KR100991713B1 - Apparatus and method for operating inversion of AES with masking method, and AES cipher system and method using thereof - Google Patents

Abstract

The present invention relates to a masking technique of an AES cryptographic system, wherein an AES inverse computing device using masking according to the present invention uses first masking data for element (A) on complex GF (((2 ² ) ² ) ² ). A masking field transform unit for generating an additive masked output value on the partial GF ((2 ² ) ² ); A masking inversion calculation unit configured to generate an addition masked inversion operation value on the partial GF ((2 ² ) ² ) using second masking data with respect to the addition masked output value of the masking field converter; And a multiplication and an exclusive logical sum operation on subfield GF ((2 ² ) ² ) and field conversion with respect to the addition masked inversion operation value of the masking inversion operation unit, corresponding to the element (A). Including a masking field inverse transform unit for generating an additive masked inverse calculation result on the complex GF (((2 ² ) ² ) ² ), it provides an advantage of improving hardware efficiency and computational speed while being robust to differential power analysis.

Description

Apparatus and method for operating inversion of AES with masking method, and AES cipher system and method using about

The present invention relates to a masking technology of an AES encryption system, and more particularly, to an AES reverse source computing device and method using masking that is robust to differential power analysis attack (DPA) and improves hardware efficiency and operation speed, and an AES encryption system using the same. And to a method.

As the digital information society is advanced and electronic commerce is activated, cryptographic technology is recognized as a core technology for the safety and reliability of social and economic activities based on the Internet, and the protection of user privacy. In such a situation, the block cipher algorithm is expanding its application field due to the advantages of fast encryption / decryption processing speed and small key length.

Conventionally, DES (Data Encryption Standard) has been used as a data encryption standard, but the National Institute of Standards and Technology (NIST) has adopted AES (Advanced Encryption Standard) as a next generation international standard encryption to replace DES. . AES is an open order symmetric key cryptography method, which has a 128-bit block length and a 128/192/256 bit key length. Accordingly, the DES algorithm used in many conventional applications is expected to be replaced by the AES algorithm.

On the other hand, the security of the block cipher algorithm must consider not only the security in its mathematical structure but also the security in the implemented environment. Even algorithms that are known to be mathematically safe have unexpected additional information leaks at the implementation stage, and side leak attacks can be used to find the value of a secret key using such leaked information. (P. Kocher, J. Jaffe, and B. Jun, “Timing Attacks on Implementations of Diffie- Hellman, RSA, DSS, and Others Systems.” CRYPTO'96, LNCS 1109, pp. 104-113, Springer- Verlag, 1996.)

With the introduction of these subchannel attacks, many cryptosystem designers began to study effective countermeasures, and some countermeasures against differential power analysis (DPA) attacks, which are one of the subchannel attacks, have been proposed. .

The differential power analysis attack is an attack method for finding secret information stored in the smart card by analyzing a power signal generated during a calculation when the block encryption algorithm is implemented in a low power device such as a smart card. The reason for the differential power analysis attack is that if the attacker knows plaintext and can guess some information of the secret key, the attacker predicts a specific bit of cipher text after the first round corresponding to the plaintext. Because it is possible.

Hardware countermeasures and software countermeasures have been proposed to implement a block cipher algorithm that is safe against the differential power analysis attack. The hardware countermeasure includes a method of generating a noise power, a method of randomizing an operation sequence, a method of filtering a power signal, and the like. However, the hardware countermeasures are still known to be incomplete. In particular, a masking method is known as a strong countermeasure against the first differential power analysis attack. The masking technique is a method in which the intermediate value is not revealed during encryption / decryption or key scheduling operation by power measurement. For example, after generating a random number inside a smart card, power analysis is disabled by making the plain text look like a random number through an exclusive OR of the random number and the plain text.

m)=S(x)

m_x의 형태이며 m_x의 값이 x의 값마다 다르다. 따라서, 일반적인 소프트웨어 마스킹 기법에서는 상기 m_x의 값이 모든 x에 대해 동일한 값이 되도록 암호 알고리즘의 최초 수행시 새로운 마스킹 S-box(MS)를 만든다. 즉, 모든 x에 대해 MS(x

m)=S(x)

m'를 만족하는 MS를 생성한다. 그러나, 공간적 제약이 많이 따르는 하드웨어 마스킹 기법에서는 마스킹 테이블을 생성, 저장하는 비용을 고려하여 MS를 생성하는 방식 대신 직접 연산하는 방식을 사용하는 것이 일반적이다. 요컨대, AES의 S-box는 GF(2⁸) 위에서의 역원(inversion) 연산과 그에 대 한 아핀(affine) 변환으로 구성되며 실제 하드웨어 마스킹 기법의 대부분의 비용은 상기 역원 연산을 수행하는데 소비된다.In the case of AES, the non-linear operation is an S-box operation. The S-box has an operation value of S (x

m) = S (x)

in the form of m _x varies from a value of the value of m _x x. Therefore, in a general software masking technique, a new masking S-box (MS) is created at the first execution of the encryption algorithm such that the value of m _x is the same for all x. That is, MS (x for all x

m) = S (x)

Generate an MS that satisfies m '. However, in hardware masking techniques that have a lot of space constraints, it is common to use direct computation instead of creating MS in consideration of the cost of creating and storing a masking table. In short, AES's S-box consists of an inversion operation on GF (2 ⁸ ) and an affine transformation for it and most of the cost of the actual hardware masking technique is spent performing the inverse operation.

However, the conventional masking inverse calculation methods have a problem that an excessive number of gates are required for S-box calculation of AES. In addition, as experimentally proven, existing methods using multiplicative masking in the form of (xm) ^-1 = x ^-1 m ^-1 satisfy the equation xm = x when x = 0, so that the first differential power There is a fatal problem of being vulnerable to analytical attacks (see Jovan D. Golic, Christophe Tymen. “Multiplicative Masking and Power Analysis of AES”, CHES 2002, LNCS 2523, pp. 198212, Springer, 2003.).

Accordingly, the first technical problem to be achieved by the present invention is to provide an AES inverse computing device using masking that is robust to differential power analysis and can maximize hardware efficiency and operation speed.

The second technical problem to be achieved by the present invention is to provide an AES inverse calculation method using masking that is robust to differential power analysis and can maximize hardware efficiency and operation speed.

The third technical problem to be achieved by the present invention is to provide an AES cryptographic system using the AES inverse computing device or method using the masking.

A fourth technical problem to be achieved by the present invention is to provide an AES encryption method using an AES reverse source computing device or method using the masking.

In order to solve the first technical problem as described above, the present invention, using the first masking data for the element (A) on the composite GF (((2 ² ) ² ) ² ), the partial GF ((2 ² ) ² A masking field converter configured to generate an additive masked output value of the mask; A masking inversion calculation unit configured to generate an addition masked inversion operation value on the partial GF ((2 ² ) ² ) using second masking data with respect to the addition masked output value of the masking field converter; And a multiplication and an exclusive logical sum operation on subfield GF ((2 ² ) ² ) and field conversion on the addition masked inversion operation value of the masking inversion operation unit to the element (A). An AES inverse computing device using masking comprising a masking field inverse transform unit for generating an additive masked inverse computing result on a corresponding complex GF (((2 ² ) ² ) ² ).

In one embodiment, the AES inverse computing device using masking is based on a polynomial basis in element representation.

In one embodiment, the element (A) on the complex GF (((2 ² ) ² ) ² ) of the masking field transform unit isomorphism (isomorphism) deformation of the element on the finite field GF (2 ⁸ ) Is generated.

The masking inversion calculator may be configured to obtain an upper 4 bit value or a lower 4 bit value among the output masking values of the result of the addition masking inverse operation on the complex GF (((2 ² ) ² ) ² ). Used as masking data.

In an embodiment, the AES inverse calculating device using the masking may use each of the bit values constituting the intermediate calculating value of the AES source calculating device using the masking using third bit masking data of 4 bits. The apparatus may further include a fresh masking unit that performs addition masking so that the same probability as other bit values appears.

The fresh masking unit may include the upper 4 bit value or the lower 4 bit value of the output masking value of the result of the addition masking inverse operation on the complex GF (((2 ² ) ² ) ² ), wherein the third masking data Use as.

In one embodiment, the fresh masking unit, the second masking data is the upper 4-bit value or the lower 4-bit value of the output masking value of the result of the addition masked inverse operation on the complex GF (((2 ² ) ² ) ² ) In this case, a lower 4 bit value or a higher 4 bit value of the output masking value is used as the third masking data, respectively.

In one embodiment, the mask inversion operation unit, and performs a partial body GF ⁽²²⁾ GF said body portion by an operation on the ((2 ^{2) 2)} on the inversion calculation.

In an embodiment, the masking inversion calculation unit may include a sub masking field configured to generate an additive masked output value on the partial GF (2 ² ) by using the masked output value of the masking field converter and the second masking data. A conversion unit; A sub mask that generates an additive masked inversion operation value on the sub-part GF (2 ² ) by using 4 bits of masking data with respect to the added masked output value on the sub-part GF (2 ² ) by the sub masking field converter A masking inversion calculator; And a multiplication and an exclusive logical sum operation on subfield GF (2 ² ) and a field transform for the addition masked inversion operation value of the sub masking inversion operation unit, corresponding to the addition masked output value of the masking field conversion unit. And a sub masking field inverse transform unit for generating an additive masked inverse computation result on subpart GF ((2 ² ) ² ).

In order to solve the second technical problem as described above, the present invention, using the first masking data for the element (A) on the composite GF (((2 ² ) ² ) ² ), the partial GF ((2 ² ) ² A masking field transform step of generating an additive masked output value on the? A masking inversion calculation step of generating an addition masked inversion operation value on the partial GF ((2 ² ) ² ) using second masking data with respect to the addition masked output value of the masking field conversion step; And a complex GF corresponding to the element (A) using a multiplication and an exclusive logical sum operation on the subpart GF ((2 ² ) ² ) and a field transform on the addition masked inversion operation value of the masking inversion operation step. A masking field inverse transform step of generating an additive masked inverse calculation result on (((2 ² ) ² ) ² ) provides an AES inverse calculation method using masking.

In order to solve the third technical problem as described above, the present invention provides an AES encryption system using the AES inverse computing device using the masking.

In order to solve the fourth technical problem as described above, the present invention provides an AES encryption method using the AES inverse calculation method using the masking.

The present invention provides the advantage of improving hardware efficiency and computational speed while being robust to differential power analysis by using a masking inverse algorithm on a complex and allowing to reduce redundant multiplications.

Prior to the description of the specific contents of the present invention, an AES encryption system to which the present invention is applied will be described for convenience of understanding.

One round of AES consists of four steps: AddRoundKey, Subbytes, ShiftRows, and MixColumn.

Since the AddRoundKey operation, ShiftRows operation, and MixColumn operation among the four steps are linear operations or affine operations, a masking technique is easily applied. However, it is not easy to apply a masking technique because the subbyte operations are nonlinear operations.

Since the subbyte operations, i.e., the S-Box operations, use inverse and affine operations on the finite field GF (2 ⁸ ) in parallel, the finite field GF (2 ⁸ ) in applying the masking technique to the AES encryption algorithm. The key is to efficiently implement masking techniques for phase inverse operations.

AES  S- Box

S-Box of AES performs an operation as shown in Equation 1 in the form of affine transform of x- ¹ .

S  : GF (2 ⁸ ) → GF (2 ⁸ )

b S (x) = B x ^-1

b

In Equation 1, the operation of x ^-1 is performed on the finite field GF (2 ⁸ ) (the polynomial: x ⁸ + x ⁴ + x ³ + x + 1) and the matrix B for the operation of Equation 1 and The value of the vector b is equal to Equation 2.

, .

,.

Composite ( Composite Field Inverse Arithmetic on

As mentioned above, in the hardware design of the AES, the method of storing and calling the S-Box has a lot of space constraints, so the method of directly calculating the S-Box is mainly used. However, operation with S-Box operation consisting of affine transformation of the x ^-1 is a significant cost to the inverse operation of the operation, i.e., GF (2 ⁸⁾ of the x ^-1 requirements, the cost spent on the actual inverse operation It accounts for most of the cost of the entire AES round operation. Therefore, the efficiency of the inverse operation is a factor that greatly affects the performance of the overall cryptographic algorithm.

Therefore, in the present invention, in order to reduce the cost of the inverse operation and increase the efficiency, instead of the general inversion operation method on the GF (2 ⁸ ), the inversion operation is performed after performing the conversion to a complex which is relatively inexpensive. Invert the result of the calculation back to the element above GF (2 ⁸ ).

Inverse operations on complexes are made through operations on subfields. Operations on GF (8) used for S-box operations can be transformed into operations on GF (((2 ² ) ² ) ² ), which is a complex, of the irreducible polynomial used in each subpart. The form is shown in Equation 3.

GF (2 ² ) over GF (2): P ₀ (x) = x ² + x + 1.

GF ((2 ² ) ² ) over GF (2 ² ): P ₁ (x) = x ² + x + φ.

GF (((2 ² ) ² ) ² ) over GF ((2 ² ) ² ): P ₂ (x) = x ² + x + λ.

In Equation 3, the root of P ₀ (x) is α (α∈ GF (2 ² )), the root of P ₁ (x) is β (β∈ GF ((2 ² ) ² ), and P ₂ ( If the root of x) is r (r∈ GF (((2 ² ) ² ) ² )), then all elements of GF (2 ² ) are a ₁ α + a ₀ , all of GF ((2 ² ) ² ) Elements are (a ₃ α + a ₂ ) β + (a ₁ α + a ₀ ), and all elements of GF (((2 ² ) ² ) ² ) are {(a ₇ α + a ₆ ) β + ( a ₅ α + a ₄ )} r + {(a ₃ α + a ₂ ) β + (a ₁ α + a ₀ )}. For the efficiency of computation, the element φ of GF (2 ² ) is α ((10) ₂ ) among the elements satisfying the property that P ₁ (x) and P ₂ (x) are weak, GF ((2 ² ) ² The element λ of)) was chosen as (α + 1) β ((1100) ₂ ).

The inverse operation on the complex is, for example, C- ¹ A ¹⁶ (C = A ¹⁷ ∈ GF ((2 ² )) for the calculation of inverse A- ¹ of A (A∈ GF (((2 ² ) ² ) ² )). ² )). In addition, D ⁻¹ C ⁴ (D = C ⁵ ∈ GF (2 ² )) is calculated for the inverse C ⁻¹ of C. In other words, the inverse operation on GF (((2 ² ) ² ) ² ) is performed through the inverse operation on GF (2 ² ). Of course, for the inverse operation it requires additional operations, such as A ^16, A ^17, but the operation result of the nature of A ¹⁶ of a complex operation (A = a _h r + a _l) is a _h r + (a _h + a _l) Four-bit xor operation, the result of operation A ¹⁷ (A = a _h ｒ + a _l ) is λa _h ² + a _l (a _h + a _l ) with one square operation on GF ((2 ² ) ² ) and It only requires a multiplication operation.

Equation for calculating the inverse A ^-1 = a _h 'r + a _l ' of A = a _h r + a _l can be expressed by Equation 4.

when d = λa _h ² + a _l (a _h + a _l ) and d '= d ^-1 ,

a _h '= d'a _h ,

a _l '= d' (a _h + a _l ).

FIG. 1 is a block diagram of an S-Box in which an inverse operation on GF (2 ⁸ ), which is a main operation of a subbyte operation, is implemented using an inverse operation on GF (((2 ² ) ² ) ² ).

Referring to FIG. 1, the S-Box includes an inverse affine transform unit, a first multiplexer, an isomorphism deformation unit, a GF (((2 ² ) ² ) ² ) inverse calculation unit 100, An inverse isomorphism deformation unit, an affine transformation unit, and a second multiplexer are provided.

The inverse affine transform unit performs an inverse affine transform operation on the input data DATA_IN when performing a decoding operation.

The first multiplexer outputs the output data of the inverse affine converting unit when performing the decryption operation by the control signal CLK, and outputs the input data DATA_IN during the encryption operation.

The isomorphism transformation unit performs an isomorphism transformation operation on the output data of the first multiplexer.

The GF (((2 ² ) ² ) ² ) inverse operator 100 performs an inversion operation on the output data of the isomorphism deformation unit.

The inverse isomorphism transformation unit performs an inverse isomorphism transformation operation on the output data of the GF (((2 ² ) ² ) ² ) inverse calculating unit 100.

The affine transformation unit performs an affine transformation operation on the output data of the inverse isomorphism transformation unit when performing an encryption operation.

The second multiplexer outputs the output data of the affine transform unit at the time of encryption according to a control signal, and outputs the output data of the inverse isomorphism transform unit at the time of decryption.

Among the above-described calculation blocks, the inverse affine transform unit, the affine transform unit, the isomorphism transform unit, and the inverse isomorphism transform unit all perform operations on linear functions. When applying the masking technique to implement the linear function calculation in real hardware, the hardware module used when the masking technique is not applied can be used as it is. In this case, the area of use of the hardware increases, but the complexity does not increase, compared to the case where the masking technique is not applied.

However, since the operation performed by the GF (((2 ² ) ² ) ² ) inverse operator 100 is for a nonlinear function, the inverse operator GF (((2 ² ) ² ) ² ) is applied by applying a masking technique. In the case of implementing the hardware 100, the hardware module used when the masking technique is not applied cannot be used as it is. This is because, in the case of nonlinear functions, the original data cannot be easily recovered from the data calculated by applying the masking technique. Therefore, in order to solve the above problem, there is a need for an efficient method of extracting the original data from the final stage without calculating the original data and masking data while the original data in the intermediate calculation process.

2 is a block diagram of the GF (((2 ² ) ² ) ² ) inverse calculating unit 100.

Referring to FIG. 2, the GF (((2 ² ) ² ) ² ) inverse operator 100 includes three four-bit multiplication modules 200, a four-bit square operation module 210, and a four-bit constant multiplication operation module. 220, a 4-bit inversion module ( GF ((2 ² ) ² ) inversion module; 230) and two XOR operation modules.

The GF (((2 ² ) ² ) ² ) inverse calculating unit 100 uses the calculation of the partial GF ((2 ² ) ² ) to calculate the inverse in the complex GF (((2 ² ) ² ) ² ) Can be performed. In FIG. 2, a _H represents data consisting of the upper four bits of input data including a Most Significant Bit (MSB), and a _L represents data consisting of the lower four bits of the input data including a Least Significant Bit (LSB).

3 shows a block diagram of the 4-bit multiplication module 200.

Referring to FIG. 3, the four-bit multiplication module 200 includes three two-bit multiplication modules 300, one two-bit integer multiplication module 310, and four XOR calculation modules. That is, the multiplication operation on the part GF ((2 ² ) ² ) is performed using the operation on the part G F (2 ² ).

4 shows a block diagram of the 4-bit square operation module 210.

As shown in Figures 2 and 4, the 4-bit square operation module 210 performs a square operation on the 4-bit a _H.

The 4-bit constant multiplication module 220 performs a constant multiplication operation on the output data of the 4-bit square operation block 520.

5 is a block diagram of the GF ((2 ² ) ² ) inversion module 230.

Referring to FIG. 5, the GF ((2 ² ) ² ) inversion module 230 includes three 2-bit multiplication modules 500, a 2-bit square operation module, a 2-bit constant multiplication module, and a 2-bit in A version block ( GF (2 ² ) inversion module) and two XOR blocks. That is, the GF ((2 ² ) ² ) inversion module 230 performs inverse arithmetic on subpart GF ((2 ² ) ² ) using operations on part G F (2 ² ).

6 shows a logic circuit of the 2-bit multiplication module 300,500.

2 and 5, the 8-bit inversion module GF (((2 ² ) ² ) ² ) inverse calculating unit 100 shown in FIG. 2 and the 4-bit inversion module GF shown in FIG. 5 are shown. The ((2 ² ) ² ) inversion module 230 may recognize that only the data calculated in each operation module is reduced from 4 bits to 2 bits, and the constituent modules are identical to each other. In addition, since the operation in the 2-bit inversion module ( GF (2 ² ) inversion module) is the same as the 2-bit square operation, it is not a problem to implement it in hardware.

Therefore, the configuration of the 4-bit inversion module can be described in the same way from the configuration of the 8-bit inversion module, and vice versa. This is the same also in the AES inverse computing device and method using masking according to the present invention.

Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings in order to clarify the solutions of the technical problems of the present invention. However, in describing the present invention, when it is determined that the detailed description of the related known technology or configuration may make the gist of the present invention unclear, the detailed description thereof will be omitted. In addition, terms to be described later are terms defined in consideration of functions in the present invention, which may vary according to intention or custom of a user, an operator, or the like. Therefore, the definition should be made based on the contents throughout the specification.

7A and 7B illustrate the basic principles of the masking technique.

As shown in FIG. 7A, when performing a cryptographic operation without using a masking technique, plain text x, which is input source data, is a ciphertext y (y = f (x) by a function f in a cryptographic module. Will be displayed. As described above, in the case of an encryption system that does not use a masking technique, it is possible to infer the plain text x by analyzing a power curve of the encryption operation module.

m,

는 xor 연산)의 암호문 y'(y'=f(x')=f(x)

f(m))를 구한 후, 최종적으로 y를 얻기 위해 y'

m'(m'=f(m)) 연산을 수행한다. 그 결과, 공격자가 암호화 연산 중의 중간값을 알 수 없게 되어 전력분석공격은 성공할 수 없게 된다. 상기 마스킹 기법은 블록 암호의 구성에 따라 적용 방법이 달라질 수 있으며, 각각의 블록 암호에 적합한 마스킹 기법에 대한 연구가 진행되고 있다.However, as shown in FIG. 7B, when the masking technique is used, the masking data m is used to obtain the ciphertext y (y = f (x)) for the plaintext x.

m,

Is the ciphertext y '(y' = f (x ') = f (x)

f (m)) and finally y 'to get y

m '(m' = f (m)) As a result, the attacker may not know the median value during the encryption operation and the power analysis attack may not be successful. Application of the masking technique may vary according to the configuration of the block cipher, and research on a masking technique suitable for each block cipher has been conducted.

m의 암호문 y'(y'=y

m')에서 m'을 알아야 실제 원하는 암호문 y를 얻을 수 있다. 하지만, 블록 암호 알고리즘은 비선형 연산을 수행하므로, 수정되지 않은 블록 암호 시스템에 있어서 상기 m'값은 x에 따라 달라지고 상기 m'값을 중간값의 노출 없이 아는 것도 상당한 연산량을 필요로 한다. 따라서, 상기 마스킹 기법을 블록 암호 시스템에 적용하는 경우 가장 큰 비용을 차지하는 것이 바로 비선형 연산에 관한 비용이다.On the other hand, when using the masking technique, the x

ciphertext y '(y' = y in m

You need to know m 'in m') to get the actual ciphertext y. However, since the block cipher algorithm performs a nonlinear operation, in an unmodified block cipher system, the m 'value depends on x, and knowing the m' value without exposing the median requires a significant amount of computation. Therefore, the largest cost in applying the masking scheme to the block cipher system is the cost of the nonlinear operation.

8 is an example block diagram of an AES encryption system using masking in accordance with the present invention.

Referring to FIG. 8, the AES encryption system using masking includes an input register 810, a masking cryptographic calculator 820, a masking data generator 830, a key scheduler 840, a key register 850, and a controller 860. ).

AES cryptographic systems using masking according to the present invention may be more efficient when based on polynomial basis in element representation.

First, the input register 810 stores the input data INPUT and outputs the input data INPUT to the masking cryptographic calculator 820.

The masking cryptographic calculator 820 may be configured to generate masking data generated by the masking data generator 830 and round keys generated by the key scheduler 840 with respect to data input through the input register 810. ) To perform AES encryption / decryption using masking technique.

The key scheduler 840 generates a round key using the key data input through the key register 850 and provides the mask to the masking cryptographic calculator 820.

The controller 860 controls each component of the AES encryption system to perform AES encryption / decryption using masking.

Hereinafter, the operation of the masking cryptographic calculator 820 will be described in more detail.

The masking cryptographic calculator 820 performs AddRoundKey, Subbytes, ShiftRows and MixColumn steps for each round of AES using masking data. As described above, since the AddRoundKey operation, the ShiftRows operation, and the MixColumn operation among the four steps are linear operations or affine operations, they can be easily implemented by applying basic masking techniques. However, since the Subbytes operation is a nonlinear operation, it is difficult to apply a masking technique, and the hardware resource consumption is increased.

The S-Box blocks that perform the Subbytes step in the masking cryptographic calculator 820 are inverse affine transform units, first multiplexers, isomorphism transformation units, and inverses corresponding to the AES encryption system described above. Masking according to the present invention may include an inverse isomorphism deformation unit, affine transformation unit, and a second multiplexer, and also correspond to the GF (((2 ² ) ² ) ² ) inverse operator 100. AES inverse computing device used. Calculations performed by the inverse affine transformation unit, the affine transformation unit, the isomorphism transformation unit, and the inverse isomorphism transformation unit of the masking cryptographic operation unit 820 except for the masking inverse computation performed by the AES inverse calculation unit using the masking. All of these are for linear functions, so you can use the hardware modules that are used when the masking technique is not applied. Note that the input / output data of each operation module of the masking cryptographic calculator 820 is additive masked data using the masking data generated by the masking data generator 830. Of course, except for the AES inverse arithmetic apparatus using the masking, each of the calculation modules of the masking cryptographic calculator 820 may be implemented by applying an existing masking technique.

Inverse operations using masking techniques are most expensive to implement multipliers. Therefore, the AES inverse computing device using masking according to the present invention considered a method of minimizing the number of multipliers used for the masking inverse calculation.

9 is an example block diagram of an AES inverse computing device using masking in accordance with the present invention.

10 is a flowchart illustrating an example of an AES inverse calculation method using masking according to the present invention.

9 and 10, the AES inverse computing device using masking according to the present invention includes a masking field converter 910, a masking inversion calculator 920, and a masking field inverse converter 930, and is fresh masked. A portion 940 may be further included.

The AES inverse computing device using masking according to the present invention can be more efficient when based on a polynomial basis in elemental representation.

First, when an input masking value of the AES inverse arithmetic unit using the masking is defined as m = (m _h ∥ m _l ) and the output masking value is m ′ = (m _h '∥m _l '), the AES using the masking is defined. The inverse calculation performed by the inverse computing device may be expressed as follows.

First step. Calculation of d + m _d from A + m = (a _h + m _h ) r + (a _l + m _l ).

Second step. calculated from _d m d + d '+ _d m'.

Third step. Calculation of d'a _h + m _h 'from d' + m _d 'and a _h + m _h .

4th step. calculation of d '+ _d m', a + _h m _h, a _{l l} + d from the m '(a + _h a _l) m + _l'.

The AES inverse computing device using the masking outputs the result of the addition masking inverse calculation on the complex GF (((2 ² ) ² ) ² ) through the calculation results of the third and fourth steps.

All intermediate calculation values that may appear during the calculation of the AES inverse arithmetic unit using the masking should be independent of the 8-bit value of the element A and all intermediate values that can be generated from a specific constant. As will be described later, m _d and m _d ′ are input and output masking data values for masking inverse operations on GF ((2 ² ) ² ) respectively performed by the masking inversion calculator 920.

In the present specification, for convenience of description, a symbol is defined as shown in Equation 5.

.

.

. (단, d'=d^-1)

. (Where d '= d ^-1 )

The masking field transforming unit 910 of the AES inverse computing device using the masking, the partial GF using the input masking data (m) for the element (A) on the complex GF (((2 ² ) ² ) ² ) The addition masked output value d + m _d on ((2 ² ) ² ) is generated (S10). That is, the operation of the first step is performed. In this case, the masked element (A + m) on the element (A) or the composite GF (((2 ² ) ² ) ² ) is isotropic to the element on the finite body GF (2 ⁸ ) at the isomorphism modification. It is produced through the deformation of isomorphism.

Equation (6) is a mathematical expression of the operation performed by the masking field converter 910.

,

, a_h 및 m_h는 각각 상기 원소(A) 및 상기 입력 마스킹 데이터(m)의 MSB(Most Significant Bit)를 포함하는 상위 4비트 값, 그리고 a_l 및 m_l은 LSB(Least Significant Bit)를 포함하는 하위 4비트 값을 나타낸다.In Equation 6, λ is a constant polynomial P ₂ (x) = x ² + x + λ of GF (((2 ² ) ² ) ² ),

,

, a _h And m _h are upper 4 bit values including the most significant bit of the element A and the input masking data m, respectively, and a _l and m _l are lower including a Least Significant Bit (LSB). Represents a 4-bit value.

In Equation 6, when adding results (XOR operation) for each multiplication, square, and constant product, the order of calculation should be considered so as not to be associated with a meaningful intermediate value. For example, if the a + S1 operation is performed first in the operation of Equation 6, the λa _h ² value indicates a vulnerability to the power analysis attack. In addition to this simple example, if each bit of the masking value is biased towards '0' or '1' with a probability other than 0.5, this may also be vulnerable to power analysis attacks. To prevent this bias, a fresh mask (fm) should be used to remove the association with meaningful intermediate operations. The fresh mask is a kind of masking data that is used to prevent the bias of the intermediate arithmetic value data without affecting the masking value of the final result.

Accordingly, in the AES inverse arithmetic unit using masking according to the present invention, the probability that each bit value constituting the intermediate operation value using 4 bits of fresh masking data fm is equal to another bit value in the intermediate operation value. It may further include the fresh masking unit 940 to perform the addition masking to appear.

  When using the fresh masking data fm and considering the calculation order to increase safety, Equation 6 may be modified as in Equation 7.

11 illustrates a specific example of the masking field converter 910 using fresh masking data.

Referring to FIG. 11, the masking field converter 910 is implemented to perform the operation of Equation 7, and exclusive logical sum arithmetic elements related to fresh masking are indicated by hatching.

The fresh masking data may be a 4-bit random number generated separately, but in one embodiment of the present invention, the fresh masking unit 940 is higher among the output masking values m 'of the AES inverse calculating device using the masking. A 4 bit value (m _h ') or a lower 4 bit value (m _l ') can be used as the fresh masking data to further reduce the random number generation cost. This is because the m _h 'value or the m _l ' value is a random number that is not related to other values when calculating Equation 7 and does not affect safety.

Subsequently, the masking inversion calculation unit 920 uses the masking data m _d for the addition masked output value d + m _d of the masking field converter 910 to generate the partial GF ((2). ^{2) 2)} to produce the inversion (inversion) operation value _(d '+ m d') addition of masking on (S12). That is, the operation of the second step is performed.

In one embodiment, the masking inversion calculation unit 920 is the upper four-bit value (m _h ') or the lower four-bit value (m _l ') of the output masking value (m ') of the AES inverse arithmetic unit using the masking. ) Can be used as the masking data (m _d ) to reduce the random number generation cost and increase the computational efficiency. This is because the m _h 'value or the m _l ' value is a random number that is not related to other values when calculating Equation 7 and does not affect safety. It should be noted that the masking data m _d corresponds to an upper 4 bit value m _h 'or a lower 4 bit value m _l ' of an output masking value m 'of the AES inverse arithmetic unit using the masking. In this case, the fresh masking unit 940 preferably uses the lower 4-bit value m _l 'or the upper 4-bit value m _h ' as the fresh masking data, respectively. The reason for this is that in the case of fm = m _d = (m _h 'or m _l '), in (7), the ((fm + a) + M1) + ((m _d + b) + M2) operation is ( This can be performed by a + M1 + b + M2) type of operation, so using a value of fm ≠ m _d can further ensure safety.

As will be described again below, the masking inversion calculation unit 920 performs an inversion operation on the sub-part GF ((2 ² ) ² ) by using an operation on the sub-part GF (2 ² ). AES inverse computation using the masking to perform inversion operations on subpart GF (((2 ² ) ² ) ² ) using operations on subpart GF ((2 ² ) ² ) except that it is a 4-bit value. It can be implemented on the same principle as the device.

Next, the masking field inverse transform unit 930 multiplies the partial mask GF ((2 ² ) ² ) with respect to the addition masked inversion operation value d '+ m _d ' of the masking inversion calculator 920. And an additive masked inverse calculation result (A ^-1 + m) on the complex GF (((2 ² ) ² ) ² ) corresponding to the element (A) using an exclusive logic sum (XOR) operation and a field conversion. ') Is generated (S14). That is, the third step and the fourth step are performed to generate an output value A ⁻¹ + m ′ of the AES inverse calculating device using the masking.

The masking field inverse transform unit 930 may be represented by Equation (8).

이다. 상기 수학식 8은 프레시 마스킹 데 이터(fm)로서 m_l'을 사용하고 상기 마스킹 인버젼 연산부(920)의 입력 마스킹 값이 되는 상기 마스킹 데이터(m_d)로서 m_h'를 사용한 경우이다. 이 경우, m_d'=m_h 이다. 상기 수학식 8에서 m_l'을 이용한 두 번의 덧셈을 통하여 각각의 덧셈 연산의 결과가 중간 연산값과 완벽하게 연관성이 없는 데이터가 되도록 한다.In Equation 8,

to be. Equation (8) is the case where m _l 'is used as the fresh masking data fm and m _h ' is used as the masking data m _d which becomes the input masking value of the masking inversion calculator 920. In this case, m _d '= m _h . In the above Equation 8, through two additions using m _l ', the result of each addition operation is data that is not completely related to the intermediate operation value.

In order to first consider the calculation order in order to increase safety, Equation 8 may be modified as in Equation 9.

If the masking field inverse transform unit 930 performs the fourth step operation mathematically, it is expressed by Equation 10.

Equation 10 is used when m _l 'is used as the fresh masking data fm and m _h ' is used as the masking data m _d , which is an input masking value of the masking inversion calculation unit 920.

Like Equation 7 and Equation 9, when Equation 10 is considered in order to increase safety, Equation 10 may be modified as in Equation 11.

The masking field inverse transform unit 930 converts fields of d'a _h + m _h 'and d' (a _h + a _l ) + m _l ', which are the calculation result values of the third and fourth steps. The addition masked inverse calculation result (A ^-1 + m ') on the complex GF (((2 ² ) ² ) ² ) corresponding to the element (A) is generated.

12 illustrates a specific example of the masking field inverse transform unit 930 using fresh masking data.

Referring to FIG. 12, the masking field inverse transform unit 930 is implemented to perform the operations of Equations 9 and 11, and exclusive logical sum computation elements related to fresh masking are indicated by hatching.

As mentioned above, the mask inversion operation unit 920 in the end portion of body GF ⁽⁽² 2) 2) operation part body ^{GF (((2 2) 2} ) 2) using an on performing the inversion operation on the It can be implemented on the same principle as the AES inverse arithmetic unit using the masking. That is, the calculation data of each computing element that performs multiplication, square, constant product, and exclusive logical sum operations is reduced from 4 bits to 2 bits, and the constituent modules can be configured identically to each other.

Accordingly, the masking inversion calculator 920 may add masking on the partial GF 2 ² using the masked output value d + m _d and the masking data m _d . sub masking field conversion unit, the sub-mask field conversion unit plus the masking on the part body GF ⁽² 2) addition using a masking data of two bits for masking the output part body GF ⁽² 2) on to produce a output value A multimask and exclusive logical sum operation on subfield GF (2 ² ) and a field transform on a submasking inversion operation unit that generates a calculated inversion operation value, and the addition masked inversion operation value of the submasking inversion operation unit. A submasking field inverse transform unit for generating an additive masked inverse calculation result on the subfield GF ((2 ² ) ² ) corresponding to the additive masked output value of the masking field transform unit It may include.

In one embodiment, the AES inverse arithmetic apparatus using masking or the AES cryptographic system using the same may be implemented in the form of a system on chip on a microprocessor. If the present invention is implemented in a microprocessor, the size of various systems can be reduced, the assembly process can be simplified, and manufacturing costs can be reduced.

Hereinafter, the safety and efficiency of the present invention will be verified.

safety

The present invention is the following Lemma The safety can be verified by. The following Lemma 's proof is described in Oswald's paper (E. Oswald, S. Mangard, N. Prastaller, and V. Rijmen., "A Side-Channel Analysis Resistant Description of the AES S-box," FSE 2005, LNCS 3557, pp. .3-423, Springer, 2005.)

Lemma 1) When element a is an element of GF (2 ⁿ ) and m _a is a value chosen by an even distribution over GF (2 ⁿ ) independent of _a , a + m _a is independent of a.

Lemma 2) When elements a, b are elements of GF (2 ⁿ ), and m _a , m _b are values chosen by an even distribution over GF (2 ⁿ ) independent of a, b, then (a + m _a (b + m _b ) is independent of a and b.

Lemma 3) When element a is an element of GF (2 ⁿ ) and m _a , m _b is a value chosen by an even distribution over GF (2 ⁿ ) independent of a, (a + m _a ) m _b is is independent of a.

Lemma 4) When element a is an element of GF (2 ⁿ ) and element λ is a fixed constant value at GF (2 ⁿ ), m _a is equally distributed over GF (2 ⁿ ) independent of a, λ. (A + m _a ) ² λ is independent of a if it is a selected value.

efficiency

Table 1 compares the present invention and conventional inverse algorithms.

In Table 1, the comparison with the conventional method centers on a higher order operation ( GF ((2 ² ) ² ) multiplication operation, GF ((2 ² ) ² ) square operation, GF ((2 ² ) ² ) constant product operation). Was done. The sub operation, GF ((2 ² ) ² ), is not very different in the five methods and is not taken into account because its cost is significantly smaller than that of the upper operation. In addition, since inverse operations in GF ((2 ² ) ² ) are similarly applied to higher-order operations, the cost for all inverse operations is proportional to the cost of higher-order operations. Multiply and square operations of GF ((2 ² ) ² ) have a large cost difference. The actual multiplication cost of GF ((2 ² ) ² ) requires about 5.5 times the number of gates than the square cost and about 7.5 times the constant product. Therefore, reducing the amount of multiplication in the AES S-Box inverse operation is the key to cost reduction.

Among the existing methods of Table 1, the Akkar method is a multiplication masking method, the Blomer method is an addition masking method for multiplication, and the Oswald method and the Zakeri method apply a masking scheme for the entire structure of the inverse operation.

As shown in Table 1, the present invention has a gate reduction effect of about 10.5% compared to the normal bases based Zakeri method, which is known to be the most efficient in terms of conventional inverse masking methods, and thus hardware efficiency. And improve computation speed.

So far, the present invention has been described with reference to the embodiments. However, one of ordinary skill in the art will appreciate that the present invention can be implemented in a modified form without departing from the essential technical spirit of the present invention. Therefore, the disclosed embodiments should be considered in an illustrative rather than a restrictive sense. That is, the true technical scope of the present invention is shown in the appended claims, and all differences within the equivalent scope will be construed as being included in the present invention.

1 is a block diagram illustrating an S-Box implementing inverse operations on GF (2 ⁸ ) using inverse operations on GF (((2 ² ) ² ) ² ).

2 is a block diagram showing a GF (((2 ² ) ² ) ² ) inverse calculating unit;

3 is a block diagram illustrating a 4-bit multiplication module.

4 is a block diagram illustrating a 4-bit squared operation module.

5 is a block diagram illustrating a GF ((2 ² ) ² ) inversion module.

6 illustrates a logic circuit of a 2-bit multiplication module.

7A and 7B illustrate the basic principle of a masking technique.

8 is a block diagram showing an example of an AES encryption system using masking according to the present invention.

9 is a block diagram showing an example of an AES inverse computing device using masking according to the present invention;

10 is a flowchart showing an example of an AES inverse calculation method using masking according to the present invention;

Fig. 11 is a block diagram showing a specific example of a masking field converter using fresh masking data.

Fig. 12 is a block diagram showing a concrete example of a masking field inverse transform unit using fresh masking data.

Claims (20)

A masking field transform unit for generating an additive masked output value on the subpart GF ((2 ² ) ² ) using first masking data on the element A on the complex GF (((2 ² ) ² ) ² ); A masking inversion calculation unit configured to generate an addition masked inversion operation value on the partial GF ((2 ² ) ² ) using second masking data with respect to the addition masked output value of the masking field converter; And The masking inversion calculation unit corresponds to the element (A) using a multiplication and an exclusive logical sum operation on the subfield GF ((2 ² ) ² ) and a field conversion with respect to the addition masked inversion operation value. An AES inverse computing device using masking comprising a masking field inverse transform unit for generating an additive masked inverse computing result on a composite GF (((2 ² ) ² ) ² ). The method of claim 1, The apparatus for calculating the AES inverse using the masking is based on a polynomial basis in the element representation. The method of claim 1, The element (A) on the complex GF (((2 ² ) ² ) ² ) of the masking field transform unit is generated by isomorphism modification of an element on the finite body GF (2 ⁸ ). AES inverse arithmetic unit using masking. The method of claim 1, The masking inversion calculation unit may be configured to use an upper 4 bit value or a lower 4 bit value among the output masking values of the result of the addition masking inverse operation on the complex GF (((2 ² ) ² ) ² ) as the second masking data. AES inverse arithmetic unit using masking. The method of claim 1, Each component included in the AES inverse arithmetic unit using the masking may have different bit values constituting an intermediate operation value generated by each of the components using four bits of third masking data. An AES inverse computing device using masking, further comprising: a fresh masking unit that performs addition masking so that a probability equal to a bit value appears. The method of claim 5, The fresh masking unit may use, as the third masking data, an upper 4 bit value or a lower 4 bit value among the output masking values of the addition masked inverse calculation result on the complex GF (((2 ² ) ² ) ² ). AES inverse arithmetic unit using masking. The method of claim 5, The fresh masking unit, when the second masking data corresponds to an upper 4 bit value or a lower 4 bit value among the output masking values of the result of the addition masking inverse operation on the complex GF (((2 ² ) ² ) ² ), And a lower 4 bit value or a higher 4 bit value among the output masking values, respectively, as the third masking data. The method of claim 1, AES inverse operation unit using a mask, characterized in that to carry out the masked version of the calculation unit, the partial body GF ⁽²²⁾ GF said body portion by an operation on the ((2 ^{2) 2)} on the inversion calculation. The method of claim 1, The masking inversion calculation unit, A sub masking field converter configured to generate an additive masked output value on a part GF (2 ² ) by using the masked output value of the masking field converter and the second masking data; A sub mask that generates an additive masked inversion operation value on the sub-part GF (2 ² ) by using 4 bits of masking data with respect to the added masked output value on the sub-part GF (2 ² ) by the sub masking field converter A masking inversion calculator; And A portion corresponding to the additive masked output value of the masking field transform unit by using a multiplication and an exclusive logical sum operation on the subfield GF (2 ² ) and a field transform on the addition masked inversion operation value of the sub masking inversion operator. And an inverse masking field inverse transform unit for generating an additive masked inverse calculation result on sieve GF ((2 ² ) ² ). An AES encryption system for performing S-box operations using an AES inverse computing device using masking according to any one of claims 1 to 9. A masking field transform step of generating an additive masked output value on subpart GF ((2 ² ) ² ) using first masking data for element A on complex GF (((2 ² ) ² ) ² ); A masking inversion calculation step of generating an addition masked inversion operation value on the partial GF ((2 ² ) ² ) using second masking data with respect to the addition masked output value of the masking field conversion step; And The complex GF corresponding to the element (A) using a multiplication and an exclusive logical sum operation on the partial GF ((2 ² ) ² ) and a field transform on the addition masked inversion operation value of the masking inversion operation step. A masking field inverse transform step of generating an additive masked inverse computation result of ((2 ² ) ² ) ² ). The method of claim 11, The method of calculating the AES inverse using the masking, the method of calculating the AES inverse using the masking, characterized in that based on the polynomial basis (polynomial basis) in the element representation. The method of claim 11, The element (A) on the complex GF (((2 ² ) ² ) ² ) in the masking field transformation step is generated through isomorphism modification of the element on the finite body GF (2 ⁸ ). AES inverse calculation method using masking. The method of claim 11, The masking inversion operation may include using an upper 4 bit value or a lower 4 bit value among the output masking values of the result of the addition masked inverse operation on the complex GF (((2 ² ) ² ) ² ) as the second masking data. AES inverse calculation method using masking, characterized in that the step. The method of claim 11, In each step of the AES inverse calculation method using the masking, each bit value constituting the intermediate operation value of each step using 4 bits of third masking data has the same probability as other bit values in the intermediate operation value. And a fresh masking step of performing addition masking so as to appear. The method of claim 15, The fresh masking step may include using an upper 4 bit value or a lower 4 bit value among the output masking values of the result of the addition masking inverse operation on the complex GF (((2 ² ) ² ) ² ) as the third masking data. AES inverse calculation method using masking, characterized in that. The method of claim 15, The fresh masking step may include: when the second masking data corresponds to an upper 4 bit value or a lower 4 bit value of an output masking value of an addition masked inverse operation result on the complex GF (((2 ² ) ² ) ² ) And using a lower 4-bit value or an upper 4-bit value among the output masking values as the third masking data, respectively. The method of claim 11, The mask inversion operation step, the partial body GF ⁽² 2) computing the portion of body GF ⁽⁽² 2) 2) using an on AES inverse calculation using the masking characterized in that the step of performing inversion operation on the Way. The method of claim 11, The masking inversion calculation step, A sub masking field transformation step of generating an additive masked output value on the part GF (2 ² ) by using the addition masked output value and the second masking data of the masking field transformation step; Using the sub-mask field plus a fourth masking data of two bits for the masked output values on the partial body GF ⁽² 2) for conversion to produce the addition masked inversion operation values on the partial body GF ⁽² 2) A sub masking inversion calculation step; And Corresponding to the addition masked output value of the masking field transform step by using a multiplication and an exclusive logical sum operation on subfield GF (2 ² ) and a field transform on the addition masked inversion operation value of the sub masking inversion operation step. A sub-masking field inverse transform step of generating an additive masked inverse arithmetic result on sub-element GF ((2 ² ) ² ). 20. An AES encryption method for performing an S-box operation using the AES inverse calculation method using masking according to any one of claims 11 to 19.

Images