KR20130022475A - Method of arranging data automatically for side channel analysis and side channel analysis apparatus performing the same - Google Patents

Method of arranging data automatically for side channel analysis and side channel analysis apparatus performing the same Download PDF

Info

Publication number
KR20130022475A
KR20130022475A KR1020110084742A KR20110084742A KR20130022475A KR 20130022475 A KR20130022475 A KR 20130022475A KR 1020110084742 A KR1020110084742 A KR 1020110084742A KR 20110084742 A KR20110084742 A KR 20110084742A KR 20130022475 A KR20130022475 A KR 20130022475A
Authority
KR
South Korea
Prior art keywords
waveform data
alignment
data
waveform
sorting
Prior art date
Application number
KR1020110084742A
Other languages
Korean (ko)
Inventor
김주한
최두호
Original Assignee
한국전자통신연구원
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 한국전자통신연구원 filed Critical 한국전자통신연구원
Priority to KR1020110084742A priority Critical patent/KR20130022475A/en
Publication of KR20130022475A publication Critical patent/KR20130022475A/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2207/00Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F2207/72Indexing scheme relating to groups G06F7/72 - G06F7/729
    • G06F2207/7219Countermeasures against side channel or fault attacks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Tests Of Electronic Circuits (AREA)

Abstract

Disclosed are a data automatic alignment method for subchannel analysis and a subchannel analysis apparatus using the same. The automatic data sorting method for subchannel analysis defines a part of the collected waveform data as a test set, sets the preset parameters for the determined test set, generates compressed waveform data using the preset parameters, and After arranging the compressed waveform data, the aligned compressed waveform data is moved to the waveform data position of the test set to generate aligned waveform data, and after the collected waveform data is aligned using a pre-parameter, the collected waveform Selective sorting is performed selectively according to the data sorting result. Therefore, parameters can be set automatically without user input, more accurate sorting results can be obtained by performing compression sorting and partial sorting, and the efficiency of data automatic sorting required for subchannel analysis can be reduced by reducing the input error of sorting parameters. Can be improved.

Description

Method for automatic data sorting for subchannel analysis and subchannel analysis device for performing the same {METHOD OF ARRANGING DATA AUTOMATICALLY FOR SIDE CHANNEL

The present invention relates to subchannel analysis, and more particularly, to an automatic data sorting method for subchannel analysis for aligning collected waveform data for subchannel analysis, which is used as a method of obtaining secret information for secure electronic equipment. It relates to a subchannel analysis apparatus for performing this.

Devices with encryption algorithms generate a secret key to prevent information manipulation or information leakage, and the information is encrypted and protected by the encryption algorithm. While the cryptographic algorithm is running, subchannel information leakage such as algorithm execution time, power consumption, and electromagnetic wave emission occurs. Attack methods using subchannel information are called side channel attacks. Such subchannel attacks include parallax attacks, power analysis attacks, and error attacks.

Side channel analysis is the analysis of information generated by security devices that perform encryption algorithms to prevent side channel attacks.

Since Side Channel Attack was introduced by Kocher et al. (U.S. Patent Publication No. 2002-0124178, Differential Power Analysis method and apparatus), theoretical and experimental studies have been conducted by many research groups.

For example, the sub-channel analysis method may be used to extract secret information such as key values by statistically using electromagnetic waves leaked from security electronic devices such as smart cards. In this case, using an analog / digital conversion data collection and analysis system using power consumption or other characteristics of the equipment, statistical analysis may be performed every time a cryptographic operation is performed on the equipment, thereby obtaining all or some key information.

1 is a conceptual diagram illustrating an exemplary configuration of a conventional subchannel analyzer.

Referring to FIG. 1, a conventional subchannel analyzer collects from a leak information collecting device 120, such as an oscilloscope, which collects a plurality of repeated leak information from an analysis target device 110, and a leak information collecting device 120. It is composed of arithmetic unit 130 for receiving the received data to perform a sub-channel analysis operation.

The operation of such a subchannel analyzer includes a waveform collection step of repeatedly collecting a waveform of leakage information using an oscilloscope and storing the same in an arithmetic unit, and processing a waveform to easily process waveform data collected by the arithmetic unit for subchannel analysis. Step, and the analysis operation step of analyzing to obtain secret information from the processed waveform data in the computing device, each step is carried out sequentially.

In the waveform processing step, data calculation is generally performed independently for each individual waveform data, and data analysis in the analysis calculation step is performed for the entire waveforms.

As such, subchannel analysis can take several to tens of hours of data processing and computation time on a single system, depending on the subject of the analysis. In order to reduce the computation time required for such an analysis, a parallel computing technique using multiple CPU cores in a conventional single system and a method using a graphics processing unit (GPU) in a video card are known.

On the other hand, sub-channel analysis is a method of processing a plurality of waveform data, and calculates the correlation between the waveform data and the expected secret information to find the secret information. Therefore, in such subchannel analysis, preprocessing to sort, filter and remove noise of collected waveform data is required before inputting the waveform data into the analysis model for subchannel analysis. It is necessary to determine the parameter values needed to sort the data.

The alignment of the waveforms is one of the important prerequisites for finding leaking secret information. This is because even if multiple waveforms leaked from the same secret device are correlated with the same position (which contains secret information), it is important to align these positions so that the secret information can be estimated with a smaller number of waveforms and more clearly correlated. . For example, if the waveform of the IC algorithm security algorithm is collected, a plurality of waveforms are repeatedly collected by triggering a section in which the security algorithm operates. However, depending on the IC card, each waveform may not be measured very accurately due to various factors such as the presence of a random frequency and an incomplete trigger, and may delay or come out of the time axis little by little. In other words, as the desired analysis position is widely distributed, the correlation becomes inferior, which is mixed with other noises in the analysis and acts as an obstacle to the analysis. Therefore, the waveforms can be analyzed using various methods such as global alignment using the correlation of the entire waveform, global waveform alignment using the feature interval, elastic alignment using DTW, and the like. Aligning analysis positions by moving them left and right on the time axis plays an important role in increasing the number and correlation of waveforms required for analysis.

For example, conventional methods require the user to adjust the parameters according to the characteristics of the waveform (size, which parts to compare, how much to compare, how much to move the comparing portion, etc.), and the shape of the waveform. The more complicated and longer the waveform is, the more difficult it is to adjust its parameters without specialized skills or experience.

In addition, the conventional preprocessing alignment method is inefficient, even if the parameters are well known, when the length of the waveform data becomes long, the time required for the alignment of the waveform data increases rapidly. In addition, the waveform data collected according to the device has a disadvantage that it is not partially aligned even after data alignment.

SUMMARY OF THE INVENTION An object of the present invention for overcoming the above disadvantages is to perform the alignment of waveform data without user input for complex parameters in aligning the collected waveform data for subchannel analysis, the alignment time of the waveform data and It is to provide a data automatic sorting method for subchannel analysis that can improve the sorting effect.

According to an aspect of the present invention, an automatic data sorting method for subchannel analysis includes defining a part of collected waveform data as a test set, and pre-parameters for the determined test set. And setting the pre-set parameters to the test set, performing the alignment of the collected waveform data using the determined alignment parameter, and arranging the collected waveform data. And selectively performing partial alignment on the waveform data correspondingly.

As described above, the data auto-sorting method for subchannel analysis defines a part of the collected data as a test set, determines preliminary parameters for automatic setting, and generates and arranges compressed waveform data using the determined parameters. We use the data autosort method for subchannel analysis, which aligns the entire waveform data and compares the result of the alignment of each waveform data portion to perform partial alignment of out-of-range portions.

Therefore, automatic parameter setting, compression sorting, and partial sorting can be performed without user input to obtain more accurate sorting results, and input errors for sorting method and sorting parameters for waveform data acquired for subchannel analysis. By reducing the number of errors and trial and error, the efficiency of data automatic alignment required for subchannel analysis can be improved.

1 is a conceptual diagram illustrating an exemplary configuration of a conventional subchannel analysis apparatus.
2 is a block diagram illustrating a configuration of a subchannel analysis apparatus to which a waveform data alignment method for subchannel analysis according to an exemplary embodiment of the present invention is applied.
3 is a block diagram illustrating a detailed configuration of a waveform data alignment parameter determiner of a subchannel analysis apparatus according to an exemplary embodiment of the present invention.
4 is a flowchart illustrating a waveform data alignment method for subchannel analysis according to an embodiment of the present invention.

While the invention is susceptible to various modifications and alternative forms, specific embodiments thereof are shown by way of example in the drawings and will herein be described in detail.

It should be understood, however, that the invention is not intended to be limited to the particular embodiments, but includes all modifications, equivalents, and alternatives falling within the spirit and scope of the invention.

The terminology used herein is for the purpose of describing particular example embodiments only and is not intended to be limiting of the present invention. Singular expressions include plural expressions unless the context clearly indicates otherwise. In this application, the terms "comprise" or "have" are intended to indicate that there is a feature, number, step, operation, component, part, or combination thereof described in the specification, and one or more other features. It is to be understood that the present invention does not exclude the possibility of the presence or the addition of numbers, steps, operations, components, components, or a combination thereof.

Unless defined otherwise, all terms used herein, including technical or scientific terms, have the same meaning as commonly understood by one of ordinary skill in the art. Terms such as those defined in commonly used dictionaries should be interpreted as having a meaning consistent with the meaning in the context of the relevant art and are to be interpreted in an ideal or overly formal sense unless explicitly defined in the present application Do not.

Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings. In order to facilitate the understanding of the present invention, the same reference numerals are used for the same constituent elements in the drawings and redundant explanations for the same constituent elements are omitted.

2 is a block diagram illustrating a configuration of a subchannel analysis apparatus to which a data sorting method for subchannel analysis is applied according to an exemplary embodiment of the present invention.

Referring to FIG. 2, the subchannel analysis apparatus 200 according to the present invention may include a waveform collector 210, a waveform processor 230, an intermediate value calculator 240, and an analyzer 250. have.

In addition, the sub-channel analysis apparatus 200 according to the present invention includes a waveform data alignment parameter determiner 220 for performing the waveform data alignment method according to the present invention. In this case, the alignment parameters determined by using a part of the waveform data transferred from the waveform collector 210 in the waveform data alignment parameter determiner 220 are input to the waveform processor 230 and are aligned with respect to all collected parameters. It can be configured to perform.

For reference, the roles of the waveform collector 210, the waveform processor 230, the intermediate value calculator 240, and the analyzer 250 will be described in detail.

First, the waveform collector 210 is a component that receives waveform data. The waveform collector 210 may be configured of an external measuring device for collecting leakage information (power consumption, electromagnetic wave, etc.) leaked from the target security electronic device, and an oscilloscope connected to the measuring device. That is, it may be configured to measure the leakage information by using an external measuring device, and to collect waveform data through the oscilloscope. Next, the waveform processing unit 230 is a component that receives at least a portion of the waveform data collected by the waveform collecting unit 210 to be easily processed. Next, the intermediate value calculator 240 is a component that receives at least a portion of the waveform data processed by the waveform processor 230 and calculates an intermediate value necessary for subchannel analysis. Finally, the analyzer 250 receives all of the median values calculated from the intermediate value calculator 240 and generates a subchannel analysis result for the entire waveform.

Meanwhile, in FIG. 2, the waveform data alignment parameter determiner 220 is illustrated as a separate component from the waveform collector 210 and the waveform processor 230, but the waveform data alignment parameter determiner 220 may collect the waveform. It may exist as a subcomponent present in the part, or may exist as a subcomponent present in the corrugated processing portion. That is, it should be noted that the waveform data alignment parameter determiner 220 is merely a name of a functionally separated component, not a physically separated component.

3 is a block diagram illustrating a detailed configuration of a waveform data alignment parameter determination unit of a subchannel analysis apparatus according to the present invention.

Referring to FIG. 3, the waveform data alignment parameter determiner 220 operating together with the waveform processor 230 may again include a test set definer 221, a pre-parameter setter 222, and a pre-alignment tester 223. It may be configured to include.

The test set defining unit 221 is a component that defines a part of the collected waveform data as a test set for determining a parameter for automatic alignment. The collected waveform data refers to waveform data obtained from an external measurement device for collecting leakage information (power consumption, electromagnetic waves, etc.) leaked from a target security electronic device by the waveform collector 210 described above and an oscilloscope connected to the measurement device. it means.

The dictionary parameter setting unit 222 is an element that arbitrarily sets an initial value of a prior parameter for automatically setting the parameters for the test set determined by the test set defining unit 221.

The pre-sort test unit 223 performs the sort using the test set. In detail, the compressed waveform data is generated in the test set according to the compression ratio using the set parameters. The generated compressed waveform data is aligned using the parameters related to the compressed waveform among the parameters set in the parameter test progress unit 222. When the original waveform data is moved by multiplying this movement position by the compression ratio, aligned waveform data is generated. After generating the aligned waveform data, the accuracy of the prior parameters is verified to determine the prior parameter values.

The finally determined alignment parameter is output to the waveform processing unit 230, and the waveform processing unit 230 compares the alignment result of each waveform data portion using the determined alignment parameter. The waveform processing unit 230 performs partial alignment of the portion of the compared waveform data portion outside the range of the standard deviation.

4 is a flowchart illustrating a waveform data alignment method for subchannel analysis according to an embodiment of the present invention.

Referring to FIG. 4, the waveform data sorting method according to the present invention includes a test set definition step 410, a pre-parameter setting step 420, a pre-alignment test step 430, and a full waveform data alignment verification step 440. Can be configured.

Here, the test set definition step 410, the pre-parameter setting step 420, and the pre-alignment test step 430 are steps performed by the waveform data alignment parameter determiner 220 described with reference to FIGS. 2 and 3. The full waveform data alignment verification step 440 is a step performed by the waveform processing unit 230 using the alignment parameters determined through the steps 410, 420, and 430 in the waveform data alignment parameter determiner 220. .

Test set definition step 410 defines part of the collected waveform data as a test set for determining parameters for automatic alignment.

The pre-parameter setting step 420 is a step of performing a pre-parameter test for automatically setting the parameters for the test set determined in the test set definition step 410.

At this time, in the preparameter test, parameters necessary for the alignment according to the waveform length-for example, window size (window size, comparison section), threshold (maximum amount of movement of the comparison section), step size (step size) At a time), compression ratio (determining the amount of compression of waveform data to perform basic alignment), sub-window size and sub-threshold required for partial alignment when performing partial alignment. Arbitrarily set parameters such as threshold, sub-step size, and overlap size (parameters indicating whether windows can be overlapped and partially overlapped when partially aligned) to predetermined values do.

The pre-alignment test step 430 generates compressed waveform data in the test set according to the compression ratio using the parameters set in the pre-parameter setting step 420 (step 431). The compressed waveform data generated as described above is aligned using the compressed waveform parameter set in the pre-parameter setting step 420 (step 432). When the original waveform data is moved by multiplying this movement position by the compression ratio, aligned waveform data is generated (step 433). After generating the aligned waveform data, the accuracy of the preparameters is verified to determine the preparameter values.

For example, if the test set waveform has a length of 100,000 points, a compression ratio of 10 generates 10,000 points of compressed waveform data. Compressed waveform data is sorted by setting the window size as 8,000 points, the threshold value as 2,000, and the step size as 1 as parameters of this compressed waveform. When the aligned position is multiplied by the compression ratio and moved to the original waveform data, waveform data aligned within 10 points of the compression ratio is generated. By arranging the waveform data with a window size of 80,000 points, a threshold of 10 and a step size of 1, relatively well-arranged waveform data can be generated in a very short time.

When verifying the parameter value, if the maximum moving distance of the waveform data comparison section of the test set is similar to the threshold, it is used to align the waveform data by resetting the threshold higher. That is, if the moving distance of the waveform data moved for actual alignment is much shorter than the threshold, the threshold and window size are readjusted similarly to the actual moving distance for the alignment speed. However, when the test result through the test set through the test set is similar to the threshold, it is preferable to use the waveform value to realign the waveform data by resetting the threshold to be larger.

Through the above-described process, the pre-parameters set in the pre-parameter setting step 420 are verified to determine the alignment parameters for aligning the waveform data.

Finally, in the full waveform data alignment verification step 440, the result of the alignment of each waveform data portion is compared using the determined alignment parameter, and the portion of the compared waveform data portion outside the standard deviation range performs partial alignment. Here, the dissimilar results of the aligned waveform data portion may appear to be well aligned but are not actually aligned. Therefore, the unaligned portion is detected through the full waveform data alignment verification as in step 440, and the detected portion is not. Partial sorting is performed to improve the alignment accuracy of all waveform data.

It will be apparent to those skilled in the art that various modifications and variations can be made in the present invention without departing from the spirit or scope of the present invention as defined by the following claims It can be understood that

200: sub-channel analysis unit 210: waveform collector
220: waveform data alignment parameter determiner
221: test set definition unit 222: pre-parameter setting unit
223: pre-alignment test section 230: waveform processing section
240: median calculation unit 250: analysis unit

Claims (1)

Defining a portion of the collected waveform data as a test set;
Setting pre-parameters for the determined test set;
Applying the preset parameter to the test set to perform alignment on the test set;
Verifying the preliminary parameters based on the alignment result of the test set to determine an alignment parameter;
Performing alignment of the collected waveform data using the determined alignment parameter; And
And selectively performing partial alignment on the waveform data according to the arrangement result of the collected waveform data.






KR1020110084742A 2011-08-24 2011-08-24 Method of arranging data automatically for side channel analysis and side channel analysis apparatus performing the same KR20130022475A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020110084742A KR20130022475A (en) 2011-08-24 2011-08-24 Method of arranging data automatically for side channel analysis and side channel analysis apparatus performing the same

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020110084742A KR20130022475A (en) 2011-08-24 2011-08-24 Method of arranging data automatically for side channel analysis and side channel analysis apparatus performing the same

Publications (1)

Publication Number Publication Date
KR20130022475A true KR20130022475A (en) 2013-03-07

Family

ID=48175118

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020110084742A KR20130022475A (en) 2011-08-24 2011-08-24 Method of arranging data automatically for side channel analysis and side channel analysis apparatus performing the same

Country Status (1)

Country Link
KR (1) KR20130022475A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101367174B1 (en) * 2011-12-14 2014-02-27 한국전자통신연구원 Method and apparatus for providing data arrangement for side channel analysis
KR101480904B1 (en) * 2013-09-25 2015-01-13 한국전자통신연구원 Apparatus and method for selecting waveform for side-channel analysis

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101367174B1 (en) * 2011-12-14 2014-02-27 한국전자통신연구원 Method and apparatus for providing data arrangement for side channel analysis
KR101480904B1 (en) * 2013-09-25 2015-01-13 한국전자통신연구원 Apparatus and method for selecting waveform for side-channel analysis

Similar Documents

Publication Publication Date Title
US10320555B2 (en) Method of testing the resistance of a circuit to a side channel analysis of second order or more
Oswald et al. Breaking Mifare DESFire MF3ICD40: Power analysis and templates in the real world
US20160140340A1 (en) Side-channel leakage evaluator and analysis kit
Durvaux et al. How to certify the leakage of a chip?
US11036891B2 (en) Testing resistance of a circuit to a side channel analysis
KR20130022475A (en) Method of arranging data automatically for side channel analysis and side channel analysis apparatus performing the same
KR20160114252A (en) Method for processing side channel analysis
Bossuet et al. Emulating side channel attacks on gem5: lessons learned
Korak et al. Attacking an AES-enabled NFC tag: Implications from design to a real-world scenario
KR101367174B1 (en) Method and apparatus for providing data arrangement for side channel analysis
CN105046113B (en) Android software based on randomness test reinforces detection method
CN108011707B (en) Frequency security analysis system and method for hardware encryption equipment
KR20120035073A (en) Method of arranging waveform data for side channel analysis and side channel analysis apparatus using the same
Stone et al. Radio frequency based reverse engineering of microcontroller program execution
KR20140077404A (en) Method and apparatus for providing side channel analysis
Walters et al. Sleak: A side-channel leakage evaluator and analysis kit
KR100926749B1 (en) 2nd differential power analysis attack method and 2nd differential electromagnetic analysis attack method
KR101141600B1 (en) Apparatus for measuring power consumption and generating a trigger for side channel analysis and method thereof
Korak et al. Minimizing the costs of side-channel analysis resistance evaluations in early design steps
KR20120035074A (en) Side channel analysis method of removing waveform data noise by using noise model and side channel analysis apparatus using the same
KR20120033618A (en) Side channel analysis apparatus processing data parallel for fast side channel analysis and method thereof
CN114355036A (en) Trigger signal generation device and method and chip test system
Zhao et al. An Optimization for Differential Power Analysis Based on Time Series Verification
CN112131563B (en) Template attack testing method, device, equipment and storage medium
Peng et al. Framework for efficient sca resistance verification of iot devices

Legal Events

Date Code Title Description
WITN Withdrawal due to no request for examination