WO2011071063A1 - Dispositif d'évaluation de la résistance à une attaque par canal latéral, procédé d'évaluation de la résistance à une attaque par canal latéral et programme pour celui-ci - Google Patents

Dispositif d'évaluation de la résistance à une attaque par canal latéral, procédé d'évaluation de la résistance à une attaque par canal latéral et programme pour celui-ci Download PDF

Info

Publication number
WO2011071063A1
WO2011071063A1 PCT/JP2010/071977 JP2010071977W WO2011071063A1 WO 2011071063 A1 WO2011071063 A1 WO 2011071063A1 JP 2010071977 W JP2010071977 W JP 2010071977W WO 2011071063 A1 WO2011071063 A1 WO 2011071063A1
Authority
WO
WIPO (PCT)
Prior art keywords
side channel
channel attack
analysis range
evaluation
resistance evaluation
Prior art date
Application number
PCT/JP2010/071977
Other languages
English (en)
Japanese (ja)
Inventor
哲孝 山下
Original Assignee
日本電気株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 日本電気株式会社 filed Critical 日本電気株式会社
Priority to JP2011545223A priority Critical patent/JP5733215B2/ja
Publication of WO2011071063A1 publication Critical patent/WO2011071063A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry

Definitions

  • the present invention relates to a side channel attack resistance evaluation apparatus, a side channel attack resistance evaluation method, and a program therefor, and more particularly, a side channel that evaluates resistance to a side channel attack of a cryptographic apparatus using side channel information leaked from the cryptographic apparatus.
  • the present invention relates to an attack resistance evaluation apparatus, a side channel attack resistance evaluation method, and a program thereof.
  • side channel information under the assumption that attackers can accurately measure side channel information such as processing time and power consumption in devices such as IC cards with a cryptographic function and portable terminals.
  • a side-channel attack that attempts to acquire confidential information from the Internet and its countermeasures are major research themes.
  • the side channel information includes information related to the processing and data being executed in the cryptographic device that is the target of attack.
  • the cryptographic algorithm, processing timing, and secret key can be estimated. It is.
  • a timing attack focusing on processing time for example, refer to Non-Patent Document 1
  • a power analysis focusing on power consumption for example, refer to Non-Patent Document 2
  • a leakage electromagnetic wave for example, Non-Patent Document 3
  • An electromagnetic wave analysis see, for example, Non-Patent Document 3 is known.
  • DPA Differential Power Analysis
  • DPA Correlation Power Analysis
  • tamper resistance In an apparatus equipped with encryption, practically, resistance against side channel attacks (hereinafter referred to as “tamper resistance” as appropriate) is required. For this reason, research on tamper resistance technology that makes it difficult to estimate secret information such as encryption algorithms from side channel information has been promoted.
  • tamper resistance refers to the performance of preventing leakage of confidential information and modification of functions against attacks.
  • a tamper resistant technique for preventing leakage of confidential information from side channel information by arbitrarily adding unnecessary information to the side channel information has been proposed.
  • Patent Document 1 a tamper resistant technique for preventing leakage of confidential information from side channel information by arbitrarily adding unnecessary information to the side channel information.
  • Non-Patent Document 5 a technique for evaluating the resistance against side channel attacks is required (see, for example, Non-Patent Document 5).
  • Non-Patent Document 5 As described above, for example, by using the technique described in Non-Patent Document 5, it is possible to evaluate resistance to side channel attacks.
  • the analysis may fail due to the waveform processing range being too wide.
  • DPA digital to amino acid conversion
  • a feature appears in a part not related to the secret key and the analysis fails. There is.
  • it may be erroneously determined that there is resistance even though the resistance is actually low. Therefore, in order to increase the accuracy of resistance evaluation, it is required not to process an extra portion in the side channel attack resistance evaluation.
  • the present invention suppresses a reduction in accuracy of resistance evaluation due to unnecessary information on side channel information, and can evaluate a side channel attack resistance against a cryptographic device with high accuracy. It is an object to provide a resistance evaluation method and a program thereof.
  • the encryption device in the side channel attack resistance evaluation device that evaluates the resistance of the encryption device to a side channel attack using the side channel information leaked from the encryption device, the encryption device subject to resistance evaluation
  • the side channel information receiving unit that receives the side channel information acquired from the outside and takes in the side channel information
  • the analysis range setting unit that sets the analysis range that is the range to be analyzed from within the entire range of the side channel information
  • a side channel attack resistance evaluation unit that determines whether or not the cryptographic device to be evaluated is resistant to a side channel attack using the side channel information within the analysis range set by the analysis range setting unit.
  • the cryptographic device subject to resistance evaluation Side channel information receiving step for receiving the side channel information acquired from the outside and taking in the side channel information, and an analysis range setting step for setting an analysis range which is a range to be analyzed from within all the ranges of the side channel information
  • a side channel attack resistance evaluation step for determining whether or not the cryptographic device to be evaluated is resistant to a side channel attack using the side channel information within the analysis range set in the analysis range setting step.
  • the side channel attack resistance evaluation incorporated in the side channel attack resistance evaluation device that evaluates the resistance of the encryption device to the side channel attack using the side channel information leaked from the encryption device.
  • the side channel information acquired from the cryptographic device subject to tolerance evaluation is received from the outside, and the side channel information receiving unit that takes in the side channel information, and the range to be analyzed from within the entire range of the side channel information
  • An analysis range setting unit that sets an analysis range, and a side channel that determines whether the evaluation target encryption device is resistant to a side channel attack using side channel information within the analysis range set by the analysis range setting unit
  • a side channel attack resistance evaluation device comprising an attack resistance evaluation unit.
  • Side channel attack resistance evaluation program for causing to function over data is provided.
  • the present invention by setting the analysis range and narrowing down the side channel information used for the tolerance evaluation, it is possible to suppress the possibility of performing an erroneous evaluation that occurs by using the evaluation up to an extra range. It becomes possible to improve the evaluation accuracy of the target side channel attack resistance.
  • DPA difference electric power analysis
  • Example 1 It is an electromagnetic wave measurement waveform at the time of DES encryption processing. It is the figure which showed the analysis range set in the electromagnetic wave measurement waveform at the time of DES encryption processing. It is the figure which extracted the set analysis range part in the electromagnetic wave measurement waveform at the time of DES encryption processing.
  • Example 1 it is a figure showing the table
  • Example 1 it is a figure showing the table
  • the present embodiment generally includes an encryption device to be evaluated, a side channel information measurement device that measures side channel information of the encryption device, and a side channel of the encryption device using the side channel information measured by the side channel information measurement device.
  • a side channel attack resistance evaluation device that evaluates resistance against side channel attacks that analyze internal processing related to encryption of the encryption device and confidential information;
  • the side channel attack resistance evaluation device includes a side channel information input unit that inputs side channel information measured by the side channel information measurement device to the side channel attack resistance evaluation device, and side channel information input from the side channel information input unit.
  • an analysis range setting unit that sets an analysis range in resistance evaluation
  • a side channel attack resistance evaluation unit that performs side channel resistance evaluation of the cryptographic device using side channel information within the range set by the analysis range setting unit And have.
  • FIG. 1 is a block diagram illustrating a schematic configuration of a side channel attack resistance evaluation apparatus 300 and other apparatuses according to the first embodiment of the present invention.
  • the present embodiment includes an encryption device 100, a side channel information measurement device 200, and a side channel attack resistance evaluation device 300.
  • the encryption device 100 is a device that performs processing such as encryption on plaintext and decryption on ciphertext (hereinafter, these processes are collectively referred to as “encryption / decryption processing”).
  • encryption / decryption processing various information processing devices capable of executing encryption / decryption processing can be employed. Examples of devices that can be employed include personal computers (PCs), portable terminals such as cellular phones, contact-type and non-contact-type IC cards, and reader / writers.
  • the side channel information measuring device 200 is a device that measures side channel information leaked when the encryption device 100 performs encryption / decryption processing.
  • As the side channel information to be measured various kinds of information affected by internal processing in the encryption apparatus can be considered. Specifically, power, electromagnetic waves, sound, temperature and the like can be exemplified.
  • the side channel information measuring apparatus 200 can employ an oscilloscope, a spectrum analyzer, or the like.
  • the side channel attack resistance evaluation apparatus 300 is an apparatus that uses the side channel information obtained from the side channel information measurement apparatus 200 to evaluate the resistance against the side channel attack of the encryption apparatus 100 that is the evaluation target encryption apparatus.
  • the side channel attack resistance evaluation apparatus 300 includes a side channel information reception unit 301, an analysis range setting unit 302, and a side channel attack resistance evaluation unit 303.
  • the side channel information receiving unit 301 has a function of taking side channel information measured by the side channel information measuring apparatus 200 into the side channel attack resistance evaluating apparatus 300. Note that it is not the gist of the present embodiment how the side channel information receiving unit 301 specifically captures the side channel information. Therefore, it is possible to capture using any method. For example, USB (Universal Serial Bus), RS-232C (Recommended Standard 232 version C), IEEE 1394 (Institute of Electrical and Electronic Electronics Engineers 1394), SCSI (Small Computer System Interface) can be used.
  • USB Universal Serial Bus
  • RS-232C Recommended Standard 232 version C
  • IEEE 1394 Institute of Electrical and Electronic Electronics Engineers 1394
  • SCSI Small Computer System Interface
  • a method of reading from a recording medium such as a disk, a magnetic tape, or a flash memory and taking it in can be used.
  • the analysis range setting unit 302 sets the analysis range of the side channel information used by the side channel attack resistance evaluation unit 303.
  • analysis range setting methods the following four methods can be exemplified.
  • the first method for setting the analysis range is to set the analysis range based on external input.
  • the analysis range is set with reference to the point in time when the input from the outside is detected. Set the analysis range as the start point or end point of the analysis range, set the analysis range as the center point of the analysis range, or set the point before or after a certain point from the detection point as the start point, end point, or center point of the analysis range
  • a setting method can be considered.
  • the second method of setting the specific analysis range is a method of setting the analysis range based on the input side channel information.
  • this method for example, rising and falling of side channel information, spikes, and the like are detected based on predetermined parameters. Then, the analysis range is set based on the detected position.
  • a method of setting the start point, end point, etc. of the analysis range can be considered as in the first method with the detected position as a reference.
  • the input side channel information is subjected to calculations such as correlation and matching with reference information, and the analysis range is set based on the calculation result.
  • a method is mentioned. In this method, there can be considered a method of determining the starting point of the analysis range in the same manner as the first method, based on a location where a high correlation is obtained or a location where the similarity is the highest in matching.
  • the fourth method of setting the specific analysis range is to conduct side channel attack resistance evaluation using the entire side channel information or side channel information within the analysis range set appropriately, and based on the results.
  • a method for setting the analysis range can be mentioned. Note that the four methods described above are merely examples. It is also possible to use methods other than these four methods.
  • the side channel attack resistance evaluation unit 303 uses the side channel information within the range set by the analysis range setting unit 302 to perform an evaluation of the encryption device 100 against a side channel attack.
  • a side channel attack is performed on the side channel information within the analysis range, and the result of determining whether or not the attack is successful, the correlation with the reference waveform, distance, and similarity are used. Methods and the like.
  • Examples of the side channel attack method include timing attack, electromagnetic wave analysis, simple power analysis, differential power analysis, failure use attack, cache attack, acoustic analysis attack, and the like.
  • the input in the side channel information receiving unit 301 and the processing in the analysis range setting unit 302 are performed a plurality of times, whereby a plurality of side channel information is obtained. Is possible to get.
  • the second and subsequent waveforms only the range set by the analysis range setting unit 302 is repeatedly input by the side channel information receiving unit 301, whereby a plurality of side channel information can be acquired.
  • the analysis range setting unit 302 has a function of changing the analysis range according to the result of the resistance evaluation, the content of the resistance evaluation of the side channel attack (the presence / absence of resistance, the location of the peak at the time of analysis, A means for propagating the peak value, correlation value, distance, similarity, etc.) to the analysis range setting unit 302.
  • the side channel attack resistance evaluation unit 303 uses the side channel information within the set analysis range to attack the side channel attack of the encryption device 100. Perform resistance assessment.
  • “S1” and “S2” represent “side channel information”.
  • “S3” represents “analysis range-set side channel information”.
  • “S4” in FIG. 1 represents “side channel information tolerance evaluation result information”.
  • the connection from the side channel attack resistance evaluation unit 303 to the analysis range setting unit 302 is not always necessary depending on the operation example. It is also possible to omit this connection and “S4”.
  • FIG. 2 is a flowchart showing an operation example of the side channel attack resistance evaluation apparatus 300 in the present embodiment.
  • the analysis range setting unit 302 sets an analysis range for the side channel information input from the side channel information receiving unit 301, and the side channel attack resistance evaluation unit 303 within the set analysis range.
  • the side channel attack resistance evaluation of the cryptographic device 100 is performed using the side channel information.
  • the side channel information receiving unit 301 receives the side channel information and takes in the received side channel information (step A1).
  • the analysis range setting unit 302 sets the analysis range of the side channel information used by the side channel attack resistance evaluation unit 303 based on the input side channel information based on a predetermined criterion. (Step A2).
  • the side channel attack resistance evaluation unit 303 performs side channel attack resistance evaluation using the side channel information within the analysis range set by the analysis range setting unit 302, and ends the evaluation (step A3).
  • the time required for evaluation can be reduced by narrowing down the analysis range.
  • the evaluation accuracy is improved.
  • FIG. 3 is a block diagram showing a configuration example in the present embodiment.
  • the side channel attack resistance evaluation device 310 has a side channel information measurement unit 304 instead of the side channel reception unit 301 and external side channel information.
  • the measuring device 200 is unnecessary.
  • the side channel information measurement unit 304 has a function of measuring side channel information leaked when the encryption device 100 performs the encryption / decryption processing, similarly to the side channel information measurement device 200.
  • Examples of the measurement target include power, electromagnetic waves, sound, temperature, and the like.
  • S2 in FIG. 3 represents “side channel information”.
  • S3 represents “analysis range set side channel information”.
  • S4 in FIG. 3 represents “side channel information tolerance evaluation result information”.
  • the connection from the side channel attack resistance evaluation unit 303 to the analysis range setting unit 302 is not always necessary depending on the operation example. It is also possible to omit this connection and “S4”.
  • FIG. 4 is a flowchart showing an operation example of the side channel attack resistance evaluation apparatus 310 in the present embodiment.
  • the difference from the operation example of the first embodiment is that when the side channel information is input at the start of evaluation, the side channel measurement unit 304 measures the side channel information from the encryption device 100, so that the side channel information is changed to the side channel information. This is a point that is taken into the attack resistance evaluation device 310 (step A1-1).
  • the flow of operation after inputting the side channel information is the same as that in the first embodiment (steps A2 and A3).
  • the side channel information measurement unit 304 into the side channel attack resistance evaluation device 310, the side channel information can be directly captured from the encryption device 100. Therefore, it is possible to perform side channel attack resistance evaluation even in an environment where the side channel information measuring apparatus 200 does not exist.
  • side channel attack resistance evaluation is performed using the entire side channel information or side channel information within a preset analysis range. Also, the analysis range is reset based on the evaluation result, and the side channel attack resistance is evaluated again. Further, the operation of setting the analysis range and evaluating the tolerance is repeated based on the evaluation result.
  • FIG. 5 is a flowchart of the side channel attack resistance evaluation apparatus 300 in this embodiment.
  • the difference from the first embodiment is that resistance evaluation and analysis range setting are repeated.
  • the side channel attack resistance evaluation unit 303 first evaluates the side channel attack resistance (step A3). Then, the analysis range setting unit 302 sets the analysis range according to the evaluation result in step A3 (step A2-1). Then, the resistance evaluation in the side channel attack resistance evaluation unit 303 and the analysis range setting in the analysis range setting unit 302 are repeated (step A3, step A2-1).
  • step A3 after evaluating side channel attack resistance (step A3), if the analysis range falls below a certain range, loops a predetermined number of times, or the result of resistance evaluation meets the criteria, etc. End (YES in step A5).
  • steps A3 if the analysis range falls below a certain range, loops a predetermined number of times, or the result of resistance evaluation meets the criteria, etc. End (YES in step A5).
  • steps A5 merely examples, and other conditions may be used as conditions for repeated termination. Further, the process may be terminated repeatedly if one of the conditions is satisfied, or may be terminated when all of the plurality of conditions are satisfied.
  • step A2-1 again and continues the operation (NO in step A5).
  • examples of the criterion of the resistance evaluation result in step A5 include the success / failure of the secret key analysis, the distance from the reference waveform, and the high correlation / similarity. If multiple keys are to be analyzed, the number of keys successfully analyzed. Further, if DPA or a method derived from it is used, the peak height can be exemplified. Furthermore, even if the analysis range cannot be improved sufficiently by narrowing down the analysis range only once, improvement of the analysis accuracy can be expected by repeating resetting of the analysis range.
  • the secret key is estimated from the power consumption waveform W and the ciphertext or plaintext corresponding to the waveform.
  • the ciphertext C is used will be described. For the description, refer to the flowchart of FIG.
  • K ′ and ciphertext C are classified into two groups using a function F (K ′, C) called a selection function (step B2).
  • step B2 When the classification of all Ws is completed in step B2, the average of W is obtained for each group (step B3).
  • the power consumption waveform W and the function F have a strong correlation, so that a peak appears in W after taking the difference.
  • K ′ and the correct key do not match, there is no correlation between W and F, and no peak appears in W after taking the difference. Therefore, the peak is detected after calculating the average difference between the two groups (step B5). The peak detection process is performed on all key candidates in the same manner, and K ′ showing the highest peak is used as the estimation result. Finally, if the estimated key matches the correct key, the analysis is successful.
  • FIG. 7 is a flowchart of the side channel attack resistance evaluation apparatus 300 in this embodiment.
  • step A2-1 is changed, step A6 is added, and it is corrected to step A2-2.
  • the analysis range setting unit 302 sets the analysis range, if there is a partial key that has been successfully analyzed as a result of analysis once (YES in step A6), the location where the peak appears with the partial key is determined. This is a point (step A2-2) as a reference for resetting the analysis range.
  • the point where the peak appears in the successfully analyzed key is set as the analysis range setting standard.
  • a method of ending the operation is considered as an example (NO in step A6).
  • a method of setting the analysis range by a predetermined method instead of ending the operation may be considered. Possible methods of setting the range include a method based on the peak of the correct key that has been successfully analyzed, and a method of analyzing both of them by dividing the analysis range by half. .
  • the analysis range can be set by the following method.
  • the first method is a method in which priorities are assigned to keys, and a peak of a higher priority key is used as a reference. It is also possible to rank in order from the first partial key.
  • the second is a method in which the peak heights are compared and the highest peak is used as a reference.
  • the key is estimated based on the difference between the two groups.
  • the key may be estimated based on characteristics other than the difference.
  • the key is estimated based on the height of the correlation coefficient.
  • the embodiment of the present invention can also apply a feature used for estimating a key as a criterion for setting an analysis range even in a technique other than DPA.
  • processing using each partial key may be processed continuously or in parallel. In such a case, a portion having a correlation in each partial key exists in the vicinity. Therefore, by narrowing down the analysis range on the basis of the location where the correct key peak appears, the analysis accuracy is improved and the evaluation accuracy of the side channel attack resistance evaluation is improved.
  • FIG. 9 is a flowchart of the side channel attack resistance evaluation apparatus 300 in this embodiment.
  • the difference from the operation example of the fourth embodiment is that when there are a plurality of partial keys that have been successfully analyzed, the peak value of the correct key is compared with the peak values of other key candidates, and the peak values are compared.
  • the analysis range is determined according to the result.
  • the analysis range setting unit 302 compares the peak value of the correct key with the peak value of the other key candidates (step S7).
  • A8) is to determine the analysis range according to the comparison result of the peak values (step A2-5).
  • the analysis range setting unit 302 sets the analysis range based on the peak position of the key that has been successfully analyzed (step A2-4). ).
  • the number of candidates per partial key of DES is 64, and peak values are calculated for the 64 key candidates. If the peak value for the correct key is the highest, the analysis is successful. In the embodiment of the present invention, the highest peak value among the peak values of 63 key candidates other than the correct key is compared with the peak value of the correct key. This is performed for all correct keys that have been successfully analyzed, and the one with the best peak value comparison result is used as the reference for setting the analysis range. As a comparison method, a difference or ratio between peaks can be considered.
  • the difference is 2 and the ratio is 10/8.
  • the difference is 4 and the ratio is 6/2.
  • the portion where the peak of the partial key B appears is set as the analysis range setting reference.
  • FIG. 10 is a flowchart of the side channel attack resistance evaluation apparatus 300 in this embodiment.
  • the difference from the operation example of the fourth embodiment is that when there is no correct partial key, the peak of the correct key is compared with the highest peak among other key candidates, and the peak value The analysis range is determined according to the comparison result.
  • the analysis range setting unit 302 compares the peak of the correct key with the highest peak among other key candidates.
  • Step A9 is that the analysis range is determined according to the comparison result of the peak values (Step A2-6).
  • the analysis range is determined based on the peak of the key.
  • the peak of the correct key is compared with the highest peak among the other key candidates, and the analysis range is determined according to the comparison result.
  • a difference or ratio between peaks can be considered as in the fifth embodiment.
  • the peak of the correct key where the difference or ratio between the peak of the correct key and the other peak is the smallest is set as the analysis range setting reference.
  • the difference or ratio between the maximum peak and the correct key peak is small, when the analysis range is narrowed down at the location where the correct key peak appears, the correct key peak is the highest and the analysis may be successful. high. Therefore, when the analysis fails, the analysis accuracy is improved by setting the analysis range based on the difference or ratio of the peaks, and as a result, the accuracy of resistance evaluation can be improved.
  • the side channel attack resistance evaluation is performed once using the entire side channel information or the side channel information within the analysis range set appropriately, the analysis range is reset based on the result, and the side channel attack resistance is set again. To evaluate. Furthermore, a method of repeating analysis range setting and tolerance evaluation based on the evaluation result will be described.
  • FIG. 11 is a flowchart showing an operation example of the side channel attack resistance evaluation apparatus 300 in the present embodiment.
  • step A1 the analysis range setting unit 302 divides the analysis range into two parts A and B (step A10).
  • step A10 the analysis range setting unit 302 divides the analysis range into two parts A and B.
  • step A11 the side channel attack resistance evaluation unit 303 performs analysis within the analysis ranges of A and B (steps A3-1 and A3-2). ).
  • step A12 If the analysis result of either step A3-1 or step A3-2 satisfies the criteria, the evaluation is terminated (YES in step A12).
  • the analysis range setting unit 302 compares the analysis results (step A13). Then, the analysis range that is determined to be more effective is set as an analysis range that is divided into two (step A14). Then, the analysis range is divided into two again (step A10), and the analysis for each range is repeated.
  • analysis range may be divided into three or more instead of two. In this case, analysis and comparison of results are performed within each range.
  • a secret key is analyzed successfully / unsuccessfully, a distance from a reference waveform, a high correlation / similarity, and a plurality of keys are analyzed. Can be exemplified by the number of keys successfully analyzed. Further, if DPA or a method derived from it is used, the peak height can be exemplified.
  • step A13 the same standard as in step A12 can be used for comparison.
  • the analysis range A and the analysis range B the number of keys successfully analyzed can be compared, and the method with the larger number of successes can be exemplified as the analysis range divided into the following two.
  • there is a method of using a peak for comparison in DPA An example is a method in which an analysis range in which the peak is simply higher is divided into the following two parts.
  • the difference between the peaks if a partial key analysis is mutually successful based on the comparison result of the peak between the correct key and the other key candidates, the difference between the peaks Alternatively, a method in which the larger ratio is used as the analysis range divided into the following two can be exemplified. On the other hand, if the key analysis fails, it is possible to exemplify a method of setting an analysis range in which the smaller peak difference or ratio is divided into the following two.
  • DES is mounted on an evaluation board (corresponding to the encryption device 100 in FIG. 1) capable of performing encryption, and an oscilloscope (corresponding to the side channel information measurement device 200 in FIG. 1) is used.
  • an evaluation board corresponding to the encryption device 100 in FIG. 1
  • an oscilloscope corresponding to the side channel information measurement device 200 in FIG. 1.
  • the encryption used is DES
  • the key length is 64 bits
  • the number of rounds is 16 stages
  • the side channel attack resistance is evaluated based on whether or not the 48 bits (8 6-bit partial keys) round key can be analyzed in the final stage. To do.
  • step A3 As the operation, an operation corresponding to each step shown in FIG. 9 is performed.
  • CPA is used to calculate the peak value and position of the correlation coefficient for 64 key candidates for every 8 partial keys, and the peak value of the correct key is that of the other 63 key candidates. If it is higher than the peak value, the partial key is successfully analyzed.
  • step A5 if it loops 5 times, it is evaluated that it is resistant, and the process ends. If the analysis of five or more partial keys out of the eight partial keys is successful, it is evaluated that there is no tolerance and the process ends.
  • step A8 the ratio between the peak value of the correct key and the peak value of the other key candidates is determined for the partial key that has been successfully analyzed, and the peak position of the partial key having the largest ratio is set in the analysis range in step A2-4.
  • the standard The standard.
  • step A2-4 the analysis range is set around the peak position of the key that has been successfully analyzed.
  • step A2-5 the analysis range is set around the peak position of the partial key having the largest ratio.
  • the range is 251 points for the first loop, 101 points for the second loop, 51 points for the third loop, 25 points for the fourth loop, and 11 points for the fifth loop.
  • step A1 DES is executed on the evaluation board, and a plurality of DES electromagnetic wave waveforms are measured (step A1). Note that the number of points in the first waveform is 28000 points.
  • FIG. 12 shows the measured electromagnetic wave waveform.
  • CPA is performed on the measured electromagnetic wave waveform of DES, and eight partial keys are analyzed (step A3).
  • Table 1 below shows correct answers of eight partial keys (Keys 1 to 8).
  • FIG. 15 shows the first analysis result.
  • FIG. 15 shows the peak value and peak position of the three key candidates and the value of the key candidate in order from the highest peak as a result of analysis for each partial key.
  • a grayed portion indicates a correct key.
  • FIG. 15 shows that there are three partial keys that have been successfully analyzed. Therefore, the number of keys successfully analyzed is 4 or less (NO in step A5), and a plurality of partial keys have been successfully analyzed (YES in step A6, YES in A7). Therefore, the peak values of successful partial keys are compared (step A8). Table 2 below shows the peak values of the correct key and other key candidates and the ratio of the peak values in the successful partial keys.
  • FIG. 13 shows a portion to be analyzed (a portion indicated by an arrow) in the electromagnetic wave waveform.
  • FIG. 14 shows a waveform obtained by cutting out the range to be analyzed.
  • the CPA is executed again within the newly set analysis range to analyze the partial key (step A3).
  • the results of analysis in the new analysis range are shown in FIG.
  • the items in FIG. 16 are the same as those in FIG. FIG. 16 shows that the number of partial keys successfully analyzed has increased to six. Therefore, since the number of partial keys that have been successfully analyzed is five or more, it is evaluated that the current evaluation target does not have side channel attack resistance, and the side channel attack resistance evaluation ends (YES in step A5). .
  • the analysis accuracy is improved by narrowing down the analysis range according to the analysis result.
  • a side channel attack resistance evaluation device with high evaluation accuracy can be realized.
  • the embodiment of the present invention aims to increase the evaluation accuracy of the side channel attack resistance evaluation apparatus by setting the analysis range, but the side channel information is not yet analyzed at the stage where the side channel information has not been analyzed yet. It is possible to determine the analysis range according to the characteristics of the channel information.
  • the side channel attack resistance evaluation apparatus can be realized by hardware, but a computer-readable recording program for causing a computer to function as the side channel attack resistance evaluation apparatus It can also be realized by reading from the medium and executing it.
  • the side channel attack resistance evaluation method according to the embodiment of the present invention can be realized by hardware, but the computer reads a program for causing the computer to execute the method from a computer-readable recording medium and executes the program. Can also be realized.
  • the side channel information acquired from the encryption apparatus of tolerance evaluation object is shown.
  • a side channel information receiving unit that receives from the outside and takes in the side channel information
  • an analysis range setting unit that sets an analysis range that is a range to be analyzed from within the entire range of the side channel information
  • the analysis range setting unit A side channel attack resistance evaluation unit that determines whether or not the encryption device to be evaluated is resistant to a side channel attack using the side channel information within the analysis range set in step (b). Resistance evaluation device.
  • the side channel attack tolerance evaluation apparatus of Additional remark 1 WHEREIN It replaces with the said side channel information reception part, and is provided with the side channel information measurement part which measures the side channel information of the said encryption apparatus for evaluation. Side channel attack resistance evaluation device.
  • the analysis range setting unit performs analysis range setting again according to an evaluation result in the side channel attack resistance evaluation unit, and the side channel attack resistance A side channel attack resistance evaluation apparatus, wherein the evaluation unit performs side channel attack resistance evaluation again, and the second analysis range setting and the second side channel resistance evaluation are repeated.
  • the analysis range setting unit is configured to determine the second analysis range based on a peak in a key that has been successfully analyzed by the side channel attack resistance evaluation unit.
  • the analysis range setting unit includes the correct key and the other keys at the time of successful analysis among the evaluation results in the side channel attack resistance evaluation unit.
  • a side channel attack resistance evaluation apparatus wherein peaks in key candidates are compared and the analysis range is set again based on the comparison result.
  • the analysis range setting unit includes a correct key at the time of analysis failure and other than that in the evaluation result in the side channel attack resistance evaluation unit
  • a side-channel attack resistance evaluation apparatus characterized by comparing peaks in key candidates and setting the analysis range again based on the comparison result.
  • the analysis range setting unit divides the analysis range, and the side channel attack resistance evaluation unit divides the analysis range
  • the analysis range setting unit selects the analysis range to be divided again according to the evaluation result for each of the divided analysis ranges, and the analysis range is divided again.
  • a side channel attack resistance evaluation apparatus characterized by performing resistance evaluation for each analysis range and selecting the analysis range.
  • the side channel information acquired from the encryption apparatus of tolerance evaluation object is used.
  • a side channel information receiving step for receiving from the outside and capturing the side channel information; an analysis range setting step for setting an analysis range that is a range to be analyzed from within all the ranges of the side channel information; and the analysis range setting step
  • a side channel attack resistance evaluation step for determining whether or not the cryptographic apparatus to be evaluated is resistant to a side channel attack using the side channel information within the analysis range set in step (b). Resistance evaluation method.
  • the side channel attack resistance evaluation method according to supplementary note 9, further comprising a side channel information measurement step of measuring side channel information of the encryption device to be evaluated instead of the side channel information reception step. Side channel attack resistance evaluation method.
  • the analysis range setting step sets the analysis range again according to the evaluation result in the side channel attack resistance evaluation step, and again the side channel attack resistance
  • a side channel attack resistance evaluation method characterized by performing an evaluation and repeating the second analysis range setting and the second side channel resistance evaluation.
  • the second analysis range is determined based on a peak in the key that has been successfully analyzed in the side channel attack resistance evaluation step.
  • a side channel attack resistance evaluation method characterized by setting.
  • a side channel attack resistance evaluation method comprising: comparing peaks in key candidates and setting the analysis range again based on the comparison result.
  • a side channel attack resistance evaluation method comprising: comparing peaks in key candidates and setting the analysis range again based on the comparison result.
  • the analysis range is divided at the analysis range setting step, and the analysis range is divided at the side channel attack resistance evaluation step.
  • the evaluation is performed every time, the analysis range to be divided again is selected according to the evaluation result for each divided analysis range in the analysis range setting step, and the analysis range is divided again.
  • a side channel attack resistance evaluation method characterized by performing resistance evaluation for each analysis range and selecting the analysis range.
  • a side incorporated in a side channel attack resistance evaluation apparatus that evaluates resistance to side channel attacks for analyzing internal processing related to encryption of the encryption apparatus or analyzing confidential information using side channel information leaked from the encryption apparatus
  • the side channel information acquired from the cryptographic device of the resistance evaluation target is received from the outside, the side channel information reception unit that captures the side channel information, and the analysis target from all within the range of the side channel information
  • An analysis range setting unit that sets an analysis range that is a range to be analyzed, and whether or not the evaluation target encryption device is resistant to side channel attacks using side channel information within the analysis range set by the analysis range setting unit
  • a side channel comprising: a side channel attack resistance evaluation unit for determining Side channel attack resistance evaluation program for causing a computer to function as ⁇ evaluation device.
  • the side channel attack resistance evaluation device replaces the side channel information reception unit and measures the side channel information of the encryption device to be evaluated.
  • a side channel attack tolerance evaluation program comprising a channel information measurement unit.
  • the analysis range setting unit performs analysis range setting again according to the evaluation result in the side channel attack resistance evaluation unit, and the side channel attack resistance A side channel attack resistance evaluation program, wherein the evaluation unit performs side channel attack resistance evaluation again, and the second analysis range setting and the second side channel resistance evaluation are repeated.
  • the analysis range setting unit is configured to determine the second analysis range based on a peak in a key that has been successfully analyzed by the side channel attack resistance evaluation unit.
  • a side channel attack resistance evaluation program characterized by setting.
  • the analysis range setting unit includes the correct key and the other keys at the time of successful analysis among the evaluation results in the side channel attack tolerance evaluation unit.
  • a side-channel attack resistance evaluation program characterized by comparing peaks in key candidates and setting the analysis range again based on the comparison result.
  • the analysis range setting unit includes a correct key at the time of analysis failure and other than that in the evaluation result in the side channel attack tolerance evaluation unit
  • a side-channel attack resistance evaluation program characterized by comparing peaks in key candidates and setting the analysis range again based on the comparison result.
  • the analysis range setting unit divides the analysis range, and the side channel attack resistance evaluation unit divides the analysis range.
  • the analysis range setting unit selects the analysis range to be divided again according to the evaluation result for each of the divided analysis ranges, and the analysis range is divided again.
  • a side channel attack resistance evaluation program characterized by performing resistance evaluation for each analysis range and selecting the analysis range.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un dispositif d'évaluation de la résistance à une attaque par un canal latéral qui utilise l'information de canal latéral s'échappant d'un dispositif de cryptage pour évaluer la résistance du dispositif de cryptage aux attaques par canal latéral. Le dispositif d'évaluation de la résistance à une attaque par un canal latéral comprend une unité de réception d'information de canal latéral qui reçoit et capture l'information de canal latéral acquise auprès du dispositif de cryptage dont il faut évaluer la résistance depuis un source externe ; une unité de réglage du champ d'analyse qui règle le champ d'analyse, lequel est le champ faisant l'objet de l'analyse, parmi le champ total d'information de canal latéral ; et une unité d'évaluation de la résistance à une attaque par un canal latéral qui a recours à l'information de canal latéral à l'intérieur du champ d'analyse ainsi réglé pour déterminer si le dispositif de cryptage évalué est résistant aux attaques par canal latéral.
PCT/JP2010/071977 2009-12-10 2010-12-08 Dispositif d'évaluation de la résistance à une attaque par canal latéral, procédé d'évaluation de la résistance à une attaque par canal latéral et programme pour celui-ci WO2011071063A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2011545223A JP5733215B2 (ja) 2009-12-10 2010-12-08 サイドチャネル攻撃耐性評価装置、サイドチャネル攻撃耐性評価方法及びそのプログラム

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2009-280487 2009-12-10
JP2009280487 2009-12-10

Publications (1)

Publication Number Publication Date
WO2011071063A1 true WO2011071063A1 (fr) 2011-06-16

Family

ID=44145607

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2010/071977 WO2011071063A1 (fr) 2009-12-10 2010-12-08 Dispositif d'évaluation de la résistance à une attaque par canal latéral, procédé d'évaluation de la résistance à une attaque par canal latéral et programme pour celui-ci

Country Status (2)

Country Link
JP (1) JP5733215B2 (fr)
WO (1) WO2011071063A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2014006484A (ja) * 2012-06-27 2014-01-16 Tokai Rika Co Ltd サイドチャネル評価装置及びサイドチャネル評価方法
JP2014007705A (ja) * 2012-06-27 2014-01-16 Tokai Rika Co Ltd サイドチャネル評価装置及びサイドチャネル評価方法
CN106936561A (zh) * 2015-12-29 2017-07-07 航天信息股份有限公司 一种侧信道攻击防护能力评估方法和系统

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
"2009 Nen Symposium on Cryptography and Information Security SCIS 2009 [CD-ROM], 23 January 2009", 23 January 2009, article NORITAKA YAMASHITA ET AL.: "Shingo Shori o Riyo shita SASEBO ni Okeru Sabun Denryoku Kaiseki", pages: 1 - 6 *
DAISAKU MINAMIZAKI: "Construction of the experiment environment for the CPA attack", IEICE TECHNICAL REPORT, vol. 108, no. 355, 10 December 2008 (2008-12-10), pages 61 - 66 *
YOHEI HORI: "Development of Side-channel Attack Standard Evaluation Board and Tool", IEICE TECHNICAL REPORT, vol. 108, no. 300, 10 November 2008 (2008-11-10), pages 87 - 92 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2014006484A (ja) * 2012-06-27 2014-01-16 Tokai Rika Co Ltd サイドチャネル評価装置及びサイドチャネル評価方法
JP2014007705A (ja) * 2012-06-27 2014-01-16 Tokai Rika Co Ltd サイドチャネル評価装置及びサイドチャネル評価方法
CN106936561A (zh) * 2015-12-29 2017-07-07 航天信息股份有限公司 一种侧信道攻击防护能力评估方法和系统

Also Published As

Publication number Publication date
JP5733215B2 (ja) 2015-06-10
JPWO2011071063A1 (ja) 2013-04-22

Similar Documents

Publication Publication Date Title
CN108604981B (zh) 用于估计秘密值的方法和设备
Doget et al. Univariate side channel attacks and leakage modeling
US9069971B2 (en) Method for testing the security of an electronic device against an attack, and electronic device implementing countermeasures
KR20170098732A (ko) 2차 이상의 부채널 분석에 대한 회로의 저항력을 테스트하는 방법
US20100246808A1 (en) Side channel attack tolerance evaluation apparatus, method and program
EP3447509B1 (fr) Procédé d'essai de la résistance d'un circuit à une analyse de canal latéral
Mohamed et al. Improved algebraic side-channel attack on AES
EP3040901A1 (fr) Système et procédé d'alignement de données chronologiques sur une grande gamme d'indices de temps
Fan et al. How to choose interesting points for template attacks more effectively?
JP5733215B2 (ja) サイドチャネル攻撃耐性評価装置、サイドチャネル攻撃耐性評価方法及びそのプログラム
Diop et al. Collision based attacks in practice
Oren et al. Tolerant algebraic side-channel analysis of {AES}
JP2010135881A (ja) サイドチャネル攻撃耐性評価装置、サイドチャネル攻撃耐性評価方法、サイドチャネル攻撃耐性評価プログラム
Heyszl et al. Investigating profiled side-channel attacks against the DES key schedule
Pammu et al. A highly efficient side channel attack with profiling through relevance-learning on physical leakage information
KR20160114252A (ko) 부채널 분석 연산 방법
JP5397625B2 (ja) サイドチャネル攻撃耐性評価装置、その方法及びそのプログラム
Le et al. Mutual information analysis under the view of higher-order statistics
US11606195B2 (en) Method of verifying integrity of a pair of cryptographic keys and cryptographic device
Zhang et al. Efficient nonprofiling 2nd-order power analysis on masked devices utilizing multiple leakage points
Masoumi et al. Efficient implementation of power analysis attack resistant advanced encryption standard algorithm on side-channel attack standard evaluation board
Masoumi et al. An efficient smart card implementation of the AES algorithm robust against differential side channel analysis
Ueno et al. Constructing Sliding Windows Leak from Noisy Cache Timing Information of OSS-RSA.
Fan et al. How to Choose Interesting Points for Template Attacks?
Hu et al. Ciphertext and plaintext leakage reveals the entire TDES key

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10835983

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2011545223

Country of ref document: JP

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10835983

Country of ref document: EP

Kind code of ref document: A1