 (en) * | 2014-12-08 | 2016-06-16 | Cryptography Research, Inc. | Multiplicative masking for cryptographic operations |
| CN105721150A (en) * | 2016-01-26 | 2016-06-29 | 广东技术师范学院 | Multivariate quadratic equation mask encryption method |
| CN107466453A (en) * | 2017-03-16 | 2017-12-12 | 深圳大趋智能科技有限公司 | The method and device of the anti-DPA attacks of DES softwares |
-
2018
- 2018-09-11 CN CN201811056989.2A patent/CN109165531B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102752103A (en) * | 2012-07-26 | 2012-10-24 | 上海爱信诺航芯电子科技有限公司 | Enhanced MASK code method for resisting DES (data encryption standard) power consumption attack |
| WO2016094195A2 (en) * | 2014-12-08 | 2016-06-16 | Cryptography Research, Inc. | Multiplicative masking for cryptographic operations |
| CN105721150A (en) * | 2016-01-26 | 2016-06-29 | 广东技术师范学院 | Multivariate quadratic equation mask encryption method |
| CN107466453A (en) * | 2017-03-16 | 2017-12-12 | 深圳大趋智能科技有限公司 | The method and device of the anti-DPA attacks of DES softwares |
Non-Patent Citations (1)
| Title |
|---|
| "功耗分析攻击研究及抗功耗分析攻击密码芯片设计";苗全;《中国优秀博士学位论文全文数据库信息科技辑》;20130515(第5期);第55-77页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109165531A (en) | 2019-01-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109165531B (en) | AES mask method, electronic equipment and storage medium | |
| US10439797B2 (en) | Methods and devices against a side-channel analysis | |
| CN108521325B (en) | Side channel attack prevention method suitable for system data full life cycle | |
| CN105049400B (en) | S box is split in whitepack implementation to prevent from attacking | |
| US8165286B2 (en) | Combination white box/black box cryptographic processes and apparatus | |
| US20150215117A1 (en) | White box encryption apparatus and method | |
| US11256478B2 (en) | Method for securing a cryptographic process with SBOX against high-order side-channel attacks | |
| CN105406957B (en) | Encryption device confrontation is protected to realize attack | |
| CN105007256B (en) | Security module for executing security function on non-trusted platform | |
| US9847879B2 (en) | Protection against passive sniffing | |
| CN106100823B (en) | Password protection device | |
| CN101681408B (en) | Data security | |
| CN106936822B (en) | Mask implementation method and system for resisting high-order bypass analysis aiming at SMS4 | |
| WO2018033017A1 (en) | Terminal state conversion method and system for credit granting | |
| US8413906B2 (en) | Countermeasures to secure smart cards | |
| US20200082060A1 (en) | Secure calling convention system and methods | |
| CN104636662A (en) | Data processing method and terminal device | |
| US20110091034A1 (en) | Secure Method for Cryptographic Computation and Corresponding Electronic Component | |
| CN109936448A (en) | A kind of data transmission method and device | |
| CN105376046B (en) | A kind of encipher-decipher method and device of block cipher attack protection | |
| CN111602367B (en) | Method for protecting entropy sources used in countermeasures for securing white-box cryptographic algorithms | |
| Weiner et al. | Security analysis of a widely deployed locking system | |
| CN111428232A (en) | Password processing method and device for encrypted input and intelligent lock | |
| CN108768624A (en) | A kind of defence reverse-engineering encryption method based on Camellia algorithms | |
| Budiman et al. | Arduino UNO and android based digital lock using combination of vigenere cipher and XOR cipher |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |