CN110299991A - The QUAD stream cipher generating means of preventing side-channel attack - Google Patents

The QUAD stream cipher generating means of preventing side-channel attack Download PDF

Info

Publication number
CN110299991A
CN110299991A CN201910448838.XA CN201910448838A CN110299991A CN 110299991 A CN110299991 A CN 110299991A CN 201910448838 A CN201910448838 A CN 201910448838A CN 110299991 A CN110299991 A CN 110299991A
Authority
CN
China
Prior art keywords
value
monomial
assigned
subscript
stream cipher
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910448838.XA
Other languages
Chinese (zh)
Other versions
CN110299991B (en
Inventor
李伟键
鹿福祥
黄娴
刘溪
李艳华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Polytechnic Normal University
Original Assignee
Guangdong Polytechnic Normal University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Polytechnic Normal University filed Critical Guangdong Polytechnic Normal University
Priority to CN201910448838.XA priority Critical patent/CN110299991B/en
Publication of CN110299991A publication Critical patent/CN110299991A/en
Application granted granted Critical
Publication of CN110299991B publication Critical patent/CN110299991B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Abstract

This application discloses a kind of QUAD stream cipher generating means of preventing side-channel attack, including mark controller, monomial generator and multiple registers under random ordering.The lower mark controller of random ordering is used to generate multiple monomial subscript values in such a way that random ordering generates monomial subscript value;Monomial generator is used for the genesis sequence according to monomial subscript value, successively calculates multiple monomials;Each register is respectively used to, and is obtained the multiple monomials for belonging to the same multivariate quadratic equation and is successively added up, generates QUAD stream cipher.The application is by upsetting the computation sequence of each monomial, and it adds up to multiple monomials, generate QUAD stream cipher, the side channel information with same key information for generating the electronic equipment of the QUAD stream cipher generating means with the preventing side-channel attack appears in different moments, to reduce the correlation of power consumption profile and key information that register storage operates, keep the safety of QUAD stream cipher higher, and then effectively resists side-channel attack.

Description

The QUAD stream cipher generating means of preventing side-channel attack
Technical field
It generates and fills this application involves the QUAD stream cipher of field of information security technology more particularly to a kind of preventing side-channel attack It sets.
Background technique
QUAD is the stream cipher of one group of provable security constructed based on System of multivariate quadratic equations in finite field.Multivariable Quadratic equation can be expressed as follows:
Q (x)=∑1≤i≤j≤nαijxixj+∑1≤i≤nβijxi
Side-channel attack (side channel attack abbreviation SCA), also known as bypass attack are a kind of for encryption electricity The side channel information of time loss, power consumption or the electromagnetic radiation of sub- equipment in the process of running etc is revealed and is set to encryption The standby method attacked.This attack method brings serious threat to encryption device.
The method of tradition reply side-channel attack, it is usually directly secondary to multiple multivariables according to same sequence in encryption Each of equation monomial is calculated, then is temporarily stored into register after the calculated result of each monomial is added up, and is generated QUAD stream cipher, and then resist side-channel attack.If but attacker is by depositing each multivariate quadratic equation corresponding registers The power consumption of storage operation is analyzed, and can be obtained key information (information of xj), and then break through cryptographic algorithm.
To solve the above problems, in the prior art, using in encryption directly according to same sequence to multiple multivariables two Each of equation of n th order n monomial is calculated, then the calculated result of each monomial it is cumulative after be temporarily stored into register to The mode of QUAD stream cipher is constructed, to resist side-channel attack.But hair when side-channel attack is resisted is being carried out using the prior art Existing, after the monomial number for having selected beginning, the calculating between each multinomial is still fixed and sequence, attacker By exhaustive initially lower target mode, it is possible to alignment polynomial computation is to obtain key information, and then password is threatened to calculate The safety of method.
Summary of the invention
The embodiment of the present application technical problem to be solved is that the QUAD stream cipher for providing a kind of preventing side-channel attack is raw At device, the higher QUAD stream cipher of safety is generated, to effectively resist side-channel attack.
To solve the above problems, the embodiment of the present application provides a kind of QUAD stream cipher generating means of preventing side-channel attack, Include:
The lower mark controller of random ordering, for extracting the multivariate quadratic equation including r multivariate quadratic equation of n variable Group, and according to the n variable, the sliding window that size is L is generated, is beated according to the circulation of the sliding window, random ordering is raw At multiple monomial subscript values (i, j, k) and export;Wherein, 1≤i≤j≤n, 1≤k≤r, L=n or L=n+1, r are even number;
Monomial generator successively obtains institute for the genesis sequence according to each monomial subscript value (i, j, k) State multiple monomials of System of multivariate quadratic equationsWherein,For plaintext, xiFor key, or,For key, xiFor In plain text;
Multiple registers, each register are respectively used to, and acquisition belongs to the more of the same multivariate quadratic equation A monomialAnd successively add up, generate QUAD stream cipher;Wherein, the multivariate quadratic equation and the register one One is corresponding.
Further, the out-of-order lower mark controller is used to be beated according to the circulation of the sliding window, and random ordering generates more A monomial subscript value (i, j, k), specifically includes:
Step S11, according to the n variable, the sliding window size L is initialized, is based on the sliding window size, Each monomial subscript is divided into multiple windows;Wherein, if n is even number, length L=n, each monomial subscript is divided into r × (n+ 1)/2 window;If n is odd number, length L=n+1, each monomial subscript is divided into r × n/2 window;
Step S12, the window number of window is preset as w=1, the inner iterative number of window is preset as l=1, at random Generate initial value LsAfterwards, monomial subscript initial value i=i is generated at randoms, j=js, k=ks, and j is assigned a value of j+Ls- 1, it executes Step S13;
Step S13, whether the j after judging assignment is greater than n;If so, thening follow the steps S14;Otherwise, step S17 is executed;
Step S14, i is assigned a value of i+1, whether the i after judging assignment is greater than n;If so, thening follow the steps S15;Otherwise, Execute step S16;
Step S15, i is assigned a value of i%n, judges whether k is less than r;If so, k is assigned a value of k+1, step S16 is executed;It is no Then, k is assigned a value of 1, executes step S16;
Step S16, j is assigned a value of j- (n-i+1), executes step S13;
Step S17, a monomial subscript value is generated, judges whether l is greater than L;If so, the multivariate quadratic equation Middle monomial subscript value generation finishes;Otherwise, when w is less than window number, w is assigned a value of w+1, after j is assigned a value of j+L, is held Row step S13;Wherein, 1≤Ls≤ L/2,1≤is≤js≤ n, 1≤ks≤r。
Further, the out-of-order lower mark controller is used to be beated according to the circulation of the sliding window, and random ordering generates more A monomial subscript value (i, j, k), further includes:
When the w in the step S17 is more than or equal to window number, step S18 is executed;
Step S18, w is assigned a value of 1, l is assigned a value of l+1, whether the l after judging assignment is odd number;If so, executing step Rapid S19;Otherwise, after j being assigned a value of j+L+L/2, step S13 is executed;
Step S19, judge LsWhether L/2 is less than;If so, j is assigned a value of j+L/2+1, by LsIt is assigned a value of LsAfter+1, hold Row step S13;Otherwise, j is assigned a value of j+1, by LsAfter being assigned a value of 1, step S13 is executed.
Further, multiple registers are respectively used to:
According to the genesis sequence of the monomial subscript value (i, j, k), obtains belong to the same quadratic equation in real time Multiple monomialsAnd successively add up, generate QUAD stream cipher.
Further, each corresponding stream cipher of the multivariate quadratic equation are as follows:
Implement the embodiment of the present application, has the following beneficial effects:
A kind of QUAD stream cipher generating means of preventing side-channel attack provided by the embodiments of the present application, including out-of-order subscript control Device, monomial generator and multiple registers processed.The lower mark controller of random ordering is used for through the out-of-order side for generating monomial subscript value Formula generates multiple monomial subscript values;Monomial generator is used for the genesis sequence according to monomial subscript value, successively calculates Multiple monomials;Each register is respectively used to, obtain belong to the same multivariate quadratic equation multiple monomials and according to It is secondary cumulative, generate QUAD stream cipher.The application carries out multiple monomials tired by upsetting the computation sequence of each monomial Add, generates QUAD stream cipher, the tool for generating the electronic equipment of the QUAD stream cipher generating means with the preventing side-channel attack There is the side channel information of same key information to appear in different moments, thus reduce register storage operation power consumption profile with The correlation of key information keeps the safety of QUAD stream cipher higher, and then effectively resists side-channel attack.
Detailed description of the invention
Fig. 1 is that the structure of the QUAD stream cipher generating means for the preventing side-channel attack that one embodiment of the application provides is shown It is intended to;
Fig. 2 is the flow diagram that mark controller random ordering generates multiple monomial subscript values under random ordering;
Fig. 3 is another flow diagram that mark controller random ordering generates multiple monomial subscript values under random ordering;
Fig. 4 is the structure of the QUAD stream cipher generating means for the preventing side-channel attack that the further embodiment of the application provides Schematic diagram.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present application, technical solutions in the embodiments of the present application carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of embodiments of the present application, instead of all the embodiments.It is based on Embodiment in the application, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall in the protection scope of this application.
It is the QUAD stream cipher generating means of the preventing side-channel attack of one embodiment offer of the application referring to Fig. 1 Structural schematic diagram.Include:
The lower mark controller 1 of random ordering, for extracting the multivariate quadratic equation including r multivariate quadratic equation of n variable Group, and according to n variable, the sliding window that size is L is generated, is beated according to the circulation of sliding window, random ordering generates multiple lists Item formula subscript value (i, j, k) simultaneously exports.
Wherein, 1≤i≤j≤n, 1≤k≤r, L=n or L=n+1, r are even number.
Preferably, the number of the out-of-order monomial subscript value (i, j, k) generated is set as rn (n+1)/2.
In the present embodiment, after out-of-order lower mark controller 1 generates each monomial subscript value (i, j, k), according to generation Subscript value output variable xi、xiAnd coefficientFor subsequent composition monomial.
Monomial generator 2 successively obtains changeable for the genesis sequence according to each monomial subscript value (i, j, k) Measure multiple monomials of quadratic equation group
Wherein,For plaintext, xiFor key, or,For key, xiFor in plain text.
In the present embodiment, the variable x that monomial generator 2 exports mark controller 1 under random orderingi、xiAnd coefficient It is exported after multiplication, to obtain monomial
Preferably, the monomial number of System of multivariate quadratic equations is set as r × n (n+1)/2.
Multiple registers 3, each register 3 are respectively used to, and obtain the multiple individual events for belonging to same multivariate quadratic equation FormulaAnd successively add up, generate QUAD stream cipher.
Wherein, multivariate quadratic equation and register 3 correspond.
In the present embodiment, the corresponding stream cipher of each multivariate quadratic equation are as follows:
Wherein, multivariate quadratic equation generates different monomial subscript initial value (i at randoms,js,ks), then according to upper It states formula to be calculated, to obtain the corresponding stream cipher of each multivariate quadratic equation.
It should be noted that calculating the System of multivariate quadratic equations with r equation in finite fieldTo realize to key, encryption of plaintext.Wherein, ifFor in plain text, then xi For key;IfFor key, then xiFor in plain text.In the present embodiment, changeable in each of calculating System of multivariate quadratic equations When measuring quadratic equation, upset each monomial in each multivariate quadratic equation at randomComputation sequence, make difference Monomial in multivariate quadratic equationComputation sequence it is different.
When calculating System of multivariate quadratic equations, the lower mark controller 1 of random ordering is out-of-order to be generated under r × n (n+1)/2 monomial The monomial subscript value of multivariate quadratic equation is re-started sequence, makes each multivariate quadratic equation by scale value (i, j, k) Monomial subscript value sequence it is different.Wherein, r × n (n+1)/2 monomial subscript value (i, j, k) covers multivariable All monomial subscript values in quadratic equation group.It is generated according to the respective monomial subscript value of System of multivariate quadratic equations suitable Sequence calculates each monomialIn one monomial of every calculating, which is added in register, cumulative After complete all monomials, the corresponding stream cipher of the multivariate quadratic equation can be obtained.R side in System of multivariate quadratic equations The calculated result difference respective stored of journey is into r register.
There is n × (n+1)/2 monomial in each multivariate quadratic equation, after monomial computation sequence is upset, attack If person wants to obtain key or cleartext information by the power consumption analysis to r register, need to consider n/2 × A (n (n+1)/ 2, n (n+1)/2)=n/2 × (n (n+1)/2)!Possibility is planted to be analyzed, to be difficult to realize the attack of opposite side channel.
It should be noted that the QUAD stream cipher generating means of preventing side-channel attack provided in an embodiment of the present invention are generally answered In ASIC integrated chip or smart card, ASIC collection is arrived in storage after key is encrypted by the algorithm of multivariate quadratic equation At in the memory of chip or smart card.Wherein, each monomial computation sequence is all different in each multivariate quadratic equation, The sequence being added in memory is not also identical, to prevent attacker from obtaining key and carrying out power consumption analysis to memory Information.
It further, referring to fig. 2, is that the process that mark controller random ordering generates multiple monomial subscript values under random ordering is shown It is intended to.In the present embodiment, the out-of-order multiple monomial subscript values of generation of out-of-order lower mark controller 1 specifically include:
Step S11, according to n variable, sliding window size L is initialized, is based on sliding window size, it will be under each monomial Mark is divided into multiple windows.
Wherein, if n is even number, length L=n, each monomial subscript is divided into r × (n+1)/2 window;If n is odd number, Then length L=n+1, each monomial subscript are divided into r × n/2 window.
Step S12, the window number of window is preset as w=1, the inner iterative number of window is preset as l=1, at random Generate initial value LsAfterwards, monomial subscript initial value i=i is generated at randoms, j=js, k=ks, and j is assigned a value of j+Ls- 1, it executes Step S13.
Step S13, whether the j after judging assignment is greater than n;If so, thening follow the steps S14;Otherwise, step S17 is executed.
Step S14, i is assigned a value of i+1, whether the i after judging assignment is greater than n;If so, thening follow the steps S15;Otherwise, Execute step S16.
Step S15, i is assigned a value of i%n, judges whether k is less than r;If so, k is assigned a value of k+1, step S16 is executed;It is no Then, k is assigned a value of 1, executes step S16.
Step S16, j is assigned a value of j- (n-i+1), executes step S13.
Step S17, a monomial subscript value is generated, judges whether l is greater than L;If so, the multivariate quadratic equation Middle monomial subscript value generation finishes;Otherwise, when w is less than window number, w is assigned a value of w+1, after j is assigned a value of j+L, is held Row step S13.
Wherein, 1≤Ls≤ L/2,1≤is≤js≤ n, 1≤ks≤r。
It further, is another process that mark controller random ordering generates multiple monomial subscript values under random ordering referring to Fig. 3 Schematic diagram.In the present embodiment, shown in Fig. 2 in addition to step, further includes:
Step S17, when w is more than or equal to window number, step S18 is executed.
Step S18, w is assigned a value of 1, l is assigned a value of l+1, whether the l after judging assignment is odd number;If so, executing step Rapid S19;Otherwise, after j being assigned a value of j+L+L/2, step S13 is executed.
Step S19, judge LsWhether L/2 is less than;If so, j is assigned a value of j+L/2+1, by LsIt is assigned a value of LsAfter+1, hold Row step S13;Otherwise, j is assigned a value of j+1, by LsAfter being assigned a value of 1, step S13 is executed.
Carry out preventing side-channel attack it should be noted that all monomials in System of multivariate quadratic equations are upset completely Effect is best.Meanwhile time and storage overhead are calculated in order to reduce, and it avoids expending a large amount of resource, it is each more using only upsetting Initial calculation in variable quadratic equation sequentially and according to sliding window recycles bounce, makes each multivariate quadratic equation never Same initial monomial starts to calculate, and circulation bounce later calculates.For example, r Polynomial equations, monomial need to be calculated Subscript generator 2 generates the initial subscript value of monomial (5,5,1) to random, random to generate initial value Ls=2, then from more than first The a of variable quadratic equation2 11x1x1Start all monomials etc. that r multivariate quadratic equation is calculated by step.This anti-side letter The QUAD stream cipher generating means of road attack hide the same operation in different multivariate quadratic equations of key, plaintext Within the different clock cycle, it can not observe to obtain by the power consumption profile feature of memory, and be simple and efficient, be conducive to Software and hardware is efficiently realized.
Further, referring to fig. 4, be the application further embodiment provide preventing side-channel attack QUAD stream cipher The flow diagram of generating means.
Including mark controller 31 under random ordering, variable of a polynomial register 32, multiplier 33, multiplier 34, adder 35, post Storage 36 and determining device 37.Wherein, the value stored in variable of a polynomial register 32 can be key, or in plain text.This The QUAD stream cipher generating means for the preventing side-channel attack that inventive embodiments provide add for realizing System of multivariate quadratic equations It is close, wherein System of multivariate quadratic equations has r multivariate quadratic equation.When calculating multivariate quadratic equation, out-of-order subscript Controller 31 generates monomial subscript value i, j and k at random, wherein the initial monomial subscript value generated at random is is、jsWith ks.The monomial subscript value that variable of a polynomial register 32 is generated according to mark controller 31 under random ordering, output variable xiAnd xj.Multiply Musical instruments used in a Buddhist or Taoist mass 33 receives variable xiAnd xjAnd it is exported after being multiplied, the value and factor alpha that multiplier 34 exports multiplier 33ijAfter multiplication Output obtains monomial, then monomial is added in register 36 by adder 35.Determining device 37 tires out in register 36 Judge whether window interior iteration number is greater than sliding window size after being designated as the monomial of (i, j, k) under having added, if it is not, then sentencing It is set to 0, storage is into register 36 after the value in register 36 is added up with next monomial;If so, it is determined as 1, it is defeated Value in register 36, as ciphertext out.
The embodiment of the present application provides a kind of QUAD stream cipher generating means of preventing side-channel attack, including the control of out-of-order subscript Device, monomial generator and multiple registers.The lower mark controller of random ordering is used in such a way that random ordering generates monomial subscript value To generate r × n (n+1)/2 monomial subscript value (i, j, k);Monomial generator be used for according to monomial subscript value (i, j, K) genesis sequence successively calculates r × n (n+1)/2 monomial ak ijxixj, make monomial in different multivariate quadratic equations Computation sequence is different;Each register is respectively used to, and obtains the multiple individual events for belonging to the same multivariate quadratic equation FormulaAnd successively add up, generate QUAD stream cipher.The application is by upsetting the computation sequence of each monomial, and to multiple Monomial adds up, and generates QUAD stream cipher, makes the electronics of the QUAD stream cipher generating means with the preventing side-channel attack The side channel information with same key information that equipment generates appears in different moments, to reduce register storage operation Power consumption profile and key information correlation, keep the safety of QUAD stream cipher higher, and then effectively resist side-channel attack.
The above is the preferred embodiment of the application, it is noted that for those skilled in the art For, under the premise of not departing from the application principle, several improvements and modifications can also be made, these improvements and modifications are also considered as The protection scope of the application.
Those of ordinary skill in the art will appreciate that realizing all or part of the process in above-described embodiment method, being can be with Relevant hardware is instructed to complete by computer program, the program can be stored in a computer-readable storage medium In, the program is when being executed, it may include such as the process of the embodiment of above-mentioned each method.Wherein, the storage medium can be magnetic Dish, CD, read-only memory (Read-Only Memory, ROM) or random access memory (Random Access Memory, RAM) etc..

Claims (5)

1. a kind of QUAD stream cipher generating means of preventing side-channel attack characterized by comprising
The lower mark controller of random ordering, for extracting the System of multivariate quadratic equations including r multivariate quadratic equation of n variable, and According to the n variable, the sliding window that size is L is generated, is beated according to the circulation of the sliding window, random ordering generates multiple Monomial subscript value (i, j, k) simultaneously exports;Wherein, 1≤i≤j≤n, 1≤k≤r, L=n or L=n+1, r are even number;
Monomial generator successively obtains described more for the genesis sequence according to each monomial subscript value (i, j, k) Multiple monomials of variable quadratic equation groupWherein,For plaintext, xiFor key, or,For key, xiFor in plain text;
Multiple registers, each register are respectively used to, and obtain the multiple lists for belonging to the same multivariate quadratic equation Item formulaAnd successively add up, generate QUAD stream cipher;Wherein, the multivariate quadratic equation and the register one are a pair of It answers.
2. the QUAD stream cipher generating means of preventing side-channel attack according to claim 1, which is characterized in that the random ordering Lower mark controller is used to be beated according to the circulation of the sliding window, and random ordering generates multiple monomial subscript values (i, j, k), specifically Include:
Step S11, according to the n variable, the sliding window size L is initialized, is based on the sliding window size, it will be each Monomial subscript is divided into multiple windows;Wherein, if n is even number, length L=n, each monomial subscript is divided into r × (n+1)/2 Window;If n is odd number, length L=n+1, each monomial subscript is divided into r × n/2 window;
Step S12, the window number of window is preset as w=1, the inner iterative number of window is preset as l=1, random to generate Initial value LsAfterwards, monomial subscript initial value i=i is generated at randoms, j=js, k=ks, and j is assigned a value of j+Ls- 1, execute step S13;
Step S13, whether the j after judging assignment is greater than n;If so, thening follow the steps S14;Otherwise, step S17 is executed;
Step S14, i is assigned a value of i+1, whether the i after judging assignment is greater than n;If so, thening follow the steps S15;Otherwise, it executes Step S16;
Step S15, i is assigned a value of i%n, judges whether k is less than r;If so, k is assigned a value of k+1, step S16 is executed;Otherwise, K is assigned a value of 1, executes step S16;
Step S16, j is assigned a value of j- (n-i+1), executes step S13;
Step S17, a monomial subscript value is generated, judges whether l is greater than L;If so, single in the multivariate quadratic equation Item formula subscript value generation finishes;Otherwise, when w is less than window number, w is assigned a value of w+1, after j is assigned a value of j+L, executes step Rapid S13;Wherein, 1≤Ls≤ L/2,1≤is≤js≤ n, 1≤ks≤r。
3. the QUAD stream cipher generating means of preventing side-channel attack according to claim 2, which is characterized in that the random ordering Lower mark controller is used to be beated according to the circulation of the sliding window, and random ordering generates multiple monomial subscript values (i, j, k), also wraps It includes:
When the w in the step S17 is more than or equal to window number, step S18 is executed;
Step S18, w is assigned a value of 1, l is assigned a value of l+1, whether the l after judging assignment is odd number;If so, thening follow the steps S19;Otherwise, after j being assigned a value of j+L+L/2, step S13 is executed;
Step S19, judge LsWhether L/2 is less than;If so, j is assigned a value of j+L/2+1, by LsIt is assigned a value of LsAfter+1, step is executed Rapid S13;Otherwise, j is assigned a value of j+1, by LsAfter being assigned a value of 1, step S13 is executed.
4. the QUAD stream cipher generating means of preventing side-channel attack according to claim 1, which is characterized in that multiple described Register is respectively used to:
According to the genesis sequence of the monomial subscript value (i, j, k), obtains belong to the multiple of the same quadratic equation in real time MonomialAnd successively add up, generate QUAD stream cipher.
5. the QUAD stream cipher generating means of preventing side-channel attack according to claim 1, which is characterized in that each described The corresponding stream cipher of multivariate quadratic equation are as follows:
CN201910448838.XA 2019-05-27 2019-05-27 QUAD stream cipher generating device for resisting side channel attack Active CN110299991B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910448838.XA CN110299991B (en) 2019-05-27 2019-05-27 QUAD stream cipher generating device for resisting side channel attack

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910448838.XA CN110299991B (en) 2019-05-27 2019-05-27 QUAD stream cipher generating device for resisting side channel attack

Publications (2)

Publication Number Publication Date
CN110299991A true CN110299991A (en) 2019-10-01
CN110299991B CN110299991B (en) 2022-01-11

Family

ID=68027324

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910448838.XA Active CN110299991B (en) 2019-05-27 2019-05-27 QUAD stream cipher generating device for resisting side channel attack

Country Status (1)

Country Link
CN (1) CN110299991B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6862354B1 (en) * 2000-09-29 2005-03-01 Cisco Technology, Inc. Stream cipher encryption method and apparatus that can efficiently seek to arbitrary locations in a key stream
US20150082434A1 (en) * 2012-03-07 2015-03-19 The Trustees Of Columbia University In The City Of New York Systems and methods to counter side channels attacks
CN105681033A (en) * 2016-01-26 2016-06-15 广东技术师范学院 Out-of-order encryption device for multivariable quadratic equation
US20190042799A1 (en) * 2018-06-29 2019-02-07 Intel Corporation Memory tagging for side-channel defense, memory safety, and sandboxing

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6862354B1 (en) * 2000-09-29 2005-03-01 Cisco Technology, Inc. Stream cipher encryption method and apparatus that can efficiently seek to arbitrary locations in a key stream
US20150082434A1 (en) * 2012-03-07 2015-03-19 The Trustees Of Columbia University In The City Of New York Systems and methods to counter side channels attacks
CN105681033A (en) * 2016-01-26 2016-06-15 广东技术师范学院 Out-of-order encryption device for multivariable quadratic equation
US20190042799A1 (en) * 2018-06-29 2019-02-07 Intel Corporation Memory tagging for side-channel defense, memory safety, and sandboxing

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
J. LONGO: ""SoC it to EM: electromagnetic side-channel attacks on a complex system-on-chip"", 《INTERNATIONAL WORKSHOP ON CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS》 *
朱霞: ""线程级并行的硬件技术研究"", 《中国博士学位论文全文数据库》 *
李伟键: ""KLEIN和QUAD的侧信道攻击与防护研究"", 《中国博士学位论文全文数据库》 *

Also Published As

Publication number Publication date
CN110299991B (en) 2022-01-11

Similar Documents

Publication Publication Date Title
Ors et al. Power-analysis attack on an ASIC AES implementation
Nikova et al. Threshold implementations against side-channel attacks and glitches
CN105681033B (en) A kind of out-of-order encryption device of multivariate quadratic equation
EP1891512B1 (en) Determination of a modular inverse
CN108604981B (en) Method and apparatus for estimating secret value
Komano et al. BS-CPA: Built-in determined sub-key correlation power analysis
CN107508678A (en) The side-channel attack method of RSA masks defence algorithm based on machine learning
Kamoun et al. Experimental Implementation of 2ODPA attacks on AES design with flash-based FPGA Technology
CN110299992A (en) The Encryption and device of multivariate quadratic equation based on sliding window
CN105610571B (en) A kind of Encryption of multivariate quadratic equation
CN110299991A (en) The QUAD stream cipher generating means of preventing side-channel attack
CN108737073A (en) The method and apparatus that power analysis is resisted in block encryption operation
CN104811295A (en) Side channel energy analysis method for ZUC cryptographic algorithm with mask protection
CN104717060A (en) Method for attacking elliptical curve encryption algorithm and attacking device
Lemke-Rust et al. Analyzing side channel leakage of masked implementations with stochastic methods
CN110299990A (en) In conjunction with out-of-order and mask QUAD stream cipher generating means
CN105743644B (en) A kind of mask encryption device of multivariate quadratic equation
Zhang On the exact relationship between the success rate of template attack and different parameters
CN110299986A (en) Multivariate quadratic equation encryption method and device based on RSA random ordering
Yu et al. The research of DPA attacks against AES implementations
CN105721150B (en) A kind of mask encryption method of multivariate quadratic equation
Chen et al. Slicing up a perfect hardware masking scheme
CN110299988A (en) The detection method and detection device of lightweight block cipher anti-attack ability
Jiang et al. Profiling Attack on Modular Multiplication of Elliptic Curve Cryptography
Frunzete et al. Dynamical discrete-time rössler map with variable delay

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant