CN114785478A - Side channel correlation energy analysis method and system applied to polynomial hardware multiplication - Google Patents
Side channel correlation energy analysis method and system applied to polynomial hardware multiplication Download PDFInfo
- Publication number
- CN114785478A CN114785478A CN202210321368.2A CN202210321368A CN114785478A CN 114785478 A CN114785478 A CN 114785478A CN 202210321368 A CN202210321368 A CN 202210321368A CN 114785478 A CN114785478 A CN 114785478A
- Authority
- CN
- China
- Prior art keywords
- trace
- energy
- energy trace
- sub
- private key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000004458 analytical method Methods 0.000 title claims abstract description 57
- 239000013598 vector Substances 0.000 claims abstract description 49
- 238000000034 method Methods 0.000 claims abstract description 19
- 238000013507 mapping Methods 0.000 claims abstract description 12
- 238000012545 processing Methods 0.000 claims abstract description 9
- 238000004364 calculation method Methods 0.000 claims description 13
- 230000008569 process Effects 0.000 claims description 12
- 230000000694 effects Effects 0.000 abstract description 12
- 238000011156 evaluation Methods 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 6
- 238000005070 sampling Methods 0.000 description 6
- 238000013461 design Methods 0.000 description 3
- 238000005265 energy consumption Methods 0.000 description 3
- 239000011159 matrix material Substances 0.000 description 3
- 230000008859 change Effects 0.000 description 2
- 238000010276 construction Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000011084 recovery Methods 0.000 description 2
- 230000001052 transient effect Effects 0.000 description 2
- 230000007704 transition Effects 0.000 description 2
- 230000000996 additive effect Effects 0.000 description 1
- FFBHFFJDDLITSX-UHFFFAOYSA-N benzyl N-[2-hydroxy-4-(3-oxomorpholin-4-yl)phenyl]carbamate Chemical compound OC1=C(NC(=O)OCC2=CC=CC=C2)C=CC(=C1)N1CCOCC1=O FFBHFFJDDLITSX-UHFFFAOYSA-N 0.000 description 1
- 229910002056 binary alloy Inorganic materials 0.000 description 1
- 238000012512 characterization method Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000001186 cumulative effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000012938 design process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000007781 pre-processing Methods 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/36—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols with means for detecting characters not meant for transmission
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Complex Calculations (AREA)
Abstract
The invention provides a side channel correlation energy analysis method and a side channel correlation energy analysis system applied to polynomial hardware multiplication, wherein the method comprises the steps of obtaining all possible values of a sub private key to be attacked; multiplying all possible values of the sub-private keys with the polynomial vectors of the public key respectively to obtain hypothesis product vectors; respectively processing each hypothesis product vector by adopting an attack function to obtain a hypothesis intermediate value trace; mapping the hypothetical intermediate value trace into a hypothetical energy trace by adopting a Hamming distance model; acquiring an actually measured energy trace; calculating a correlation coefficient between the assumed energy trace and the measured energy trace; obtaining the maximum value of the correlation coefficient; and determining the sub-private key value corresponding to the maximum value of the correlation coefficient as the best candidate sub-private key value. The invention has less requirement on the number of the actually measured energy traces for analysis, can achieve the attack effect by only using one energy trace for analysis, can implement the attack without accurately positioning the actually measured energy trace, and provides an evaluation means for detecting the safety and the reliability of the password equipment.
Description
Technical Field
The invention belongs to the technical field of side channel analysis, and particularly relates to a side channel correlation energy analysis method and system applied to polynomial hardware multiplication.
Background
The lattice-based post-quantum cryptography scheme is constructed by relying on the difficult problems in lattices, and has strong quantum attack security because no effective quantum algorithm is available at present to solve the difficult problems in the lattices. Although most cryptosystems in the industry are theoretically secure, the specific implementation of the cryptosystem on an embedded device can often be attacked by analyzing the energy consumption of a specific operation to recover a key. This type of attack is known as a side channel attack. Typical side channel analysis methods include simple energy analysis, differential energy analysis, and correlation energy analysis.
Under the actual application environment of the cryptographic chip, the effect of directly and visually observing the key cannot be achieved by applying simple energy analysis due to the influence of unpredictable factors such as noise, burrs and the like. The requirement of the correlation energy analysis on the number of energy traces is less than that of the differential energy analysis, and the attack capability is stronger. The correlation energy analysis attacks by calculating the correlation degree of the actually collected energy trace and the assumed energy trace of an attacker, and the core idea is to compare the correlation by calculating the Pearson correlation coefficient.
The classical correlation energy analysis, namely the vertical correlation energy analysis, analyzes the correlation between the same point in a plurality of energy traces and intermediate values correspondingly generated by different inputs by changing the plaintext input, and realizes the effect of recovering the key. The horizontal correlation energy analysis fully utilizes an intermediate value generated by the same operation for multiple times on a single energy trace, analyzes the correlation between the single energy trace and an assumed energy trace to realize the effect of recovering the key, and can see that the utilization rate of the point on the single energy trace by the horizontal correlation energy analysis is higher than that of the vertical correlation energy analysis. For the transient key scheme, only a small number of actually measured energy traces can be obtained, so that the attack effect of horizontal correlation energy analysis is more effective than that of vertical correlation energy analysis, but the horizontal correlation energy analysis needs to know exact attack points in advance for alignment, an accurate positioning technology is needed for support, and the technical difficulty is undoubtedly increased.
Disclosure of Invention
Aiming at the defects in the prior art, the invention provides a side channel correlation energy analysis method and system applied to polynomial hardware multiplication.
In a first aspect, the present invention provides a side channel correlation energy analysis method applied to polynomial hardware multiplication, including:
acquiring all possible values of the sub private key to be attacked; wherein, a sub-private key corresponds to a coefficient in the private key polynomial vector;
multiplying all possible values of the sub-private keys with the public key polynomial vectors respectively to obtain hypothesis product vectors;
adopting an attack function to process each hypothesis product vector respectively to obtain a hypothesis intermediate value trace;
mapping the hypothetical intermediate value trace into a hypothetical energy trace by adopting a Hamming distance model;
acquiring an actually measured energy trace;
calculating a correlation coefficient between the assumed energy trace and the measured energy trace;
obtaining the maximum value of the correlation coefficient;
and determining the sub-private key value corresponding to the maximum value of the correlation coefficient as the best candidate sub-private key value.
Further, the acquiring a measured energy trace includes:
a resistor is connected in series with a chip power supply branch of the FPGA board, the current of the chip in the operation process generates voltage drop at two ends of the resistor, and the voltage drop generated at two ends of the resistor is collected by using an oscilloscope so as to obtain an actually measured energy trace; the hardware burned on the FPGA board is designed into a lattice cryptosystem adopting a schoolboot polynomial multiplication algorithm.
Further, the calculating a correlation coefficient between the assumed energy trace and the measured energy trace includes:
calculating a correlation coefficient between the assumed energy trace and the measured energy trace according to the following formula:
wherein rho is a correlation coefficient between the assumed energy trace and the measured energy trace; cov () is covariance; var () is the variance; x is a hypothetical energy trace; and Y is the measured energy trace after treatment.
In a second aspect, the present invention provides a side channel correlation energy analysis system applied to polynomial hardware multiplication, including:
the first acquisition module is used for acquiring all possible values of the sub private key to be attacked; wherein, a sub-private key corresponds to a coefficient in the private key polynomial vector;
the vector product module is used for multiplying all possible values of the sub-private keys with the public key polynomial vector respectively to obtain a hypothesis product vector;
the vector processing module is used for respectively processing each hypothesis product vector by adopting an attack function to obtain a hypothesis intermediate value trace;
the mapping module is used for mapping the hypothesis intermediate value trace into a hypothesis energy trace by adopting a Hamming distance model;
the second acquisition module is used for acquiring the actually measured energy trace;
the calculation module is used for calculating a correlation coefficient between the hypothesis energy trace and the actually measured energy trace;
the third acquisition module is used for acquiring the maximum value of the correlation coefficient;
and the determining module is used for determining the sub-private key value corresponding to the maximum value of the correlation coefficient as the best candidate sub-private key value.
Further, the calculation module includes:
a calculating unit, configured to calculate a correlation coefficient between the assumed energy trace and the measured energy trace according to the following formula:
wherein rho is a correlation coefficient between the assumed energy trace and the actually measured energy trace; cov () is covariance; var () is the variance; x is a hypothetical energy trace; and Y is the processed measured energy trace.
The invention provides a side channel correlation energy analysis method and a side channel correlation energy analysis system applied to polynomial hardware multiplication, wherein the method comprises the steps of obtaining all possible values of a sub private key to be attacked; wherein, a sub-private key corresponds to a coefficient in the private key polynomial vector; multiplying all possible values of the sub-private keys with the public key polynomial vectors respectively to obtain hypothesis product vectors; adopting an attack function to process each hypothesis product vector respectively to obtain a hypothesis intermediate value trace; mapping the assumed intermediate value trace into an assumed energy trace by adopting a Hamming distance model; acquiring an actually measured energy trace; calculating a correlation coefficient between the assumed energy trace and the measured energy trace; obtaining the maximum value of the correlation coefficient; and determining the sub-private key value corresponding to the maximum value of the correlation coefficient as the best candidate sub-private key value. By adopting the scheme, the invention has less requirement on the number of the actually measured energy traces for analysis, can achieve the attack effect by only using one energy trace for analysis, can implement the attack without accurately positioning the actually measured energy traces, and provides an evaluation means for detecting the safety and reliability of the password equipment.
Drawings
In order to more clearly illustrate the technical solution of the present invention, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious to those skilled in the art that other drawings can be obtained based on these drawings without creative efforts.
Fig. 1 is a schematic structural diagram of a side channel correlation energy analysis method applied to polynomial hardware multiplication according to an embodiment of the present invention;
fig. 2 is a flowchart of a side channel correlation energy analysis method applied to polynomial hardware multiplication according to an embodiment of the present invention;
fig. 3 is a schematic diagram of a modular multiplication circuit according to an embodiment of the present invention;
FIG. 4 is a diagram of an acquired measured energy trace provided by an embodiment of the present invention
FIG. 5 is a diagram of attack results provided by an embodiment of the present invention;
FIG. 6 is a graph of the accuracy assessment results of a single energy trace provided by an embodiment of the present invention;
FIG. 7 is a graph illustrating the accuracy of the combined analysis of multiple energy traces according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of a side channel correlation energy analysis system applied to polynomial hardware multiplication according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be described clearly and completely with reference to the accompanying drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As described in the background art, the classical correlation energy analysis, i.e. the vertical correlation energy analysis, analyzes the correlation between the same point in a plurality of energy traces and the intermediate value generated corresponding to different inputs by changing the plaintext input, and achieves the effect of recovering the key. The horizontal correlation energy analysis fully utilizes an intermediate value generated by the same operation for multiple times on a single energy trace, analyzes the correlation between the horizontal correlation energy analysis and the assumed energy trace to realize the effect of recovering the key, and can see that the utilization rate of the horizontal correlation energy analysis on a point on the single energy trace is higher than that of the vertical correlation energy analysis. For the transient key scheme, only a few measured energy traces can be obtained, so that the attack effect of the horizontal correlation energy analysis is more effective than that of the vertical correlation energy analysis, but the horizontal correlation energy analysis needs to know an exact attack point in advance for alignment, an accurate positioning technology is required to be used as a support, and the technical difficulty is undoubtedly increased.
Therefore, in order to solve the above problems, an embodiment of the present invention provides a side channel correlation energy analysis method applied to polynomial hardware multiplication, as shown in fig. 1, and fig. 1 is a schematic structural diagram of the side channel correlation energy analysis method applied to polynomial hardware multiplication provided in the present invention.
Specifically, as shown in fig. 2, the method includes:
step S101, all possible values of the sub private key to be attacked are obtained; wherein one sub-private key corresponds to one coefficient in the private key polynomial vector.
By attacking one sub-private key at a time, all coefficients in the private key polynomial vector can be recovered one by one. Compared with the mode of simultaneously attacking a plurality of sub-private keys, the attack mode strips the influence among the values of the sub-private keys, the sub-private keys can be recovered one by one only by repeatedly executing a whole set of attack steps, and the operation implementation difficulty is lower.
Since the polynomial vector of the private key of the R-LWE lattice cryptosystem attacked by the embodiment is generated by the cumulative distribution gaussian sampler, each sub-private key has 63 possible values, so that a 63-dimensional column vector consisting of all assumed values can be obtained in this step. If a simple energy analysis (SPA) vulnerability exists in the design of the R-LWE lattice cryptosystem, the assumed value number of the sub-private keys can be further reduced.
Step S102, all possible values of the sub-private keys are multiplied by the public key polynomial vectors respectively to obtain hypothesis product vectors.
The public key polynomial vector can be easily obtained from a communication channel by using the public key encryption scheme. Multiplying all possible values of the sub-private keys by the public key polynomial vector respectively can be understood as multiplying a column vector by a row vector to obtain a matrix, and dividing the matrix by rows, so that each row vector obtained corresponds to a hypothetical product vector
And step S103, processing each hypothesis product vector by adopting an attack function to obtain a hypothesis intermediate value trace.
As shown in fig. 3, a and b are two inputs with 13 bits of bit width, and are multiplied by a multiplier to obtain a product value x with 26 bits of bit width, followed by a modulo reduction operation x% q, where the modulo value q is a prime number 7681, and this calculation process is simplified by a shift operation method:
1、t←(x>>13)+(x>>17)+(x>>21);
2、tq←(t<<13)-(t<<9)+t;
3、r←x-tq。
and (3) symbolic annotation: ">" is the right shift operation, "< <" is the left shift operation, and "←" is the valuation operation.
In FIG. 3, x 25:13, x 25:17, and x 25:21 refer to the bit-taking operation of x 25:0, and the three numbers are added in the adder to complete the calculation of the above process 1; the value t is stored through a primary register; then, t is calculated, and the value of t left shift by 13 bits is subtracted by the value of t left shift by 9 bits and the value of t is added to complete the calculation of the process 2; then the value tq is stored in a first-level register; because of the influence of two stages of registers of t and tq, the x needs to be directly stored by two stages of registers, and then subtracted from the tq value to complete the calculation of the process 3, and then stored as a value r by a first stage of register; the value r obtained at this time is only approximate remainder, and the three processing processes are the same and are selected between r and (r-q), the selection standard is to compare the sizes of r and q, when r is smaller than q, q is selected, when r is larger than q, r-q is selected, and the finally obtained result r is within the modulus q.
The attack function is the intermediate value combination [ x, t, tq, r ] in the process of obtaining r from x.
The construction method of the attack function is determined by the design structure of the hardware circuit. The registers in the circuit pipeline structure store intermediate value operation data, and the attack function reflects the change condition of intermediate value data by combining the change modes of key data in the registers. The specific construction method can be as simple as designing only by using an input register or designing only by using an output register, but the attack effect of the attack function designed in such a way is certainly not good, the finer the attack function is depicted, the better the attack effect is, but the design process is certainly more complex if the attack function is depicted more finely.
And step S104, mapping the hypothetical intermediate value trace into a hypothetical energy trace by adopting a Hamming distance model.
The hamming distance model refers to the total number of 0 → 1 and 1 → 0 transitions that occur during a transition of a binary number to another binary number. The Hamming distance between two numbers x and y is represented by HD (x, y), the two numbers are subjected to XOR operation under binary system, then the number of 1 in the XOR result is counted, and the obtained number is the Hamming distance value. The hamming weight model processing is not used because hamming weight models are more suitable for software implemented cryptosystems, whereas hamming distance models are more effective for hardware implemented cryptosystems. The attack function and the Hamming distance model are in one-to-one mapping relation, so that the structure of a matrix formed by the hypothesis product vectors cannot be changed.
And step S105, acquiring the actually measured energy trace.
The R-LWE hardware design attacked by the embodiment runs on a Xilinx Spartan-6(XC6SLX9) FPGA board, and the clock frequency is 50 MHz. A resistor is connected in series with a chip power supply branch of the FPGA board, the current of the chip in the operation process can generate voltage drop at two ends of the resistor, and the voltage drop generated at two ends of the resistor is collected by using an oscilloscope to reflect the real-time energy consumption condition of the chip. The model of the oscilloscope used for acquisition is Pico 3206D, two channels can be used simultaneously to acquire at intervals of 2ns (500MS/s), one channel is set to be in a trigger state and used for triggering the oscilloscope to start recording data, and the other channel is used for recording energy consumption during chip operation. Fig. 3 shows a measured energy trace of a private key block that is collected by us, and the starting point of the measured energy trace does not need to be aligned by using our attack method.
The processing method of the measured energy trace is determined by the sampling frequency of the oscilloscope and the clock frequency of the chip on the board, and sampling points are taken at intervals on the measured energy trace according to the multiple relation of the oscilloscope and the chip on the board to construct the energy trace for correlation calculation. In the experimental environment of this embodiment, there are 10 sampling points in each clock cycle, so we take 1 data point every 10 sampling points, and take N times in total to construct an energy trace for correlation calculation. The specific total number of the data points is determined by the dimension of the assumed product vector, and since the modular multiplication circuit has a pipeline structure, the beginning of the sub private key block is crosslinked with the previous sub private key block, so that the energy trace for correlation calculation is not constructed for N times, but is reduced. The hardware burned on the FPGA board is designed into a lattice cryptosystem adopting a schoolboost polynomial multiplication algorithm.
And step S106, calculating a correlation coefficient between the assumed energy trace and the measured energy trace.
Calculating a correlation coefficient between the assumed energy trace and the measured energy trace according to the following formula:
wherein rho is a correlation coefficient between the assumed energy trace and the actually measured energy trace; cov () is covariance; var () is the variance; x is a hypothetical energy trace; and Y is the measured energy trace after treatment.
In step S107, the maximum value of the correlation coefficient is acquired.
Step S108, determining the sub-private key value corresponding to the maximum value of the correlation coefficient as the best candidate sub-private key value.
The initial sampling point for constructing the energy trace is not fixed and traverses the whole sub private key energy trace, so that the correlation coefficient needs to be calculated point by point in a sliding manner. And drawing the correlation coefficient curve according to the sequence number of the calibrated initial sampling point. Therefore, if a point is the point with the largest value in the entire correlation curve, it represents that the point is aligned with the start point of the measured energy trace, and the assumed child private key value to which the point belongs is the best candidate child private key value.
In addition, a low-pass filter is used for preprocessing the actually measured energy trace so as to reduce high-frequency noise components in the actually measured energy trace and further improve the attack accuracy.
The results of the attack on the energy trace of fig. 4 are shown in fig. 5, where the light curves represent the additive effect of the correlation curves of all the incorrectly hypothesized sub-private keys and the dark curves represent the correlation curves of the correctly hypothesized sub-private keys. The lower graph of fig. 5 is a partial enlarged view of the upper graph, and it can be seen that the peak of the dark curve is higher than the light curve, which indicates that the attack successfully recovered the private key at that point. The child private keys can be recovered one by repeatedly performing all attack steps.
5000 energy traces are collected for evaluating the accuracy of the analysis method on a single energy trace, the attack result is shown in figure 6, the horizontal axis represents the serial number of the sub private key, the vertical axis represents the accuracy of successful recovery, and the result shows that the average accuracy of successful recovery of any sub private key is 99.90%. However, the value of the individual sub-private key causes that a plurality of registers in the circuit structure are always 0 in the round of calculation, so that the characterization effect of the attack function is greatly reduced, the accuracy of successfully recovering the individual sub-private key is obviously lower than that of other sub-private keys, and finally, all the sub-private keys are successfully recovered, namely, the accuracy of successfully recovering the polynomial vector of the whole private key is reduced to 76.41%.
In addition, the accuracy of the combined analysis of the multiple energy traces is also tested, and as a result, as shown in fig. 7, it can be seen that the accuracy of the combined analysis using two energy traces can reach 98.08%, and the accuracy of the combined analysis using five energy traces can reach 100%.
As shown in fig. 8, an embodiment of the present invention provides a side channel correlation energy analysis system applied to polynomial hardware multiplication, including:
the first obtaining module 10 is configured to obtain all possible values of the sub-private key to be attacked; wherein one sub-private key corresponds to one coefficient in the private key polynomial vector.
And a vector product module 20, configured to multiply all possible values of the sub-private keys with the public key polynomial vector, respectively, to obtain hypothesis product vectors.
And a vector processing module 30, configured to process each hypothesis product vector separately by using an attack function to obtain a hypothesis intermediate trace.
And a mapping module 40 for mapping the hypothetical intermediate traces to hypothetical energy traces using a hamming distance model.
And a second obtaining module 50, configured to obtain the measured energy trace.
And a calculating module 60 for calculating a correlation coefficient between the assumed energy trace and the measured energy trace.
And a third obtaining module 70, configured to obtain a maximum value of the correlation coefficient.
And a determining module 80, configured to determine that the child private key value corresponding to the maximum value of the correlation coefficient is the best candidate child private key value.
Optionally, the calculation module includes:
a calculating unit, configured to calculate a correlation coefficient between the assumed energy trace and the measured energy trace according to the following formula:
wherein rho is a correlation coefficient between the assumed energy trace and the measured energy trace; cov () is covariance; var () is the variance; x is a hypothetical energy trace; and Y is the processed measured energy trace.
The same and similar parts in the various embodiments in this specification may be referred to each other. In particular, as for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and reference may be made to the description in the method embodiment for relevant points.
The invention has been described in detail with reference to specific embodiments and illustrative examples, but the description is not intended to limit the invention. Those skilled in the art will appreciate that various equivalent substitutions, modifications or improvements may be made to the technical solution of the present invention and its embodiments without departing from the spirit and scope of the present invention, which fall within the scope of the present invention. The scope of the invention is defined by the appended claims.
Claims (5)
1. A side channel correlation energy analysis method applied to polynomial hardware multiplication is characterized by comprising the following steps:
acquiring all possible values of the sub private key to be attacked; wherein, a sub-private key corresponds to a coefficient in the private key polynomial vector;
multiplying all possible values of the sub-private keys with the polynomial vectors of the public key respectively to obtain hypothesis product vectors;
adopting an attack function to process each hypothesis product vector respectively to obtain a hypothesis intermediate value trace;
mapping the assumed intermediate value trace into an assumed energy trace by adopting a Hamming distance model;
acquiring an actually measured energy trace;
calculating a correlation coefficient between the assumed energy trace and the measured energy trace;
obtaining the maximum value of the correlation coefficient;
and determining the sub-private key value corresponding to the maximum value of the correlation coefficient as the best candidate sub-private key value.
2. The side-channel correlation energy analysis method of claim 1, wherein the obtaining a measured energy trace comprises:
a resistor is connected in series with a chip power supply branch of the FPGA board, the current of the chip in the operation process generates voltage drop at two ends of the resistor, and the voltage drop generated at two ends of the resistor is collected by using an oscilloscope to obtain an actually measured energy trace; the hardware burned on the FPGA board is designed into a lattice cryptosystem adopting a schoolboot polynomial multiplication algorithm.
3. The side-channel correlation energy analysis method of claim 1, wherein the calculating a correlation coefficient between the assumed energy trace and the measured energy trace comprises:
calculating a correlation coefficient between the assumed energy trace and the measured energy trace according to the following formula:
wherein rho is a correlation coefficient between the assumed energy trace and the actually measured energy trace; cov () is covariance; var () is the variance; x is a hypothetical energy trace; and Y is the processed measured energy trace.
4. A side-channel correlation energy analysis system for polynomial hardware multiplication, comprising:
the first acquisition module is used for acquiring all possible values of the sub private key to be attacked; wherein, a sub-private key corresponds to a coefficient in the private key polynomial vector;
the vector product module is used for multiplying all possible values of the sub-private keys with the public key polynomial vector respectively to obtain a hypothesis product vector;
the vector processing module is used for respectively processing each hypothesis product vector by adopting an attack function to obtain a hypothesis intermediate value trace;
the mapping module is used for mapping the hypothesis intermediate value trace into a hypothesis energy trace by adopting a Hamming distance model;
the second acquisition module is used for acquiring the actually measured energy trace;
the calculation module is used for calculating a correlation coefficient between the hypothesis energy trace and the actually measured energy trace;
the third acquisition module is used for acquiring the maximum value of the correlation coefficient;
and the determining module is used for determining the sub-private key value corresponding to the maximum value of the correlation coefficient as the best candidate sub-private key value.
5. The side-channel correlation energy analysis system of claim 4, wherein the calculation module comprises:
a calculating unit, configured to calculate a correlation coefficient between the assumed energy trace and the measured energy trace according to the following formula:
wherein rho is a correlation coefficient between the assumed energy trace and the actually measured energy trace; cov () is covariance; var () is the variance; x is a hypothetical energy trace; and Y is the processed measured energy trace.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210321368.2A CN114785478B (en) | 2022-03-30 | Side channel correlation energy analysis method and system applied to polynomial hardware multiplication |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210321368.2A CN114785478B (en) | 2022-03-30 | Side channel correlation energy analysis method and system applied to polynomial hardware multiplication |
Publications (2)
Publication Number | Publication Date |
---|---|
CN114785478A true CN114785478A (en) | 2022-07-22 |
CN114785478B CN114785478B (en) | 2024-07-09 |
Family
ID=
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115051787A (en) * | 2022-08-11 | 2022-09-13 | 紫光同芯微电子有限公司 | Side channel data alignment method and device |
CN115412360A (en) * | 2022-09-02 | 2022-11-29 | 南京航空航天大学 | Side channel correlation energy analysis method and system applied to ring polynomial multiplier |
CN115801264A (en) * | 2022-10-12 | 2023-03-14 | 中国电子科技集团公司第三十研究所 | Physical attack method, medium, equipment and system for elliptic curve digital signature |
CN117560135A (en) * | 2023-11-14 | 2024-02-13 | 北京智芯微电子科技有限公司 | Method, system, device and storage medium for detecting capability of resisting energy analysis attack |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103166752A (en) * | 2013-01-25 | 2013-06-19 | 国家密码管理局商用密码检测中心 | Application for choosing wheel function to perform SM4 cryptographic algorithm side channel energy analysis on attack object |
CN104811295A (en) * | 2015-05-05 | 2015-07-29 | 国家密码管理局商用密码检测中心 | Side channel energy analysis method for ZUC cryptographic algorithm with mask protection |
CN104836666A (en) * | 2015-04-20 | 2015-08-12 | 成都信息工程学院 | Power analysis attack method for SM2 decryption algorithm |
US20200153618A1 (en) * | 2017-05-10 | 2020-05-14 | Koninklijke Philips N.V. | Key agreement devices and method |
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103166752A (en) * | 2013-01-25 | 2013-06-19 | 国家密码管理局商用密码检测中心 | Application for choosing wheel function to perform SM4 cryptographic algorithm side channel energy analysis on attack object |
CN104836666A (en) * | 2015-04-20 | 2015-08-12 | 成都信息工程学院 | Power analysis attack method for SM2 decryption algorithm |
CN104811295A (en) * | 2015-05-05 | 2015-07-29 | 国家密码管理局商用密码检测中心 | Side channel energy analysis method for ZUC cryptographic algorithm with mask protection |
US20200153618A1 (en) * | 2017-05-10 | 2020-05-14 | Koninklijke Philips N.V. | Key agreement devices and method |
Non-Patent Citations (2)
Title |
---|
KRITHIKA DHANANJAY等: "Charge Based Power Side-Channel Attack Methodology for an Adiabatic Cipher", 《ELECTRONICS》, vol. 10, no. 12, 15 June 2021 (2021-06-15) * |
吴伟彬等: "后量子密码算法的侧信道攻击与防御综述", 《软件学报》, vol. 32, no. 4, 22 January 2021 (2021-01-22) * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115051787A (en) * | 2022-08-11 | 2022-09-13 | 紫光同芯微电子有限公司 | Side channel data alignment method and device |
CN115412360A (en) * | 2022-09-02 | 2022-11-29 | 南京航空航天大学 | Side channel correlation energy analysis method and system applied to ring polynomial multiplier |
CN115801264A (en) * | 2022-10-12 | 2023-03-14 | 中国电子科技集团公司第三十研究所 | Physical attack method, medium, equipment and system for elliptic curve digital signature |
CN117560135A (en) * | 2023-11-14 | 2024-02-13 | 北京智芯微电子科技有限公司 | Method, system, device and storage medium for detecting capability of resisting energy analysis attack |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Fei et al. | A statistical model for DPA with novel algorithmic confusion analysis | |
Agrawal et al. | Trojan detection using IC fingerprinting | |
Kocher et al. | Differential power analysis | |
De Mulder et al. | Electromagnetic analysis attack on an FPGA implementation of an elliptic curve cryptosystem | |
Xu et al. | Hybrid side-channel/machine-learning attacks on PUFs: A new threat? | |
Rivain | On the exact success rate of side channel analysis in the gaussian model | |
Medwed et al. | Template attacks on ECDSA | |
EP3179668B1 (en) | Methods and devices for estimating secret values | |
CN104836666A (en) | Power analysis attack method for SM2 decryption algorithm | |
CN104796250B (en) | The side-channel attack method realized for rsa cryptosystem algorithm M-ary | |
Homma et al. | Comparative power analysis of modular exponentiation algorithms | |
WO2016083864A1 (en) | Methods for recovering secret data of a cryptographic device and for evaluating the security of such a device | |
Cai et al. | An energy trace compression method for differential power analysis attack | |
Cabrera Aldaya et al. | Side‐channel analysis of the modular inversion step in the RSA key generation algorithm | |
US20220414227A1 (en) | Side-channel attack on hmac-sha-2 and associated testing | |
Hanley et al. | Unknown plaintext template attacks | |
Jayasena et al. | TVLA*: Test vector leakage assessment on hardware implementations of asymmetric cryptography algorithms | |
Li et al. | Revisit fault sensitivity analysis on WDDL-AES | |
CN114785478B (en) | Side channel correlation energy analysis method and system applied to polynomial hardware multiplication | |
CN114785478A (en) | Side channel correlation energy analysis method and system applied to polynomial hardware multiplication | |
CN115412360A (en) | Side channel correlation energy analysis method and system applied to ring polynomial multiplier | |
Heuser et al. | How a symmetry metric assists side-channel evaluation-a novel model verification method for power analysis | |
Lemke-Rust et al. | Analyzing side channel leakage of masked implementations with stochastic methods | |
Paulsrud | A side channel attack on a higher-order masked software implementation of saber | |
Li et al. | Clockwise Collision Analysis--Overlooked Side-Channel Leakage Inside Your Measurements |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant |