JP2006054568A - Encryption apparatus, decryption apparatus and method, and computer program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an encryption apparatus or the like with a configuration of enhanced power analysis difficulty of a shared key block encryption, comprising a plurality of stages of round functions. <P>SOLUTION: The encryption apparatus with the configuration of performing the shared key block encryption, comprising a plurality of stages of the round functions includes a regular round function section for receiving conversion data for generating an encryption text or a decryption text; and a dummy round function section, located on in a first stage of the regular round function section or the latter stage and for receiving dummy data to perform dummy arithmetic operations, and the dummy round function arithmetic operation is performed in at least the first stage or the latter stage of an arithmetic performance step of the regular round function section. Through such a configuration, even if an attacker for performing power analysis analyzes the power at performance of each round function, since the distinguishing of the dummy round function from the regular round function becomes difficult, the encryption processing with the enhanced difficulty and attack immunity of the power analysis can be realized. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to an encryption device, a decryption device, a method, and a computer program. More specifically, the present invention relates to an encryption device, a decryption device, a method, and a computer program that realize cryptographic processing with high resistance to cryptographic analysis based on power analysis in an arithmetic circuit such as an IC module that executes cryptographic processing.

  In recent years, with the development of network communication and electronic commerce, ensuring security in communication has become an important issue. One method of ensuring security is encryption technology, and currently, communication using various encryption methods is actually performed.

  For example, an encryption processing module is embedded in a small device such as an IC card, and data is transmitted / received between the IC card and a reader / writer as a data reading / writing device, and authentication processing or encryption / decryption of transmitted / received data is performed. The system to do is put into practical use.

  In the cryptographic processing module, for example, data encryption processing for inputting plaintext and outputting ciphertext, or decryption processing for inputting ciphertext and outputting plaintext is executed. Such cryptographic processing includes electrical processing by hardware that constitutes the cryptographic processing module, for example, a semiconductor. Therefore, by analyzing the power consumption when cryptographic processing is executed in such a semiconductor module, there is a risk that the encryption processing application key or algorithm may be analyzed.

  For example, as an attack on an arithmetic processing unit such as an IC, that is, as a cryptanalysis attack, a timing attack (TA: Timing attack) that estimates secret information by analyzing a processing time, and secret information is obtained by observing power consumption during encryption processing Simple power analysis (SPA) to estimate, and power difference analysis (DPA) to estimate the secret information by measuring the power consumption in cryptographic processing for a large amount of data and statistically analyzing the measured data : Differential Power Analysis).

  A typical cryptographic processing apparatus is composed of a data input unit, a storage unit, a cryptographic processing unit, and a data output unit. For example, when encryption of input data is performed, it operates as follows. That is, plaintext is input from the data input unit to the encryption processing unit. The cryptographic processing unit performs data processing according to a certain cryptographic processing algorithm in a processing unit that executes a cryptographic processing algorithm such as DES (Data Encryption Standard).

  Intermediate data generated in the execution process of the cryptographic processing algorithm is sequentially stored in the storage unit, and the intermediate data stored in the storage unit is acquired, and the encryption process is executed according to a predetermined processing order. When a predetermined series of cryptographic processing algorithms are completed in the cryptographic processing unit, the generated ciphertext is output via the output unit.

  In such an encryption processing apparatus, the time required from the start of encryption processing to the start of a specific encryption intermediate processing procedure is approximately constant. Note that the implementation method of the encryption algorithm is described in detail in Non-Patent Document 1, for example.

  Such a cryptographic processing device applies key information applied to cryptographic processing by applying a cryptographic analysis method called simple power analysis (simple power analysis) or differential power analysis (differential power analysis) described above. The algorithm may be analyzed.

  Simple power analysis and power difference analysis are based on the case where there is a change in the value held by the semiconductor device at a specific time and the case where there is no change in the value held in the current semiconductor device such as a memory or register. By using the feature that the power consumption is different, the cryptographic key held by the cryptographic processing device is measured by measuring the power consumption at various timings when the cryptographic processing device is executing the cryptographic processing. This is a cryptographic analysis method for identifying secret information.

  The conditions under which simple power analysis and power difference analysis function effectively are: first, it is possible to specify the cryptographic processing procedure performed at each time when power consumption is measured, and second, power consumption measured at each time There are two points that the value of significantly reflects the calculation result of the encryption processing performed in the encryption device at the time.

  In cryptographic processing devices such as conventional encryption devices, decryption devices, and encryption / decryption devices, the above two conditions are satisfied, so simple power analysis and power difference analysis function effectively, There is a problem that it is possible to decrypt the code.

  Several methods have been proposed to address this problem. For example, Patent Document 1 describes a data encryption method and apparatus for the purpose of preventing differential decryption and linear decryption. In this document, in a configuration in which data is divided into a plurality of blocks and the blocks are sequentially encrypted, a key to be applied to a block to be encrypted is derived from an intermediate result of the previous processing block. The processing is performed by applying a different key for each block, and as a result, statistical key estimation is difficult.

  Patent Document 2 shows a configuration that prevents leakage of key information applied to encryption processing. The configuration described in this document stores encrypted key information in a non-volatile memory, decrypts the encrypted key information from the non-volatile memory when the power is turned on, and stores the key information as a result of the decryption in the volatile memory. And is applied to cryptographic processing, and the key information is actively erased from the volatile memory when the power is turned off, thereby preventing the leakage of the key information.

  Patent Document 3 discloses an encryption device that is resistant to cryptographic analysis based on power consumption measurement such as power analysis and power difference analysis. The configuration described in this document is a configuration in which the intermediate data control unit changes the intermediate data generated in the encryption process by a random number, and executes the encryption process based on the intermediate data changed by the random number, and further the final output (Ciphertext) can be made data independent of random numbers. In this configuration, the state change of the cryptographic processing device becomes a change based on the intermediate data changed by random numbers, and as a result, the difficulty of cryptographic analysis by measuring power consumption such as power analysis and power difference analysis increases. is there.

  As described above, there are various proposals for countermeasures against leakage of encryption keys or algorithms. For example, the configuration described in Patent Document 1 extracts intermediate data from processed blocks in units of blocks, and assigns new keys. Complex processing such as generation is required, which may cause problems such as a reduction in calculation processing efficiency and processing delay. Although the configuration described in Patent Document 2 has an effect of preventing leakage of the key data itself, it is a measure against cryptographic analysis based on power consumption measurement such as simple power analysis and power difference analysis during cryptographic processing. Not. Furthermore, it has already been shown by Messenger that the method using random numbers described in Patent Document 3 can be attacked by a cryptographic analysis method called higher-order power difference analysis. For example, ["Using Second-Order Power Analysis Attack DPA Resistant Software", T. et al. S. [Messages, CHES2000].

For example, IC modules that execute cryptographic processing are actively used in various gates such as station ticket gates, shopping centers, and the like, and demands for downsizing and speeding up of processing have become strict. Yes. Therefore, there is a need for a configuration that does not complicate the processing algorithm and is resistant to power analysis.
JP-A-9-230786 JP-A-8-504067 JP 2000-305453 A "" Applied Cryptography "(by Bruce Schneier) John Wiley & Sons, Inc. , 1996, ISBN 0-471-11709-9, pp. 623-673]

  The present invention has been made in view of the above problems, and does not complicate the processing algorithm. Simple power analysis based on detection of power consumption fluctuations associated with regular processing of cryptographic processing sequences, power difference, etc. It is an object of the present invention to provide an encryption device, a decryption device, and a method, and a computer program that increase the difficulty of encryption analysis by analysis and higher-order power difference analysis.

The first aspect of the present invention is:
An encryption device that executes a common key block cipher consisting of a multi-stage round function,
A regular round function part for inputting plaintext or plaintext conversion data for ciphertext generation;
A dummy round function unit that performs a dummy operation that does not input the plaintext or the conversion data based on the plaintext to at least one of the previous stage or the subsequent stage of the regular round function part;
The encryption apparatus is characterized by comprising:

  Furthermore, in one embodiment of the encryption apparatus of the present invention, the number of settings of the dummy round function part is M for the number of plaintexts available for power analysis for the common key block cipher, and for power analysis for the common key block cipher. When the required minimum number of plaintexts is N, the number is calculated based on the values M and N.

  Furthermore, in one embodiment of the encryption apparatus of the present invention, the number of settings of the dummy round function part: L is the number of plaintexts available for power analysis for the common key block cipher, and M is the power for the common key block cipher. It is characterized by having a configuration satisfying L> M / N-1 where N is the minimum number of plaintexts required for analysis.

  Furthermore, in an embodiment of the encryption device of the present invention, the dummy round function unit is configured to input the Tammy data different from the plain text or the conversion data based on the plain text, and execute a round function calculation based on the dummy data. It is characterized by being.

Furthermore, the second aspect of the present invention provides
A decryption device that executes a common key block cipher consisting of a multi-stage round function,
A regular round function part for inputting ciphertext or decryption data based on the ciphertext for generating a decrypted text;
A dummy round function unit that performs a dummy operation that does not input the ciphertext or converted data based on the ciphertext at least one of the previous stage and the subsequent stage of the regular round function part;
The decoding apparatus is characterized by comprising:

  Furthermore, in one embodiment of the decryption apparatus of the present invention, the number of dummy round function units set is M for the number of plaintexts available for power analysis for the common key block cipher, and for power analysis for the common key block cipher. When the required minimum number of plaintexts is N, the number is calculated based on the values M and N.

  Furthermore, in one embodiment of the decryption apparatus of the present invention, the number of settings of the dummy round function part: L is the number of plaintexts available for power analysis for the common key block cipher, and M is the power for the common key block cipher. It is characterized by having a configuration satisfying L> M / N-1 where N is the minimum number of plaintexts required for analysis.

  Furthermore, in one embodiment of the decryption apparatus of the present invention, the dummy round function unit inputs the Tammy data different from the ciphertext or the conversion data based on the ciphertext, and executes a round function operation based on the dummy data. It is the structure.

Furthermore, the third aspect of the present invention provides
An encryption method for executing a common key block cipher consisting of a multi-stage round function,
A regular round function execution step for inputting plaintext or plaintext-based conversion data for ciphertext generation;
A dummy round function execution step for executing a dummy operation that does not input the plaintext or the conversion data based on the plaintext in at least one of the previous stage and the subsequent stage of the regular round function execution step;
The encryption method is characterized by comprising:

  Furthermore, in one embodiment of the encryption method of the present invention, the number of settings of the dummy round function execution step is M for the number of plaintexts available for power analysis for the common key block cipher, and power analysis for the common key block cipher. Is set to a number calculated based on the values M and N, where N is the minimum number of plaintexts required for.

  Furthermore, in one embodiment of the encryption method of the present invention, the number of settings of the dummy round function execution step: L is the number of plaintexts available for power analysis for the common key block cipher, and M is for the common key block cipher. When the minimum number of plaintexts necessary for power analysis is N, L> M / N−1 is satisfied.

