CN109995502A - A kind of side Multiple Channel Analysis method and device, terminal and computer readable storage medium - Google Patents
A kind of side Multiple Channel Analysis method and device, terminal and computer readable storage medium Download PDFInfo
- Publication number
- CN109995502A CN109995502A CN201810048816.XA CN201810048816A CN109995502A CN 109995502 A CN109995502 A CN 109995502A CN 201810048816 A CN201810048816 A CN 201810048816A CN 109995502 A CN109995502 A CN 109995502A
- Authority
- CN
- China
- Prior art keywords
- data
- moving
- value
- power consumption
- feature vector
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004458 analytical method Methods 0.000 title claims abstract description 63
- 238000013145 classification model Methods 0.000 claims abstract description 26
- 230000013016 learning Effects 0.000 claims abstract description 26
- 238000012549 training Methods 0.000 claims description 27
- 238000012545 processing Methods 0.000 claims description 21
- 230000000694 effects Effects 0.000 claims description 13
- 238000012360 testing method Methods 0.000 claims description 12
- 238000004891 communication Methods 0.000 claims description 9
- 238000013527 convolutional neural network Methods 0.000 claims description 8
- 230000008447 perception Effects 0.000 claims description 6
- 238000000034 method Methods 0.000 abstract description 20
- 238000004422 calculation algorithm Methods 0.000 description 8
- 238000010801 machine learning Methods 0.000 description 5
- 238000000513 principal component analysis Methods 0.000 description 5
- 239000000523 sample Substances 0.000 description 5
- 238000012706 support-vector machine Methods 0.000 description 5
- 238000000354 decomposition reaction Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 238000004364 calculation method Methods 0.000 description 3
- 230000005670 electromagnetic radiation Effects 0.000 description 3
- 238000007781 pre-processing Methods 0.000 description 3
- 238000007635 classification algorithm Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000004321 preservation Methods 0.000 description 2
- 238000007619 statistical method Methods 0.000 description 2
- 241001269238 Data Species 0.000 description 1
- 238000013528 artificial neural network Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000005265 energy consumption Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000002474 experimental method Methods 0.000 description 1
- 230000001537 neural effect Effects 0.000 description 1
- 238000011017 operating method Methods 0.000 description 1
- 238000002203 pretreatment Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/24—Classification techniques
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
- H04L9/003—Countermeasures against attacks on cryptographic mechanisms for power analysis, e.g. differential power analysis [DPA] or simple power analysis [SPA]
Landscapes
- Engineering & Computer Science (AREA)
- Data Mining & Analysis (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Bioinformatics & Computational Biology (AREA)
- Life Sciences & Earth Sciences (AREA)
- Artificial Intelligence (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Signal Processing (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Evolutionary Biology (AREA)
- Evolutionary Computation (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present invention provides a kind of side Multiple Channel Analysis method and devices, terminal and computer readable storage medium, this method obtains data-moving known to each data-moving value and operates corresponding feature vector, then corresponding feature vector is operated using each data-moving known to data-moving value, at least one classification learning device is trained, determine optimal classification model, then the unknown data-moving of data value is obtained using identical pretreatment parameter operate corresponding feature vector, finally use optimal classification model, the data-moving unknown to data-moving value operates corresponding feature vector and carries out analysis prediction;Corresponding feature vector is operated by using each data-moving known to data-moving value to be trained multiple classification learning devices, to obtain an optimal models, compared with the mode that an existing learner is trained, the attack accuracy rate of optimal models is higher, that is, improves the success rate of side Multiple Channel Analysis.
Description
Technical field
The present invention relates to side Multiple Channel Analysis field more particularly to a kind of side Multiple Channel Analysis method and devices, terminal and calculating
Machine readable storage medium storing program for executing.
Background technique
Using crypto chip execute cryptography relevant operation when side channel leakage it is for statistical analysis can be used to obtain
The sensitive informations such as key.Wherein there is a kind of attack method to be referred to as indicating (profi led) attack, Typical Representative is attacked for template
It hits.Indicate that attack is divided into expression stage and phase of the attack: the expression stage using a large amount of power consumption power traces establish template library or
Person obtains a model by training, and phase of the attack is carried out template matching to freshly harvested trace or classified using model
Prediction indicates that the major advantage of attack is, if establishing the template library or model of high quality, phase of the attack is using a small amount of
Trace can attack out correct sensitive information with biggish probability.
Summary of the invention
The present invention provides a kind of side Multiple Channel Analysis method and device, terminal and computer readable storage medium, to improve side
The success rate of Multiple Channel Analysis.
In order to solve the above technical problems, the invention adopts the following technical scheme:
A kind of side Multiple Channel Analysis method comprising:
Data-moving known to data-moving value is executed using crypto chip to operate, and obtains number known to each data-moving value
Corresponding power consumption power traces are operated according to moving;
Pretreatment processing is carried out to power consumption power traces using pretreatment parameter, obtains data known to each data-moving value
Move the corresponding feature vector of operation;
Corresponding feature vector is operated using each data-moving known to data-moving value, at least one classification learning device
It is trained, determines optimal classification model;
Corresponding power consumption power traces are operated using the pretreatment parameter data-moving unknown to data value to handle, and are obtained
It obtains the unknown data-moving of data value and operates corresponding feature vector;
Using optimal classification model, the data-moving unknown to data-moving value operates corresponding feature vector and analyzes
Prediction.
Further, obtaining the corresponding feature vector of the operation of data-moving known to each data-moving value includes:
It obtains data-moving known to each data-moving value and operates corresponding power consumption power traces feature;
It is positioned according to power consumption power traces feature, determines the corresponding key area of data-moving operation;
Power consumption power traces in key area are operated to data-moving known to each data-moving value, carry out feature point
Analysis obtains data-moving known to each data-moving value and operates corresponding feature vector.
Further, before carrying out signature analysis, further includes:
Judge that the key of power consumption power traces of the operation of data-moving known to each data-moving value in key area is special
Whether sign is in same time zone;
If it is not, then by the way of mobile power consumption power traces time shaft, by data-moving known to each data-moving value
Operate the key feature alignment of the power consumption power traces in key area;
The key feature of power consumption power traces of the operation of the data-moving known to each data-moving value in key area
After alignment, the power consumption power traces in key area are operated to data-moving known to each data-moving value, carry out feature point
Analysis.
Further, obtaining the corresponding feature vector of the operation of data-moving known to each data-moving value includes:
Principal component is carried out to power consumption power traces of the operation of data-moving known to each data-moving value in key area
Analysis;
By the principal component of power consumption power traces of the operation of data-moving known to each data-moving value in key area, make
Corresponding feature vector is operated for data-moving known to each data-moving value.
Further, obtaining the corresponding feature vector of the operation of data-moving known to each data-moving value includes:
Singular value is carried out to power consumption power traces of the operation of data-moving known to each data-moving value in key area
It decomposes;
It is big that data-moving known to each data-moving value is operated into singular value in the power consumption power traces in key area
In the feature of preset value, corresponding feature vector is operated as data-moving known to each data-moving value.
Further, corresponding feature vector is operated using data-moving known to each data-moving value, at least one
Classification learning device is trained, and determines that optimal classification model includes:
Data-moving known to each data-moving value is operated into corresponding feature vector, is divided into training set and test set;
Using training set, at least one classification learning device is trained, obtains the corresponding classification mould of each classification learning device
Type;
Using test set, each disaggregated model is tested, determines the corresponding training effect of each disaggregated model;
By the optimal disaggregated model of training effect, as optimal classification model.
Further, classification learning device includes k neighbour, support vector machines, multi-layer perception (MLP), in convolutional neural networks extremely
Few one kind.
A kind of side Multiple Channel Analysis device comprising:
Acquisition module operates for executing data-moving known to data-moving value using crypto chip, obtains each data
It moves data-moving known to value and operates corresponding power consumption power traces;It is also used to the unknown data-moving operation of acquired data values
Corresponding power consumption power traces;
Processing module obtains each data and removes for carrying out pretreatment processing to power consumption power traces using pretreatment parameter
Data-moving known to shifting value operates corresponding feature vector;The pretreatment parameter data unknown to data value are also used for remove
It moves the corresponding power consumption power traces of operation to be handled, obtains the unknown data-moving of data value and operate corresponding feature vector;
Training module, for operating corresponding feature vector using each data-moving known to data-moving value, at least
A kind of classification learning device is trained, and determines optimal classification model;
Analysis module, for using optimal classification model, the data-moving unknown to data-moving value operates corresponding spy
Sign vector carries out analysis prediction.
A kind of terminal comprising: processor, memory and communication bus, wherein
Communication bus is for realizing the connection communication between processor and memory;
Processor is for executing one or more program stored in memory, to realize side channel provided by the invention
The step of analysis method.
A kind of computer readable storage medium, computer-readable recording medium storage have one or more program, and one
Or multiple programs can be executed by one or more processor, to realize the step of Multiple Channel Analysis method in side provided by the invention
Suddenly.
Beneficial effect
The present invention provides a kind of side Multiple Channel Analysis method and device, terminal and computer readable storage medium, this method
Pretreatment processing is carried out to power consumption power traces by using pretreatment parameter, obtains data-moving known to each data-moving value
Corresponding feature vector is operated, then corresponding feature vector is operated using each data-moving known to data-moving value, to extremely
A kind of few classification learning device is trained, and determines optimal classification model, then using identical pretreatment parameter to data value not
The data-moving known operates corresponding power consumption power traces and is handled, and it is corresponding to obtain the unknown data-moving operation of data value
Feature vector, finally uses optimal classification model, the data-moving unknown to data-moving value operate corresponding feature vector into
Row analysis prediction;In this process, corresponding feature vector pair is operated by using each data-moving known to data-moving value
Multiple classification learning devices are trained, to obtain an optimal models, compared with the mode that an existing learner is trained,
The attack accuracy rate of optimal models is higher, that is, improves the success rate of side Multiple Channel Analysis.
Detailed description of the invention
Fig. 1 is the flow chart for the side Multiple Channel Analysis method that the embodiment of the present invention one provides;
Fig. 2 is the structural schematic diagram for the side Multiple Channel Analysis device that the embodiment of the present invention one provides;
Fig. 3 is the structural schematic diagram for the terminal that the embodiment of the present invention one provides;
Fig. 4 is the flow chart of data-moving Operations Analyst method provided by Embodiment 2 of the present invention.
Specific embodiment
Below by specific embodiment combination attached drawing, invention is further described in detail.
Embodiment one:
Fig. 1 is the flow chart for the side Multiple Channel Analysis method that the embodiment of the present invention one provides, referring to FIG. 1, the present embodiment mentions
The side Multiple Channel Analysis method of confession the following steps are included:
S101: data-moving known to data-moving value is executed using crypto chip and is operated, has obtained each data-moving value
The data-moving known operates corresponding power consumption power traces.
After the control for obtaining crypto chip, including but not limited to control input (in plain text, the number such as key can be executed
According to), cryptographic algorithm relevant operation is executed, power consumption power traces etc. are revealed by side channel record, it can be in algorithm flow
Data-moving operation is controlled.
Data-moving includes but is not limited between chip memory different piece, between memory and read-only storage, memory and certain
It is waited between a little hardware special module internal registers and carries out data copy operation.
Control chip moves different data values, by taking the operation of 1 byte as an example, randomly from this 256 value choosings of 0-255
Power consumption power traces when selecting one to carry out moving operation, and probe, probe etc. being used to acquire corresponding operating.The energy of acquisition
Trace includes but is not limited to current power dissipation curve, electromagnetic radiation power consumption profile etc.;The number of traces of acquisition should be enough, common
Up to tens of thousands of to millions of.
S102: pretreatment processing is carried out to power consumption power traces using pretreatment parameter, is obtained known to each data-moving value
Data-moving operate corresponding feature vector.
This step is pre-processed to collected trace.Rough positioning is carried out firstly the need of according to trace feature,
The corresponding substantially section of data-moving operation is found out, can will calculate in this way and processing focuses on key area, reduce calculation amount.
It, can be with if the trace main feature in this region, including apparent peak value or low ebb etc. be near some time zone
By the way of mobile trace time axis, the main feature of trace is aligned.The trace of key area is intercepted out and be saved.
Principal component analysis or singular value decomposition are carried out to the trace of preservation, select principal component or singular value larger portion feature, example
If Principal component accounts for those of 99.9% feature, data volume to be processed can be further compressed in this way.
Because the data volume of power consumption power traces is big, and many invalid datas, therefore, this step includes: to obtain each number
Corresponding power consumption power traces feature is operated according to data-moving known to value is moved;Determined according to power consumption power traces feature
Position determines the corresponding key area of data-moving operation;Data-moving known to each data-moving value is operated in key area
Power consumption power traces in domain carry out signature analysis, obtain data-moving known to each data-moving value and operate corresponding feature
Vector.This step carries out rough positioning according to trace feature, finds out the corresponding substantially section of data-moving operation, in this way may be used
It will calculate and processing focus on key area, reduce calculation amount
In practical applications, it is interfered by clock etc., the main feature of power consumption power traces, such as apparent peak value or the lowest point do not have
There is alignment, i.e., not near some time zone, at this point, this step is before carrying out signature analysis, further includes: judge each number
According to whether moving the key feature of power consumption power traces of the operation of data-moving known to value in key area in the same time
In region;If it is not, then data-moving known to each data-moving value is grasped by the way of mobile power consumption power traces time shaft
Make the key feature alignment of the power consumption power traces in key area;The operation of the data-moving known to each data-moving value exists
After the key feature alignment of power consumption power traces in key area, the operation of data-moving known to each data-moving value is being closed
Power consumption power traces in key range carry out signature analysis.
In some embodiments, obtaining the corresponding feature vector of the operation of data-moving known to each data-moving value includes:
Principal component analysis is carried out to power consumption power traces of the operation of data-moving known to each data-moving value in key area;It will be each
The principal component of power consumption power traces of the operation of data-moving known to data-moving value in key area, as each data-moving
It is worth known data-moving and operates corresponding feature vector.Alternatively, obtaining the operation pair of data-moving known to each data-moving value
The feature vector answered include: to power consumption power traces of the operation in key area of data-moving known to each data-moving value into
Row singular value decomposition;The operation of data-moving known to each data-moving value is unusual in the power consumption power traces in key area
Value is greater than the feature of preset value, operates corresponding feature vector as data-moving known to each data-moving value.
S103: corresponding feature vector is operated using each data-moving known to data-moving value, is classified at least one
Learner is trained, and determines optimal classification model.
This step includes: that data-moving known to each data-moving value is operated corresponding feature vector, is divided into training set
And test set;Using training set, at least one classification learning device is trained, obtains the corresponding classification mould of each classification learning device
Type;Using test set, each disaggregated model is tested, determines the corresponding training effect of each disaggregated model;Most by training effect
Good disaggregated model, as optimal classification model.Classification learning device includes k neighbour, support vector machines, multi-layer perception (MLP), convolution
At least one of neural network.
S104: it is operated at corresponding power consumption power traces using the pretreatment parameter data-moving unknown to data value
Reason obtains the unknown data-moving of data value and operates corresponding feature vector.
This step is identical as the processing of step S102, repeats no more.
S105: using optimal classification model, the data-moving unknown to data-moving value operate corresponding feature vector into
Row analysis prediction.
It for feature vector to be analyzed, is handled with optimal classification model, can predict that this power traces is corresponding
Value of moving what is, the accuracy of this result is not 100%, but can be with reference to being identified and be tested with predicted value
Card, can check and really move whether value is this predicted value.If it is, success attack, if it is not, can adopt again
The trace for collecting new is repeated to predict and be verified.
Fig. 2 is the structural schematic diagram for the side Multiple Channel Analysis device that the embodiment of the present invention one provides, referring to FIG. 2, this implementation
The side Multiple Channel Analysis device 2 that example provides comprises the following modules:
Acquisition module 21 operates for executing data-moving known to data-moving value using crypto chip, obtains each number
Corresponding power consumption power traces are operated according to data-moving known to value is moved;It is also used to the unknown data-moving behaviour of acquired data values
Make corresponding power consumption power traces;
Processing module 22 obtains each data for carrying out pretreatment processing to power consumption power traces using pretreatment parameter
It moves data-moving known to value and operates corresponding feature vector;It is also used for the pretreatment parameter data unknown to data value
The corresponding power consumption power traces of operation are moved to be handled, obtain the unknown data-moving of data value operate corresponding feature to
Amount;
Training module 23, for operating corresponding feature vector using each data-moving known to data-moving value, to extremely
A kind of few classification learning device is trained, and determines optimal classification model;
Analysis module 24, for using optimal classification model, the data-moving operation unknown to data-moving value is corresponding
Feature vector carries out analysis prediction.
In some embodiments, training module 23 is used to data-moving known to each data-moving value operating corresponding spy
Vector is levied, training set and test set are divided into;Using training set, at least one classification learning device is trained, each classification is obtained
The corresponding disaggregated model of learner;Using test set, each disaggregated model is tested, determines the corresponding training of each disaggregated model
Effect;By the optimal disaggregated model of training effect, as optimal classification model.
In some embodiments, processing module 22 is corresponding for obtaining the operation of data-moving known to each data-moving value
Power consumption power traces feature;It is positioned according to power consumption power traces feature, determines the corresponding key area of data-moving operation
Domain;Power consumption power traces in key area are operated to data-moving known to each data-moving value, signature analysis is carried out, obtains
Data-moving known to each data-moving value is taken to operate corresponding feature vector.
In some embodiments, processing module 22 is used for before carrying out signature analysis, is judged known to each data-moving value
Data-moving operate the key feature of power consumption power traces in key area whether in same time zone;If it is not,
Then by the way of mobile power consumption power traces time shaft, data-moving known to each data-moving value is operated in key area
The key feature of interior power consumption power traces is aligned;The data-moving known to each data-moving value operates in key area
After the key feature alignment of power consumption power traces, the function in key area is operated to data-moving known to each data-moving value
Energy consumption trace carries out signature analysis.
In some embodiments, processing module 22 is used for: operating data-moving known to each data-moving value in key
Power consumption power traces in region carry out principal component analysis, and data-moving known to each data-moving value is operated in key area
The principal component of interior power consumption power traces operates corresponding feature vector as data-moving known to each data-moving value;Or
Person carries out singular value decomposition to power consumption power traces of the operation of data-moving known to each data-moving value in key area;
Data-moving known to each data-moving value is operated into singular value in the power consumption power traces in key area and is greater than preset value
Feature, operate corresponding feature vector as data-moving known to each data-moving value.
Fig. 3 is the structural schematic diagram for the terminal that the embodiment of the present invention one provides, referring to FIG. 3, end provided in this embodiment
End includes: processor 31, storage chip 32, communication bus 33, wherein
Communication bus 33 is for realizing the connection communication between processor 31, storage chip 32;
Processor 31 is used to run the program in storage chip 32, to realize the step of the method for any of the above embodiment offer
Suddenly.
A kind of side Multiple Channel Analysis method and device, terminal are present embodiments provided, this method is by using pretreatment parameter
Pretreatment processing is carried out to power consumption power traces, obtain data-moving known to each data-moving value operate corresponding feature to
Then amount operates corresponding feature vector using each data-moving known to data-moving value, at least one classification learning device
It is trained, determines optimal classification model, then operated using the identical pretreatment parameter data-moving unknown to data value
Corresponding power consumption power traces are handled, and are obtained the unknown data-moving of data value and are operated corresponding feature vector, finally make
With optimal classification model, the data-moving unknown to data-moving value operates corresponding feature vector and carries out analysis prediction;At this
In the process, by using each data-moving known to data-moving value operate corresponding feature vector to multiple classification learning devices into
Row training, to obtain an optimal models, compared with the mode that an existing learner is trained, the attack of optimal models is quasi-
True rate is higher, that is, improves the success rate of side Multiple Channel Analysis.
Embodiment two:
The present embodiment by taking cipher key attacks as an example to be illustrated.
Side channel information when being executed cryptographic algorithm using cryptographic hardware is revealed, such as current power dissipation or electromagnetic radiation function
Consumption etc. can analyze out the sensitive informations such as key by means such as statistical analysis, directly contribute the safety issue of cryptographic hardware.
In addition to simple power consumption analysis, differential power consumption analysis etc., template attack is considered as utmostly being let out using side channel information
A kind of attack method of dew.
Template attack needs to fully control hardware device, including control input (in plain text, the data such as key), executes password
Algorithm relevant operation reveals power consumption power traces etc. by side channel record.It is corresponding using the operation for largely inputting random
Trace can establish a template library.When executing attack, unknown input, same operation trace is carried out with template library
Matching, finds out the template of maximum probability, then the corresponding input value of this template is exactly to use when executing relevant operation by attack equipment
Input value.A large amount of acquisition traces can be first passed through in advance by means of which and establish template library, if template library quality is high, attacked
Several or even a trace can be used when hitting can match correct input value, this can significantly improve and attack
The efficiency hit, and it is more efficient in the case where acquiring power consumption power traces and being restricted.
In order to achieve the above objectives, the present embodiment including but not limited to controls after the control for obtaining crypto chip
Input (in plain text, the data such as key), executes cryptographic algorithm relevant operation, reveals power consumption power traces etc. by side channel record,
Data-moving operation in algorithm flow is controlled.Data-moving includes but is not limited between chip memory different piece,
Between memory and read-only storage, data copy operation is carried out between memory and certain hardware special module internal registers etc..Control
Coremaking piece moves different data values, by taking the operation of 1 byte as an example, i.e., randomly moves this 256 values of 0-255, and adopt
Power consumption power traces when corresponding operating are acquired with probe, probe etc..
These traces are pre-processed, including operation positioning, that is, finds the approximate location of data-moving operation;Trace pair
It together and intercepts, treat the progress mathematic(al) manipulation of processing part, including but not limited to compressed using principal component analysis, odd value analysis etc.
Data characteristics space.
Utilize k neighbour, support vector machines (Support Vector Machine, SVM), multi-layer perception (MLP), convolutional Neural
The machine learning classifications methods such as network (Convolutional Neural Networks, CNN) are trained and survey to data
Examination, finds out the corresponding parameter of the highest model of accuracy.It can be to actual data-moving using this trained model
Operation is attacked.When attack, the unknown curve of collected data-moving value will also pass through identical pretreatment operation ability
The prediction of data-moving value is carried out with model, thus the process of pretreatment operation to record it is spare.
By experiment, the machine learning attack effect for moving operation for 1 byte is as shown in table 1 below, correct in table 1
Rate is corresponding classification method/model under the premise of using 1 trace, moves operation to byte and attacks, what is obtained is correct
Rate statistical result;Machine learning classification algorithm is compared with traditional template attack as can be seen from Table 1, and accuracy has very big
It is promoted, best CNN model, accuracy improves about 18 times.
| Classification method/model | Accuracy | Remarks |
| Template attack | 3.08% | |
| K neighbour | 31.48% | K=121 |
| SVM | 32.68% | Linear kernel |
| Multi-layer perception (MLP) | 32.93% | Single hidden layer |
| CNN | 56.45% | 2 convolutional layers |
Table 1
Specifically, as shown in figure 4, method provided in this embodiment the following steps are included:
S401: crypto chip control is obtained, to obtain a large amount of power traces when different data is moved.
The present embodiment obtains the control of crypto chip, including but not limited to control input (in plain text, the data such as key), holds
Row cryptographic algorithm relevant operation is revealed power consumption power traces etc. by side channel record, can be removed to the data in algorithm flow
Operation is moved to be controlled.Data-moving includes but is not limited between chip memory different piece, between memory and read-only storage, it is interior
It deposits between certain hardware special module internal registers etc. and to carry out data copy operation.Control chip moves different data
Value, by taking the operation of 1 byte as an example, randomly from 0-255, this 256 values select one to carry out moving operation, and using spy
Needle, probe etc. acquire power consumption power traces when corresponding operating.The power traces of acquisition include but is not limited to current power dissipation curve,
Electromagnetic radiation power consumption profile etc.;The number of traces of acquisition should be enough, and common is tens of thousands of to millions of reachable.
S402: pre-processing power traces, and operating procedure when record preprocessing and the parameter used.
Collected trace is pre-processed: carrying out rough positioning firstly the need of according to trace feature, finds out data
The corresponding substantially section of operation is moved, can will calculate in this way and processing focuses on key area, reduce calculation amount.If this
The trace main feature in region, including apparent peak value or low ebb etc. can use movement not near some time zone
The main feature of trace is aligned by the mode of trace time axis.The trace of key area is intercepted out and be saved.To preservation
Trace carries out principal component analysis or singular value decomposition, selects principal component or singular value larger portion feature, such as principal component
Value accounts for those of 99.9% feature, can further compress data volume to be processed in this way.By the pre-treatment step of this step and
Correlating transforms will save, in step s 404 for use.
S403: obtained characteristic is trained and is tested using different machine learning classification algorithms, finds out and attacks
Hit the highest model of accuracy and its parameter.
Trace will be obtained in S402 and is divided into two parts, such as 90% is training set, and 10% is test set.Due to each mark
The corresponding data-moving value of line it is known that can use k neighbour, support vector machines, multi-layer perception (MLP), convolutional neural networks etc. in this way
Supervised learning classification method is trained training set, and the effect of training is then tested using test set, and test lumped model is pre-
The data-moving value of survey and the identical ratio of true data-moving value are higher, then it is assumed that training effect is better.Each model
It can iterate, it is best until finding out test effect, that is, it predicts the highest model of setting ratio, its parameter is preserved.
S404: unknown power traces are worth to moving data and carry out identical preprocessing process.
For moving the trace of the unknown same type of value, identical processing and transformation in S402 are carried out, this results in
The crucial trace section of trace and transformed feature vector.The feature vector length that this step obtains should be obtained with S402
Length it is the same.
S405: being attacked using obtained model, is obtained moving data and is worth that unknown power traces are corresponding to move value.
The feature vector that S404 is obtained is handled with the model that S403 training obtains, can predict this power traces
What corresponding value of moving is.The accuracy of this result is not 100%, but can be that reference is identified with predicted value
And verifying, it can check and really move whether value is this predicted value.If it is, success attack, if it is not, can be with
New trace is acquired again to repeat to predict and verify.It is average next since best model (CNN) accuracy has reached 50% or more
It says, can predict and verify using 2 traces and really move value, without guessing and verifying 256 times.This is equivalent to
Reduce the conjecture space of each byte, more than for multibyte data, each byte is modeled and attacked respectively, then may be used
To attack out the value of entire data.
The present embodiment is attacked for the power traces of data-moving operation in cryptographic hardware equipment, have found effect compared with
Good some machine learning classification methods have the advantages that if key is present in data-moving operation, can be veritably
Attack out each byte of key;It is compared with traditional template attack technology, the attack accuracy of single byte has more than ten
Times or more promotion, entire data, especially for multibyte data, conjecture space greatly compressed.
The present invention also provides a kind of computer readable storage medium, computer-readable recording medium storage have one or
Multiple programs, one or more program are performed, the step of to realize method provided by all embodiments of the invention.
By the implementation of above embodiments it is found that the present invention have it is following the utility model has the advantages that
The present invention provides a kind of side Multiple Channel Analysis method and device, terminal and computer readable storage medium, this method
Pretreatment processing is carried out to power consumption power traces by using pretreatment parameter, obtains data-moving known to each data-moving value
Corresponding feature vector is operated, then corresponding feature vector is operated using each data-moving known to data-moving value, to extremely
A kind of few classification learning device is trained, and determines optimal classification model, then using identical pretreatment parameter to data value not
The data-moving known operates corresponding power consumption power traces and is handled, and it is corresponding to obtain the unknown data-moving operation of data value
Feature vector, finally uses optimal classification model, the data-moving unknown to data-moving value operate corresponding feature vector into
Row analysis prediction;Corresponding feature vector is operated to multiple classification learnings by using each data-moving known to data-moving value
Device is trained, and to obtain an optimal models, compared with the mode that an existing learner is trained, optimal models are attacked
It hits that accuracy rate is higher, that is, improves the success rate of side Multiple Channel Analysis.
The above content is specific embodiment is combined, further detailed description of the invention, and it cannot be said that this hair
Bright specific implementation is only limited to these instructions.For those of ordinary skill in the art to which the present invention belongs, it is not taking off
Under the premise of from present inventive concept, a number of simple deductions or replacements can also be made, all shall be regarded as belonging to protection of the invention
Range.
Claims (10)
1. a kind of side Multiple Channel Analysis method characterized by comprising
Data-moving known to data-moving value is executed using crypto chip to operate, and is obtained data known to each data-moving value and is removed
It moves and operates corresponding power consumption power traces;
Pretreatment processing is carried out to the power consumption power traces using pretreatment parameter, obtains data known to each data-moving value
Move the corresponding feature vector of operation;
Corresponding feature vector is operated using each data-moving known to the data-moving value, at least one classification learning device
It is trained, determines optimal classification model;
Corresponding power consumption power traces are operated using the pretreatment parameter data-moving unknown to data value to handle, and are obtained
It obtains the unknown data-moving of the data value and operates corresponding feature vector;
Using the optimal classification model, the data-moving unknown to the data-moving value operates corresponding feature vector and carries out
Analysis prediction.
2. Multiple Channel Analysis method in side as described in claim 1, which is characterized in that described to obtain number known to each data-moving value
Include: according to the corresponding feature vector of operation is moved
It obtains data-moving known to each data-moving value and operates corresponding power consumption power traces feature;
It is positioned according to the power consumption power traces feature, determines the corresponding key area of data-moving operation;
Power consumption power traces in the key area are operated to data-moving known to each data-moving value, carry out feature point
Analysis obtains data-moving known to each data-moving value and operates corresponding feature vector.
3. Multiple Channel Analysis method in side as claimed in claim 2, which is characterized in that before carrying out signature analysis, further includes:
Judge that the key of power consumption power traces of the operation of data-moving known to each data-moving value in the key area is special
Whether sign is in same time zone;
If it is not, then data-moving known to each data-moving value is operated by the way of mobile power consumption power traces time shaft
The key feature of power consumption power traces in the key area is aligned;
The key feature of power consumption power traces of the operation of the data-moving known to each data-moving value in the key area
After alignment, the power consumption power traces in the key area are operated to data-moving known to each data-moving value, are carried out special
Sign analysis.
4. Multiple Channel Analysis method in side as claimed in claim 2, which is characterized in that described to obtain number known to each data-moving value
Include: according to the corresponding feature vector of operation is moved
Principal component is carried out to power consumption power traces of the operation of data-moving known to each data-moving value in the key area
Analysis;
By power consumption power traces of the operation of data-moving known to each data-moving value in the key area it is main at
Point, corresponding feature vector is operated as data-moving known to each data-moving value.
5. Multiple Channel Analysis method in side as claimed in claim 2, which is characterized in that described to obtain number known to each data-moving value
Include: according to the corresponding feature vector of operation is moved
Singular value is carried out to power consumption power traces of the operation of data-moving known to each data-moving value in the key area
It decomposes;
The operation of data-moving known to each data-moving value is unusual in the power consumption power traces in the key area
Value is greater than the feature of preset value, operates corresponding feature vector as data-moving known to each data-moving value.
6. such as Multiple Channel Analysis method in side described in any one of claim 1 to 5, which is characterized in that described to use each data
It moves data-moving known to value and operates corresponding feature vector, at least one classification learning device is trained, is determined optimal
Disaggregated model includes:
Data-moving known to each data-moving value is operated into corresponding feature vector, is divided into training set and test set;
Using the training set, at least one classification learning device is trained, corresponding point of each classification learning device is obtained
Class model;
Using the test set, each disaggregated model is tested, determines the corresponding training effect of each disaggregated model;
By the optimal disaggregated model of training effect, as the optimal classification model.
7. Multiple Channel Analysis method in side as claimed in claim 6, which is characterized in that the classification learning device includes k neighbour, supports
Vector machine, multi-layer perception (MLP), at least one of convolutional neural networks.
8. a kind of side Multiple Channel Analysis device characterized by comprising
Acquisition module operates for executing data-moving known to data-moving value using crypto chip, obtains each data-moving
It is worth known data-moving and operates corresponding power consumption power traces;The unknown data-moving operation of acquired data values is also used to correspond to
Power consumption power traces;
Processing module obtains each data and removes for carrying out pretreatment processing to the power consumption power traces using pretreatment parameter
Data-moving known to shifting value operates corresponding feature vector;It is also used for the pretreatment parameter number unknown to data value
It is handled according to the corresponding power consumption power traces of operation are moved, obtains the unknown data-moving of the data value and operate corresponding spy
Levy vector;
Training module, for operating corresponding feature vector using each data-moving known to the data-moving value, at least
A kind of classification learning device is trained, and determines optimal classification model;
Analysis module, for using the optimal classification model, the data-moving unknown to the data-moving value, which operates, to be corresponded to
Feature vector carry out analysis prediction.
9. a kind of terminal characterized by comprising processor, memory and communication bus, wherein
The communication bus is for realizing the connection communication between the processor and the memory;
The processor is for executing one or more program stored in the memory, to realize such as claim 1 to 7
The step of described in any item side Multiple Channel Analysis methods.
10. a kind of computer readable storage medium, which is characterized in that the computer-readable recording medium storage have one or
Multiple programs, one or more of programs can be executed by one or more processor, to realize such as claim 1 to 7
The step of described in any item side Multiple Channel Analysis methods.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711495552 | 2017-12-31 | ||
| CN2017114955524 | 2017-12-31 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109995502A true CN109995502A (en) | 2019-07-09 |
Family
ID=67128594
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810048816.XA Pending CN109995502A (en) | 2017-12-31 | 2018-01-18 | A kind of side Multiple Channel Analysis method and device, terminal and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109995502A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111565189A (en) * | 2020-04-30 | 2020-08-21 | 衡阳师范学院 | Side channel analysis method based on deep learning |
| CN112787971A (en) * | 2019-11-01 | 2021-05-11 | 国民技术股份有限公司 | Construction method of side channel attack model, password attack equipment and computer storage medium |
| CN112883385A (en) * | 2019-11-29 | 2021-06-01 | 上海复旦微电子集团股份有限公司 | Side channel leakage position positioning method and device, storage medium and terminal |
| CN113630235A (en) * | 2021-08-06 | 2021-11-09 | 深圳技术大学 | Method and device for side channel analysis and model construction thereof |
| CN116388956A (en) * | 2023-03-16 | 2023-07-04 | 中物院成都科学技术发展中心 | Side channel analysis method based on deep learning |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103138917A (en) * | 2013-01-25 | 2013-06-05 | 国家密码管理局商用密码检测中心 | Application method of Hamming distance model on SM4 cryptographic algorithm lateral information channel energy analysis and based on S box input |
| CN103199983A (en) * | 2013-01-31 | 2013-07-10 | 国家密码管理局商用密码检测中心 | N-order local area power model in side channel power analysis and application thereof |
| CN103679008A (en) * | 2012-09-03 | 2014-03-26 | 江苏东大集成电路系统工程技术有限公司 | Efficient secure chip power consumption attack test method |
| CN104717055A (en) * | 2015-03-25 | 2015-06-17 | 成都信息工程学院 | Template attacking method for SM4 password algorithm selective input on basis of Hamming weight |
| CN104811297A (en) * | 2015-04-23 | 2015-07-29 | 成都信息工程学院 | Method for modular multiplication remainder input side channel attacks aiming at M-ary implementation of RSA |
| CN104868990A (en) * | 2015-04-15 | 2015-08-26 | 成都信息工程学院 | Template attack method in allusion to SM4 cipher algorithm round output |
| US20150373036A1 (en) * | 2014-06-24 | 2015-12-24 | Qualcomm Incorporated | Methods and Systems for Side Channel Analysis Detection and Protection |
| US9268938B1 (en) * | 2015-05-22 | 2016-02-23 | Power Fingerprinting Inc. | Systems, methods, and apparatuses for intrusion detection and analytics using power characteristics such as side-channel information collection |
| CN106301758A (en) * | 2016-09-08 | 2017-01-04 | 中国科学院信息工程研究所 | Screening technique and system towards side channelization codes energy mark |
| CN106656459A (en) * | 2016-11-17 | 2017-05-10 | 大唐微电子技术有限公司 | Side channel energy analysis method and device for SM3-HMAC |
| CN107070629A (en) * | 2016-11-14 | 2017-08-18 | 成都信息工程大学 | A kind of template attack method exported for SM4 cryptographic algorithms wheel |
| CN107241324A (en) * | 2017-06-01 | 2017-10-10 | 东南大学 | Cryptochannel power consumption compensation anti-bypass attack method and circuit based on machine learning |
| CN107508678A (en) * | 2017-10-13 | 2017-12-22 | 成都信息工程大学 | The side-channel attack method of RSA masks defence algorithm based on machine learning |
-
2018
- 2018-01-18 CN CN201810048816.XA patent/CN109995502A/en active Pending
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103679008A (en) * | 2012-09-03 | 2014-03-26 | 江苏东大集成电路系统工程技术有限公司 | Efficient secure chip power consumption attack test method |
| CN103138917A (en) * | 2013-01-25 | 2013-06-05 | 国家密码管理局商用密码检测中心 | Application method of Hamming distance model on SM4 cryptographic algorithm lateral information channel energy analysis and based on S box input |
| CN103199983A (en) * | 2013-01-31 | 2013-07-10 | 国家密码管理局商用密码检测中心 | N-order local area power model in side channel power analysis and application thereof |
| US20150373036A1 (en) * | 2014-06-24 | 2015-12-24 | Qualcomm Incorporated | Methods and Systems for Side Channel Analysis Detection and Protection |
| CN104717055A (en) * | 2015-03-25 | 2015-06-17 | 成都信息工程学院 | Template attacking method for SM4 password algorithm selective input on basis of Hamming weight |
| CN104868990A (en) * | 2015-04-15 | 2015-08-26 | 成都信息工程学院 | Template attack method in allusion to SM4 cipher algorithm round output |
| CN104811297A (en) * | 2015-04-23 | 2015-07-29 | 成都信息工程学院 | Method for modular multiplication remainder input side channel attacks aiming at M-ary implementation of RSA |
| US9268938B1 (en) * | 2015-05-22 | 2016-02-23 | Power Fingerprinting Inc. | Systems, methods, and apparatuses for intrusion detection and analytics using power characteristics such as side-channel information collection |
| CN106301758A (en) * | 2016-09-08 | 2017-01-04 | 中国科学院信息工程研究所 | Screening technique and system towards side channelization codes energy mark |
| CN107070629A (en) * | 2016-11-14 | 2017-08-18 | 成都信息工程大学 | A kind of template attack method exported for SM4 cryptographic algorithms wheel |
| CN106656459A (en) * | 2016-11-17 | 2017-05-10 | 大唐微电子技术有限公司 | Side channel energy analysis method and device for SM3-HMAC |
| CN107241324A (en) * | 2017-06-01 | 2017-10-10 | 东南大学 | Cryptochannel power consumption compensation anti-bypass attack method and circuit based on machine learning |
| CN107508678A (en) * | 2017-10-13 | 2017-12-22 | 成都信息工程大学 | The side-channel attack method of RSA masks defence algorithm based on machine learning |
Non-Patent Citations (2)
| Title |
|---|
| 刘飚: "基于机器学习的密码芯片电磁攻击技术研究", 《中国博士学位论文全文数据库(电子期刊)信息科技辑》, no. 04, pages 2 - 6 * |
| 刘飚: "基于机器学习的密码芯片电磁攻击技术研究", 中国博士学位论文全文数据库, no. 4, 15 April 2015 (2015-04-15), pages 136 - 34 * |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112787971A (en) * | 2019-11-01 | 2021-05-11 | 国民技术股份有限公司 | Construction method of side channel attack model, password attack equipment and computer storage medium |
| CN112787971B (en) * | 2019-11-01 | 2023-02-28 | 国民技术股份有限公司 | Construction method of side channel attack model, password attack equipment and computer storage medium |
| CN112883385A (en) * | 2019-11-29 | 2021-06-01 | 上海复旦微电子集团股份有限公司 | Side channel leakage position positioning method and device, storage medium and terminal |
| CN112883385B (en) * | 2019-11-29 | 2022-07-01 | 上海复旦微电子集团股份有限公司 | Side channel leakage position positioning method and device, storage medium and terminal |
| CN111565189A (en) * | 2020-04-30 | 2020-08-21 | 衡阳师范学院 | Side channel analysis method based on deep learning |
| CN111565189B (en) * | 2020-04-30 | 2022-06-14 | 衡阳师范学院 | Side channel analysis method based on deep learning |
| CN113630235A (en) * | 2021-08-06 | 2021-11-09 | 深圳技术大学 | Method and device for side channel analysis and model construction thereof |
| CN113630235B (en) * | 2021-08-06 | 2023-07-25 | 深圳技术大学 | Method and device for analyzing side channel and constructing model of side channel |
| CN116388956A (en) * | 2023-03-16 | 2023-07-04 | 中物院成都科学技术发展中心 | Side channel analysis method based on deep learning |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109995502A (en) | A kind of side Multiple Channel Analysis method and device, terminal and computer readable storage medium | |
| Choudary et al. | Efficient template attacks | |
| CN110926782A (en) | Circuit breaker fault type judgment method and device, electronic equipment and storage medium | |
| CN108564129A (en) | A kind of track data sorting technique based on generation confrontation network | |
| CN112308008B (en) | Radar radiation source individual identification method based on working mode open set of transfer learning | |
| CN109995501A (en) | A kind of side Multiple Channel Analysis method and device, terminal and computer readable storage medium | |
| CN109525384A (en) | The DPA attack method and system, terminal being fitted using neural network | |
| CN109033780A (en) | A kind of edge calculations access authentication method based on wavelet transformation and neural network | |
| CN108932535A (en) | A kind of edge calculations clone's node recognition methods based on machine learning | |
| Zhang et al. | RobustFL: Robust federated learning against poisoning attacks in industrial IoT systems | |
| Ghasemzadeh et al. | GS-QRNN: A high-efficiency automatic modulation classifier for cognitive radio IoT | |
| CN111985411A (en) | Energy trace preprocessing method based on Sinc convolution noise reduction self-encoder | |
| Peng et al. | Supervised contrastive learning for RFF identification with limited samples | |
| CN116546617A (en) | Ray tracing fingerprint positioning method and device based on non-vision scene | |
| CN115034305A (en) | Method, system and storage medium for identifying fraudulent users in a speech network using a human-in-loop neural network | |
| Chen et al. | On intersections of independent anisotropic Gaussian random fields | |
| Ren et al. | Deep RF device fingerprinting by semi-supervised learning with meta pseudo time-frequency labels | |
| CN114285545A (en) | Side channel attack method and system based on convolutional neural network | |
| CN107770813A (en) | LTE uplink interference sorting techniques based on PCA Yu two-dimentional degree of bias feature | |
| CN112883385B (en) | Side channel leakage position positioning method and device, storage medium and terminal | |
| Liao et al. | Fast Fourier Transform with Multi-head Attention for Specific Emitter Identification | |
| CN105701591A (en) | Power grid service classification method based on neural network | |
| CN107590384A (en) | A kind of Negative Selection method for abnormality detection | |
| Zhang et al. | DIBAD: A Disentangled Information Bottleneck Adversarial Defense Method using Hilbert-Schmidt Independence Criterion for Spectrum Security | |
| Kramer et al. | An adaptive penalty function with meta-modeling for constrained problems |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |