簡易檢索 / 詳目顯示
| 研究生: |
簡玉珊 Yu-Shan Jian |
|---|---|
| 論文名稱: |
AES以遮罩防禦法防禦高階差分能量分析攻擊之研究 Research on Higher-Order Masking of AES against Higher-Order DPA |
| 指導教授: |
顏嵩銘
Sung-ming Yen |
| 口試委員: | |
| 學位類別: |
碩士 Master |
| 系所名稱: |
資訊電機學院 - 資訊工程學系 Department of Computer Science & Information Engineering |
| 畢業學年度: | 98 |
| 語文別: | 中文 |
| 論文頁數: | 37 |
| 中文關鍵詞: | 布林遮罩 、差分能量分析攻擊 、智慧卡 、進階加密標準 |
| 外文關鍵詞: | Boolean Masking, Differential Power Analysis, Smart Card, Advance Encryption Standard |
| 相關次數: | 點閱:5 下載:0 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
AES是廣泛被應用的區塊加密機制,然而當AES被實作在一般未受保護的智慧卡(Smart card)時,會因為智慧卡的能量消耗,遭受差分能量分析攻擊(DPA)。針對AES,各種防禦DPA方法以及更高階的DPA攻擊持續被研究。許多研究是結合兩種以上的防禦方法,其中遮罩(Masking)防禦方法常被建議使用。本文之研究目的是探討目前AES的遮罩防禦法之瓶頸,並且加以改善。除此之外,本研究實作DPA攻擊AES的線性與非線性運算,比較兩者的優缺點。並且實作以2次差分能量分析(2nd-order DPA)來攻擊在8051單晶片上具有單一遮罩的AES。
AES is a popular block cipher. However, when AES is implemented on smart card, it is vulnerable to DPA (Differential Power Analysis) attacks. It is because the power consumption of the smart card leaks the information of the intermediate results of AES. Various countermeasures for AES against DPA had been suggested and some stronger DPA attacks also had been proposed. Many studies suggest composing several different countermeasures to defend DPA attacks. One countermeasure often used is Boolean masking. Our study dedicates to improving the Boolean masking of AES. This article also compares the experiment results of DPA on the linear and non-linear operations in AES, and presents the experimental results of 2nd-order DPA on single mask AES implemented on 8051.
[1] ISO/IEC 18033-3, “Information technology -- Security techniques -- Encryption algorithms --Part 3: Block ciphers”, 2005. Available at http://www.iso.ch/iso/en/CatalogueDetailPage.CatalogueDetail?CSNUMBER=37972
[2] National Institute of Standards and Technology (NIST), “Advanced Encryption Standard (AES)”, FIPS Publication 197, 2001. Available at http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
[3] National Bureau of Standards (NBS), “Data Encryption Standard (DES)”, FIPS Publication 46, 1977.
[4] ML Akkar, C Giraud, “An Implementation of DES and AES, Secure against Some Attacks”, CHES 2001, LNCS 2162, pp. 309-318, Springer-Verlag, 2001.
[5] C Clavier, JS Coron, N Dabbous, “Power Analysis in the Presence of Hardware Countermeasures”, CHES 2000, LNCS 1965, pp. 252-263, Springer-Verlag, 2000.
[6] JS Coron, P Kocher, D Naccache, “Statistics and Secret Leakage”, FC 2000, LNCS 1962, pp. 157-173, Springer-Verlag, 2001.
[7] JS Coron, E Prouff, M Rivain, “Side Channel Cryptanalysis of a Higherer Order Masking Scheme”, CHES 2007, LNCS 4727, pp. 28-44, Springer-Verlag, 2007.
[8] J Daemen, V Rijmen, “The Design of Rijndael, Version 2”, Submission to NIST, 1999. http://csrc.nist.gov/archive/aes
[9] JD Golic, C Tymen, “Multiplicative Masking and Power Analysis of AES”, CHES 2002, LNCS 2523, pp. 198-212, Springer-Verlag, 2003.
[10] C Herbst, E Oswald, and Stefan Mangard, “An AES Smart Card Implementation Resistant to Power Analysis Attacks”, ACNS 2006, LNCS 3989, pp. 239-252, Springer-Verlag, 2006.
[11] PC Kocher, JM Jaffe, BC Jun, “Differential Power Analysis”, CRYPTO 1999, LNCS 1666, pp. 388-397, Springer-Verlag, 1999.
[12] J Lu, J Pan, and J Hartog, “Security of AES Against First and Second-Order Differential Power Analysis”, WISSEC 2009. Available at http://www.uclouvain.be/crypto/wissec2009/static/5.pdf
[13] S Mangard, “Hardware Countermeasures against DPA – A Statistical Analysis of Their Effectiveness”, CT-RSA 2004, LNCS 2964, pp. 222-235, Springer-Verlag, 2004.
[14] S Mangard, E Oswald, T Popp, “Correlation Power Analysis with a Leakage Model”, CHES 2004, LNCS 3156, pp. 135-152, Springer-Verlag, 2004
[15] TS Messerges, “Using Second-Order Power Analysis to Attack DPA Resistant Software”, CHES 2000, LNCS 1965, pp. 238 - 251, Springer-Verlag, 2000.
[16] TS Messerges, “Securing the AES Finalists Against Power Analysis Attacks”, FSE 2000, LNCS 1978, pp. 293-301, Springer-Verlag, 2001.
[17] E Oswald, S Mangard, C Herbst, S Tillich, “Practical Second-Order DPA Attacks for Masked Smart Card Implementations of Block Ciphers”, CT-RSA 2006, LNCS 3860, pp. 192-207, Springer-Verlag, 2006.
[18] E Oswald, S Mangard, N Pramstaller, “A Side-Channel Analysis Resistant Description of the AES S-Box”, FSE 2005, LNCS 3557, pp. 413-423, Springer-Verlag, 2005.
[19] K Schramm, C Paar, “Higher Order Masking of the AES”, CT-RSA 2006, LNCS 3860, pp. 208-225, Springer-Verlag, 2006.
[20] J Waddle, D Wagner, “Towards Efficient Second-Order Power Analysis”, CHES 2004, LNCS 3156, pp. 1-15, Springer-Verlag, 2004.
[21] 張吉天,於 8051 單晶片上實作可防禦 DPA 攻擊之AES加密器,國立中央大學密碼與資訊安全實驗室碩士論文,2004。