  Furthermore, in one embodiment of the encryption method of the present invention, the dummy round function execution step inputs the tammy data different from the plaintext or the conversion data based on the plaintext, and executes the round function calculation based on the dummy data. It is characterized by.

Furthermore, the fourth aspect of the present invention provides
A decryption method for executing a common key block cipher consisting of a multi-stage round function,
A regular round function execution step for inputting ciphertext or decryption data based on the ciphertext for decryption text generation;
A dummy round function execution step for executing a dummy operation that does not input the ciphertext or the conversion data based on the ciphertext in at least one of the previous stage and the subsequent stage of the regular round function execution step;
The decoding method is characterized by comprising:

  Furthermore, in one embodiment of the decryption method of the present invention, the number of set dummy round function execution steps is M for the number of plaintexts available for power analysis for the common key block cipher, and power analysis for the common key block cipher. Is set to a number calculated based on the values M and N, where N is the minimum number of plaintexts required for.

  Further, in one embodiment of the decryption method of the present invention, the number of settings of the dummy round function execution step: L is the number of plaintexts available for power analysis for the common key block cipher, M, and the common key block cipher The number satisfying L> M / N-1 where N is the minimum number of plaintexts required for power analysis.

  Furthermore, in one embodiment of the decryption method of the present invention, the dummy round function execution step inputs the tammy data different from the plaintext or the conversion data based on the plaintext, and executes a round function calculation based on the dummy data. It is characterized by.

Furthermore, the fifth aspect of the present invention provides
A computer program for executing a common key block cipher consisting of a multi-stage round function,
A regular round function execution step for inputting plaintext or plaintext-based conversion data for ciphertext generation;
A dummy round function execution step for executing a dummy operation that does not input the plaintext or the conversion data based on the plaintext in at least one of the previous stage and the subsequent stage of the regular round function execution step;
There is a computer program characterized by comprising:

Furthermore, the sixth aspect of the present invention provides
A computer program for executing a common key block cipher consisting of a multi-stage round function,
A regular round function execution step for inputting ciphertext or decryption data based on the ciphertext for decryption text generation;
A dummy round function execution step for executing a dummy operation that does not input the ciphertext or the conversion data based on the ciphertext in at least one of the previous stage and the subsequent stage of the regular round function execution step;
There is a computer program characterized by comprising:

  The computer program of the present invention is, for example, a storage medium or communication medium provided in a computer-readable format to a computer system capable of executing various program codes, such as a CD, FD, or MO. It is a computer program that can be provided by a recording medium or a communication medium such as a network. By providing such a program in a computer-readable format, processing corresponding to the program is realized on the computer system.

  Other objects, features, and advantages of the present invention will become apparent from a more detailed description based on embodiments of the present invention described later and the accompanying drawings. In this specification, the system is a logical set configuration of a plurality of devices, and is not limited to one in which the devices of each configuration are in the same casing.

  According to the configuration of the present invention, in an encryption process and a decryption process for executing a common key block cipher composed of a plurality of round functions, a regular round function unit for inputting conversion data for generating a ciphertext or a decrypted text And a dummy round function part that executes dummy calculation by inputting dummy data different from the normal processing data to at least one of the front stage and the rear stage of the normal round function part. Since the dummy round function calculation is executed at least before or after the calculation execution step, even if the attacker who performs the power analysis analyzes the power when each round function is executed, the dummy round function is calculated. It becomes difficult to determine whether a function is being executed or a regular round function is being executed. Can be stopped, the cryptographic processing is realized with increased attack resistance.

Details of the encryption apparatus, the decryption apparatus and method, and the computer program of the present invention will be described below. The description will be made in the order of the following items.
1. 1. Outline of DES (Data Encryption Standard) encryption processing and power difference analysis Cryptographic processing configuration with improved analysis difficulty according to the present invention

[1. Outline of DES (Data Encryption Standard) encryption processing and power difference analysis]
First, an outline of DES (Data Encryption Standard) encryption processing and an outline of power difference analysis will be described.

  There are various cryptographic processing algorithms, but broadly classified, the encryption key and the decryption key are different keys, for example, a public key cryptosystem that sets a public key and a private key, and an encryption key and a decryption key. It is classified into a common key encryption method set as a common key.

  One common key cryptosystem is a system in which a plurality of keys are generated based on a common key, and cryptographic processing is repeatedly executed using the generated plurality of keys. A typical algorithm to which such a key generation method is applied is a common key block encryption method.

  The algorithm of the common key block cipher can be mainly divided into a round function part that performs conversion of input data and a key schedule part that generates a key to be applied in each round of the round function part. A key (subkey) to be applied in each round of the round function part is generated by being input to the key schedule part based on one master key (primary key) and applied in each round function part. A typical method of this common key encryption method is DES (Data Encryption Standard) as a US federal standard encryption method.

  The basic structure of DES encryption processing will be described with reference to the drawings. The DES encryption process has a structure for converting plaintext into ciphertext by simple repetition of a conversion function. FIG. 1 shows a basic configuration of DES encryption processing. The round function unit 110 executes conversion of input data, and the key schedule unit 120 generates a key to be applied in each round of the round function unit.

  In the round function unit 110, the plaintext (64 bits) is first divided into 32 bits each of L and R in the initial replacement unit 111, and the divided L and R 32 bits are input to the first round function unit 112. The conversion process is performed based on the key K (1) input from the first-stage key generation unit 122 of the key schedule unit 120. The conversion process result is input to the second-stage round function unit 113 in the next stage.

  In the key schedule unit 120, first, the master key (primary key) replacement unit (PC-1) 121 removes the 8 bits of parity of the input master key (primary key: 64 bits), and the remaining 56 bits are replaced. Input to the first round key generation unit 122. In the first stage round key generation unit 122, the shift process of the input bit string and the removal of the parity bit are executed to generate the 48-bit round key K (1), and the generated round key K (1) is used as the round function unit. 110 to the first round function unit 112. The first-stage round key generation unit 122 outputs the higher-order bit string (28 bits) and the lower-order bit string (28 bits) obtained by the shift process to the second-stage round key generation unit 123 in the lower stage.

  The round function section has 16 round function sections, each of which executes the conversion process using the key input from the key schedule section 120 with the output of the previous round function section as an input, and converts the conversion result into the subsequent round function. To the output. The output converted by the 16-stage round function part is input to the reverse replacement part 114, the reverse replacement process of the initial replacement part 111 is executed, and output as ciphertext.

  FIG. 2 shows the configuration of the round function unit at each stage constituting each round of the round function unit 110. As shown in FIG. 2, the round function unit receives two inputs, L (n-1) and R (n-1), from the round function unit of the previous stage (n-1 stage), and the key from the key schedule part. Enter (k (n)). In the F function unit 151, the bit string (R (n-1)) input from the previous round function unit is converted using the key (k (n)) input from the key schedule unit, and the conversion result is converted to the previous result. The remaining bit string (L (n-1)) input from the round function part and exclusive OR are executed to generate the output R (n) of the next round function part. In the next round function section, a bit string with R (n-1) as L (n) and the above F function and R (n) generated by the exclusive OR operation are input, and the same processing is repeated. It is.

  The configuration of the F function is shown in FIG. The F function includes a plurality of S boxes (Sboxes) that perform nonlinear processing. The input value R (n−1) from the previous stage of the round function part is expanded to 48 bits by the replacing part 171, and the exclusive OR is executed with the key (48 bits) input from the key schedule part, and the output is 6 It is input to a plurality of S boxes 181-1 to 18-8 for executing nonlinear conversion processing bit by bit. In each S box, for example, nonlinear conversion processing from 6 bits to 4 bits to which a conversion table is applied is executed.

  The output bits 4 × 8 = 32 bits from the S box 181-1 to 8 are input to the replacement unit 172, the bit position is exchanged, and the F function output 32 bits are generated and output.

  As described with reference to FIGS. 1 to 3, the DES encryption process is executed by a multi-stage (16-stage) conversion process. A configuration in which this DES encryption process is repeatedly executed to further increase the encryption strength, for example, a triple DES encryption process that executes three DES encryption processes is performed in various fields, for example, a mutual authentication process between data communication devices via the Internet, It is often used as an encryption process applied to a mutual authentication process between an IC card and a reader / writer. In order to distinguish from the triple DES encryption process, one DES encryption process is referred to as a single DES encryption process.

  As shown in FIG. 4, the triple DES (Triple DES) cipher processing configuration generates cipher text from plain text by repeatedly executing the DES cipher processing described with reference to FIGS. 1 to 3. Each of the single DES encryption processing units 185, 186, and 187 has the 16-stage round function unit described above, and repeats the process by the F function having the S box 16 times.

  Normally, in triple DES encryption processing, the same master key (primary key) (K1) is applied to the first single DES encryption processing unit 185 and the last DES encryption processing unit 187, and the intermediate DES encryption processing unit 186 is different. Apply the master key (main key) (K2). As described above, the encryption strength can be improved by repeatedly executing the DES encryption processing a plurality of times.

  However, in such a common key encryption process, there is a problem of leakage of keys or cryptographic algorithms by cryptographic analysis. There are several types of cryptographic analysis methods. First, simple power analysis (SPA: Simple Power Analysis) will be described. Most tamper-resistant devices such as smart cards are composed of logic circuits composed of transistors, and when voltage is applied to the gate, current flows and power is consumed. In general, the power consumption of a circuit is related to the operation being executed and the value of the data being used. For example, in the multiplicative operation, the power consumption is larger when 1 is written than when 0 is written, and different power is consumed in the multiplicative operation and the square operation.

  Since the power consumption varies depending on the calculation and the data value in this way, by observing the change in the power consumption of the device performing the calculation using the secret information, information such as the Hamming weight can be obtained regarding the secret information. Can be obtained, and the entropy can be reduced. A method of directly using changes in power consumption for analysis is called simple power analysis.

  The power consumption of the device can be obtained from a current value flowing through the resistor by inserting a resistor in series between the device and the power source or the ground. When power consumption is measured for a smart card that is actually performing a common key encryption operation, the operation of each stage of the common key encryption can be clearly confirmed from the measured waveform. Furthermore, information such as key register exchange can be obtained by analyzing the power consumption waveform in detail.

  Next, power difference analysis (DPA: Differential Power Analysis) will be described. The power consumption of the tamper resistant device generally depends on the calculation contents and secret information used for the calculation. However, changes in power consumption depending on these contents are small, and it is generally difficult to distinguish from measurement errors and noise.

  Therefore, Kocher et al. Take the average of a large amount of measurement values to reduce the influence of measurement errors and noise, and take the difference from the average value of all data to eliminate the influence of power consumption due to the calculation process. A method of extracting only a change in power consumption according to information, that is, a differential power analysis (DPA) was proposed.

  Kocher et al. Shows an application example for DES. First, a bit of a part of the round key entering the first stage or the sixteenth stage of the round function part is predicted, and 1 of data expected to be written to the memory at the end of the first stage or the sixteenth stage. Focusing on the value of the bit, the observation data of the power consumption is classified according to the value. Next, the average of the measured values is taken for each group, and the difference between them is taken. When the prediction is correct, the difference in power consumption becomes large when the focused bit is used for the calculation. If the forecasts are different, no noticeable difference is confirmed.

Specifically, the power difference analysis is performed according to the following procedure (step 1 to step 7).
(Step 1)
Observe the encryption process m times, and observe the power consumption changes T1,. Further, ciphertexts C1,..., Cm are recorded. When the change in power consumption at the 16th stage is used for analysis, plaintext information is not necessary. Note that about 1000 is sufficient for m.

(Step 2)
A distribution function D (Ks, C) depending on the key is selected. However, Ks is some key information and C is a ciphertext.
For example, let us consider a case where a 6-bit partial key supplied to the S box 1 is estimated by paying attention to the value of the first bit of the output of the S box 1 at the final stage. In this case, the function D is given by

However,
K16 is the expected value of the 6-bit partial key supplied to the S box 1 in the 16th stage,
C6 is 6 bits of ciphertext that is XORed with K16,
SBOX1 (x) is the first bit of the output result when 6 bits x is supplied to S box 1,
C1 is one bit of the ciphertext that is XORed with the output result of SBOX1.

(Step 3)
Using function D, T1,..., Tm are divided into two groups.
S0 = {Ti | D (.,.,.) = 0}
S1 = {Ti | D (.,.,.) = 1}

  Next, the average value of power consumption is taken for each group.

  However, | S0 | + | S1 | = m.

(Step 4)
The difference between A0 and A1 is taken to obtain a power difference signal ΔD.
ΔD = A0−A1

(Step 5)
If the expected value Ks of the partial key is not correct, D (•, •, •) outputs “0” and “1” almost randomly to the ciphertext. Therefore, when a sufficiently large number of samples are taken, the value of ΔD approaches zero. However, in practice, the waveform of ΔD does not become completely flat because of the interaction with the correct expected value Ks. When Ks is correct, D (.,.,.) Takes the same value as the actual value of the focused bit. Therefore, by setting m → ∞, ΔD is the power consumed when using the focused bit. Approaching.

  Other data values and measurement errors that do not depend on D (•, •••) approach 0. Since the power consumption depends on the bit value of the data, the waveform of D (•, •, •) shows a pulse in the region where the focused bit is used, and becomes flat in other regions.

(Step 6)
The above is repeated and the partial key supplied to the S box 1 is estimated. The maximum number of iterations is 2 ⁶ = 64 times.

(Step 7)
The same operation is performed for the remaining seven S boxes to obtain 48-bit information about the secret key. The remaining 8-bit key information is obtained by a full search. This is an example related to DES, but the same can be applied to 8 × 8 Sbox used in Camellia and the like.

  As described above with reference to FIG. 3, the F function of each DES round has 8 S-boxes (Sboxes), and for each S-box, the 6-bit of the 48-bit round key. The partial key is associated with each other.

  As shown in FIG. 3, the F function has eight S boxes (Sboxes) that perform nonlinear processing. The input value R (n−1) from the previous stage of the round function part is expanded to 48 bits by the replacing part 171, and the exclusive OR is executed with the key (48 bits) input from the key schedule part, and the output is 6 It is input to a plurality of S boxes 181-1 to 18-8 for executing nonlinear conversion processing bit by bit. In each S box, for example, nonlinear conversion processing from 6 bits to 4 bits to which a conversion table is applied is executed.

  The output bits 4 × 8 = 32 bits from the S box 181-1 to 8 are input to the replacement unit 172, the bit position is exchanged, and the F function output 32 bits are generated and output.

  The input to each of the eight S boxes (Sbox) 181-1 to 8-8 is 48/8 of the data in which the input value R (n-1) from the previous stage of the round function part is expanded and replaced with 48 bits by the replacement part 171. = 6 bits and the exclusive OR result of 48/8 = 6 bits constituting the round key (48 bits) input from the key schedule part.

  In the cryptographic analysis, a known input value can be applied at the first stage in the round function section, and an output value can be obtained at the sixteenth stage. Therefore, by estimating the input values of the eight S boxes (Sbox) 181-1 to 8 in the first stage and the 16th stage in the round function part by the above-described power difference analysis (DPA: Differential Power Analysis) by Kocher et al. The first and 16th round keys can be analyzed.

Next, the higher-order power difference analysis will be described.
In the power difference analysis described above, analysis is performed on information based on one event of the sample. In the high-order power difference analysis, information based on a plurality of events is associated with each other and used for analysis. The distribution function D can be weighted differently for each sample or can be divided into two or more groups. Such a function seals many defensive measures and may be able to analyze even if plaintext or ciphertext information is incomplete. For samples having characteristic statistical properties, it is effective to perform another process instead of simply taking an average.

[2. Cryptographic processing configuration with improved analysis difficulty according to the present invention]
Next, an encryption processing configuration with improved analysis difficulty according to the present invention will be described. As described above, the possibility that the encryption processing key by the power difference analysis for the encryption processing may be analyzed causes a problem that the security of the data by the encryption processing is not sufficiently maintained.

  Encryption algorithms applied as encryption processing include DES (Data Encryption Standard), Triple DES, and AES (Advanced Encryption Standard) known as next-generation common key encryption replacing DES. AES is a cryptographic process in which a key length of 128, 192, 256 bits and a bit length longer than the DES 64-bit key length is applied, and has strong security. In AES, both the key length and the block length can be set to 128, 192, and 256 bits, which are independently different bit lengths, and a plurality of round processes are repeatedly executed as in the above-described DES.

  However, in any encryption processing algorithm, it is difficult to completely prevent the analysis of the encryption key by the method such as the power difference analysis described above. Once the key leakage occurs, the security of the data to which the cryptographic process is applied cannot be maintained.

  In general, regardless of which encryption algorithm is applied, such as DES, triple DES, or AES, the encryption processing is executed as shown in FIG. FIG. 5 shows an encryption processing configuration according to the encryption algorithm of (A) DES, (B) triple DES, and (C) AES. For example, in the case of processing to which the DES encryption processing unit 191 of (A) is applied, the DES encryption processing unit 191 inputs a master key: K, generates a round key based on the master key: K, and inputs an input plaintext (PT ), The 16-stage round function described with reference to FIG. 1 is repeatedly executed to output ciphertext (CT).

  (B) In the triple DES configuration, the DES encryption processing units 192 to 194 are applied, and the master key: K1 or K2 is input to these three DES encryption processing units 192 to 194, and three DES encryption processings are performed. Each of the units 192 to 194 generates a round key based on the input master key, repeatedly executes the 16-stage round function described with reference to FIG. (CT) is output.

  (C) Also in the AES configuration, the AES encryption processing unit 195 executes encryption processing in which a key: K of 128, 192, 256 bits, for example, whose key length is longer than DES is input.

  However, in any cryptographic processing, the cryptographic processing key: K has a possibility of leaking due to the above-described power analysis or the like, and the security level may be lowered.

  Considering the possibility of such key analysis, a configuration of the present invention that prevents a decrease in security level in generation, storage, communication processing, etc. of cryptographic processing data will be described.

  As described above with reference to FIG. 1, the conventional DES encryption algorithm generates ciphertext from plaintext by repetitive conversion processing of a 16-stage round function section. In the configuration of the present invention, as shown in FIG. 6, a dummy round function unit is configured in at least one of the preceding stage and the subsequent stage of the regular round function execution unit.

  In the configuration of FIG. 6, the regular round function execution unit is configured by 16 round function units of the first conversion unit 202 and the second conversion unit 203 to the 16th conversion unit 204. Two dummy round function units D-2 and 211 and dummy round function units D-1 and 212 are set, and two dummy round function units D1 and 213 and a dummy round function unit are arranged at the subsequent stage of the sixteenth conversion unit 204. D2 and 214 are set.

  As an execution algorithm for normal cryptographic processing that does not apply a dummy round, the plaintext is first divided into 32 bits of L and R in the initial replacement unit 201, and the divided L and R32 bits are used as the first-stage round function. Conversion processing is performed based on the key K (1) input to the unit 202 and input from the first-stage key generation unit of the key schedule unit (not shown), and the conversion processing result is sent to the second-stage round function unit 203 of the next stage. The conversion result of the 16th round function unit 204, which is the final stage of the regular round function execution unit, is input to the reverse replacement unit 205, the reverse replacement process of the initial replacement unit 201 is executed, and output as ciphertext Is done.

  In the case of applying the dummy round, before the step of executing the regular round function in the first-stage round function unit 202, two dummy round functions shown in the figure, that is, dummy round function units D-2 and 211, The calculation by the round function of two cycles is executed by the dummy round function units D-1 and 212. However, since the purpose of this dummy round is to disturb power analysis, the process of inputting plain text data is not executed, and dummy data is input and executed.

  After the dummy data is input and the round function processing of two cycles is completed by the dummy round function units D-2 and 211 and the dummy round function units D-1 and 212, in the regular first-stage round function unit 202 A round function is executed. Thereafter, when the conversion process of the sixteenth round function unit 204, which is the final stage of the regular round function execution unit, is completed, the two dummy round function units D1, 213 set in the subsequent stage of the sixteenth conversion unit 204 shown in FIG. The round function by the dummy round function part D2, 214 is executed. The purpose of these two dummy rounds is to disturb the power analysis, so the process of inputting plaintext data is not executed, and dummy data is input and executed.

  After these two dummy rounds are completed, the conversion result of the 16th round function unit 204, which is the final stage of the regular round function execution unit, is input to the reverse replacement unit 205, and the reverse replacement processing of the initial replacement unit 201 is performed. It is executed and output as ciphertext.

  Both the regular round function part and the dummy round function part execute data conversion processing according to the calculation algorithm described above with reference to FIGS. The person who performs the power analysis analyzes the power when each round function is executed, but it is extremely difficult to determine whether a dummy round function or a regular round function is being executed. It becomes possible to increase the tolerance to.

  The figure shows a configuration in which two dummy rounds are set in the former stage of the regular round function execution unit and two dummy rounds are set in the latter stage. It is not limited to. In general, a person who performs an attack using power difference analysis does not allow an infinite attack time, but allows a certain finite time. Therefore, there is a maximum time required for the attack. Let this be [Tmax]. Further, there are the number of plaintexts [M] that can be applied to an attack to which power difference analysis is applied and the minimum number of plaintexts [N] that is necessary for the attack.

  At this time, an attack within [Tmax] within a finite time becomes difficult by randomly adding redundancy corresponding to M / N-1. This addition of redundancy is realized by adjusting the number of added dummy round functions. An algorithm for calculating the number of dummy rounds having redundancy that makes power difference analysis difficult will be described with reference to the flow shown in FIG.

  In step S101, the maximum time required for an attack by power difference analysis, that is, power analysis maximum time = Tmax is set. In step S102, the number of plaintexts [M] applicable to an attack to which power difference analysis is applied and the minimum number of unique plaintexts [N] necessary for the attack by power difference analysis are set. These values can be set assuming virtual power analysis.

Next, in step S103, the number of dummy round functions L = 0 is set as an initial setting. In step S104,
L> M / N-1
Whether or not is satisfied is determined.

L> M / N-1
If is not established, the process proceeds to step S105, and update processing for increasing the value of L by one is executed. Furthermore, it returns to step S104 and it is determined whether the updated value of L satisfies the said formula. Perform L updates until the expression is satisfied, and finally
L> M / N-1
The value of L that holds is obtained.

Next, in step S106,
L> M / N-1
The value of L that holds is set as the number of dummy rounds.

  Note that the value of L calculated in the flow shown in FIG. 7 is the maximum time [Tmax] required for an attack in a certain assumed power difference analysis, the number of plaintexts [M] applicable to the attack using the power difference analysis, and the power This is a value that guarantees redundancy that is almost impossible to analyze in the power analysis that assumes the minimum number of unique plaintexts [N] required for an attack by differential analysis, and sets an L dummy round obtained by this algorithm By doing so, the redundancy that is almost impossible to analyze by the power analysis within the Tmax time is guaranteed, and a secure cryptographic process with high resistance to the power analysis is realized. Furthermore, if the keys applied for encryption and decryption are updated within the above finite time [Tmax], the attack can be made almost permanent.

  Finally, a configuration example of the IC module 600 as a cryptographic processing apparatus that executes cryptographic processing such as generation of ciphertext or decryption processing of ciphertext will be described with reference to FIG. The above-described processing can be executed in, for example, various information processing apparatuses such as a PC, an IC card, a reader / writer, and the IC module 600 shown in FIG. 8 can be configured in these various devices.

  A CPU (Central processing Unit) 601 shown in FIG. 8 is a processor that executes the start and end of cryptographic processing, data transmission / reception control, data transfer control between components, and other various programs. The memory 602 is a ROM (Read-Only-Memory) that stores programs executed by the CPU 601 or fixed data as calculation parameters, a program executed in the processing of the CPU 601, and a parameter storage area that changes as appropriate in the program processing, It consists of RAM (Random Access Memory) used as a work area. The memory 602 can be used as a storage area for key data and the like necessary for encryption processing. For example, the above-described shared secret key: K is stored. The data storage area is preferably configured as a memory having a tamper resistant structure.

  The encryption processing unit 603 executes encryption processing, decryption processing, and the like according to the above-described DES, triple DES, AES, and other algorithms, for example. Here, an example in which the cryptographic processing means is an individual module is shown, but such an independent cryptographic processing module is not provided, for example, a cryptographic processing program is stored in the ROM, and the CPU 601 reads and executes the ROM stored program. You may comprise.

  The random number generator 604 is applied in a process for generating a key and random number information to be applied to encryption processing. Alternatively, the present invention is applied to random number generation required for authentication processing between devices and other random number generation processing required for encryption processing. The random number generator 604 is configured by, for example, a random number generator to which LFSR (Linear Feedback Shift Register) is applied, or a pseudo-random number generator.

  The transmission / reception unit 605 is a data communication processing unit that performs data communication with the outside. For example, the data transmission / reception unit 605 performs data communication with an IC module such as a reader / writer, and outputs ciphertext generated in the IC module or an external reader. Data input from devices such as writers is executed.

  The present invention has been described in detail above with reference to specific embodiments. However, it is obvious that those skilled in the art can make modifications and substitutions of the embodiments without departing from the gist of the present invention. In other words, the present invention has been disclosed in the form of exemplification, and should not be interpreted in a limited manner. In order to determine the gist of the present invention, the claims section described at the beginning should be considered.

  The series of processes described in the specification can be executed by hardware, software, or a combined configuration of both. When executing processing by software, the program recording the processing sequence is installed in a memory in a computer incorporated in dedicated hardware and executed, or the program is executed on a general-purpose computer capable of executing various processing. It can be installed and executed.

  The various processes described in the specification are not only executed in time series according to the description, but may be executed in parallel or individually as required by the processing capability of the apparatus that executes the processes. Further, in this specification, the system is a logical set configuration of a plurality of devices, and the devices of each configuration are not limited to being in the same casing.

  The present invention can be applied to a device that executes cryptographic processing, for example, an IC card having a cryptographic processing module or other cryptographic processing apparatus. By applying the configuration of the present invention, it becomes difficult to leak cryptographic processing keys and algorithms in the IC module by power analysis, so that it is possible to provide a device or apparatus having a cryptographic processing execution function with a high security level.

It is a figure which shows the basic composition of a DES encryption process. It is a figure which shows the structure of the conversion part which comprises each round of a round function part. It is a figure which shows the structure of F function. It is a figure which shows a triple DES (Triple DES) encryption processing structure. It is a figure explaining a general encryption processing composition. It is a figure explaining the encryption algorithm which applied the structure of this invention which set the dummy round function part. It is a flowchart explaining the algorithm for calculating the setting number of the dummy round function part with redundancy with high tolerance with respect to an electric power analysis. It is a figure which shows the structural example of IC module as a cryptographic processing execution device which can apply the structure of this invention.

Explanation of symbols

DESCRIPTION OF SYMBOLS 110 Round function part 111 Initial substitution part 112,113 Conversion part 114 Reverse substitution part 120 Key schedule part 121 Selection substitution part 122,123 Key generation part 151 F function part 171,172 Replacement part 181 S box 185,186,187 DES encryption Processing unit 191 Encryption processing unit (DES)
192, 193, 194 Encryption processing unit (DES)
195 Cryptographic processing part (AES)
201 Initial value interval unit 202 to 204 Conversion unit 211 to 214 Dummy round function unit 600 IC module 601 CPU (Central processing Unit)
602 Memory 603 Encryption processing unit 604 Random number generator 605 Transmission / reception unit

Claims (18)

An encryption device that executes a common key block cipher consisting of a multi-stage round function,
A regular round function part for inputting plaintext or plaintext conversion data for ciphertext generation;
A dummy round function unit that performs a dummy operation that does not input the plaintext or the conversion data based on the plaintext to at least one of the previous stage or the subsequent stage of the regular round function part;
An encryption device comprising: The set number of dummy round function parts is
The number of plaintexts available for power analysis for the common key block cipher is M,
When the minimum number of plaintexts required for power analysis for the common key block cipher is N,
2. The encryption apparatus according to claim 1, wherein the number is a number calculated based on the values M and N. The set number of dummy round function parts: L is
The number of plaintexts available for power analysis for the common key block cipher is M,
When the minimum number of plaintexts required for power analysis for the common key block cipher is N,
L> M / N-1
The encryption apparatus according to claim 1, wherein the encryption apparatus has a configuration satisfying the following. The dummy round function part is:
2. The encryption apparatus according to claim 1, wherein the plaintext or Tammy data different from the plaintext-converted data is input, and a round function calculation based on dummy data is executed. A decryption device that executes a common key block cipher consisting of a multi-stage round function,
A regular round function part for inputting ciphertext or decryption data based on the ciphertext for generating a decrypted text;
A dummy round function unit that performs a dummy operation that does not input the ciphertext or converted data based on the ciphertext at least one of the previous stage and the subsequent stage of the regular round function part;
A decoding device characterized by comprising: The set number of dummy round function parts is
The number of plaintexts available for power analysis for the common key block cipher is M,
When the minimum number of plaintexts required for power analysis for the common key block cipher is N,
6. The decoding apparatus according to claim 5, wherein the number is a number calculated based on the values M and N. The set number of dummy round function parts: L is
The number of plaintexts available for power analysis for the common key block cipher is M,
When the minimum number of plaintexts required for power analysis for the common key block cipher is N,
L> M / N-1
The decoding device according to claim 5, wherein the decoding device has a configuration satisfying the following. The dummy round function part is:
The decryption according to claim 5, wherein the decryption text is configured to receive ciphertext for generating the decrypted text or conversion data based on ciphertext, and to perform a round function operation based on dummy data. Device. An encryption method for executing a common key block cipher consisting of a multi-stage round function,
A regular round function execution step for inputting plaintext or plaintext-based conversion data for ciphertext generation;
A dummy round function execution step for executing a dummy operation that does not input the plaintext or the conversion data based on the plaintext in at least one of the previous stage and the subsequent stage of the regular round function execution step;
An encryption method comprising: The set number of dummy round function execution steps is:
The number of plaintexts available for power analysis for the common key block cipher is M,
When the minimum number of plaintexts required for power analysis for the common key block cipher is N,
10. The encryption method according to claim 9, wherein the number is set based on the values M and N. The set number of dummy round function execution steps: L is
The number of plaintexts available for power analysis for the common key block cipher is M,
When the minimum number of plaintexts required for power analysis for the common key block cipher is N,
L> M / N-1
The encryption method according to claim 9, wherein the number satisfies the following. The dummy round function execution step includes:
The encryption method according to claim 9, wherein the plaintext or the Tammy data different from the plaintext-converted data is input, and a round function operation based on the dummy data is executed. A decryption method for executing a common key block cipher consisting of a multi-stage round function,
A regular round function execution step for inputting ciphertext or decryption data based on the ciphertext for decryption text generation;
A dummy round function execution step for executing a dummy operation that does not input the ciphertext or the conversion data based on the ciphertext in at least one of the previous stage and the subsequent stage of the regular round function execution step;
A decoding method characterized by comprising: The set number of dummy round function execution steps is:
The number of plaintexts available for power analysis for the common key block cipher is M,
When the minimum number of plaintexts required for power analysis for the common key block cipher is N,
14. The decoding method according to claim 13, wherein the number is set based on the values M and N. The set number of dummy round function execution steps: L is
The number of plaintexts available for power analysis for the common key block cipher is M,
When the minimum number of plaintexts required for power analysis for the common key block cipher is N,
L> M / N-1
The decoding method according to claim 13, wherein the number satisfies the following. The dummy round function execution step includes:
The decryption method according to claim 13, wherein the ciphertext for generating the decrypted text or the Tammy data different from the converted data based on the ciphertext is input, and the round function operation based on the dummy data is executed. A computer program for executing a common key block cipher consisting of a multi-stage round function,
A regular round function execution step for inputting plaintext or plaintext-based conversion data for ciphertext generation;
A dummy round function execution step for executing a dummy operation that does not input the plaintext or the conversion data based on the plaintext in at least one of the previous stage and the subsequent stage of the regular round function execution step;
A computer program characterized by comprising: A computer program for executing a common key block cipher consisting of a multi-stage round function,
A regular round function execution step for inputting ciphertext or decryption data based on the ciphertext for decryption text generation;
A dummy round function execution step for executing a dummy operation that does not input the ciphertext or the conversion data based on the ciphertext in at least one of the previous stage and the subsequent stage of the regular round function execution step;
A computer program characterized by comprising:

Images