簡易檢索 / 詳目顯示
| 研究生: |
張吉天 Chi-Tan Chang |
|---|---|
| 論文名稱: |
於8051單晶片上實作可防禦DPA攻擊之AES加密器 Implementation of AES Cryptosystem on 8051 Single-chip Controller against DPA |
| 指導教授: |
顏嵩銘
Sung-Ming Yen |
| 口試委員: | |
| 學位類別: |
碩士 Master |
| 系所名稱: |
資訊電機學院 - 資訊工程學系在職專班 Executive Master of Computer Science & Information Engineering |
| 畢業學年度: | 92 |
| 語文別: | 中文 |
| 論文頁數: | 77 |
| 中文關鍵詞: | AES加密 、簡單能量分析 、差分能量分析 、遮罩 |
| 外文關鍵詞: | DPA, masking, AES, SPA |
| 相關次數: | 點閱:11 下載:0 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
自從差分能量分析(DPA)的攻擊被宣布後,就有許多演算法提出許多的防禦對策,而對於安全的AES演算法來說,一種masking(遮罩)方法是被建議的,然而這masking方法又被發現有second order DPA的弱點,因此,本文研究目的就是在於提出有效的AES軟體對策,以防禦second order DPA攻擊,而本文提出了一種把明文masking兩次另外再以置換掉S-Box的方法作為對策,使這演算法對於修改的S-Box因而不須使用masking的方法,如此的加密不會增加程式的複雜性,而我們稱這種置換最初的S-Box叫等效的S-Box,而這等效的S-Box的產生方法,其實跟原來的那組S-Box產生方法一樣,而我們也於最後以8051單晶片實作展示了防禦結果,以證明其是可防禦DPA攻擊,因此本論文所提防禦方法也適合低成本的smart card的使用。
Many defensive countermeasures have been proposed by many algorithms since Differential Powder Analysis (DPA) attack was announced. For secure AES algorithm, there was weakness of second-order DPA in the proposed Masking method. In this paper, the effective AES software, which masks plain-text twice, the other to replace primitive S-Box to makes a defense against second-order DPA, is proposed. The algorithm needn’t use the Masking method to modify S-Box. Therefore, program’s complexity with encryption isn’t increased; to replace the primitive S-Box is called “random S-Box”. In fact, this random S-Box produces the same method as this primitive S-Box does. Finally, in order to prove that it can resist DPA attack, the defensive effect of 8051 micro-controller is shown. Hence, the proposed resistant method also suits the low-cost smart card.
[1]Paul Kocher, Joshua Jaffe, and Benjamin Jun “Differential Power Analysis”, Advances in Cryptographt-CRYPTO’99, LNCS 1666, pp.388-397, Springer-Verlag, 1999.
[2]曾紹崟,呂誌忠,戴憲文,孫熒聯,王煥文,彭志毅,林慧菁“Jixco 簡介”,專題報導 ─ IC卡應用安全管理,Communications of the CCISA Vol.8 No.3 June 2002, P68~78.
[3]K.Itoh, M.Takenaka, and N.Torii,“DPA Countermeasure Based on the Masking Method”, ICICS 2001, LNCS 288, pp.440-456, Springer-Verlag, 2002.
[4]Joan Daemen,Vincent Rijmen, “AES proposal:Rijndael.”,1999,
available at Web http://csrc.nist.gov/encryption/aes/ rijndael/ Rijndael.pdf
[5]Paul Kocher,Joshua Jaffe,and Benjamin Jun “Introduction Differential Power Analysis and Related Attacks”1998 Available at http://www.cryptography.com/dpa/technical
[6]S.M.Yen,“Amplified Differential Power Crytanalysis on Rijndael Implementations with Exponentially Fewer Power Traces”, Information Security and Privacy-ACISP 2003, LNCS 2727, pp.106-117, Springer-Verlag, 2003.
[7]Jean-Jacques Quisquater, David Samyde,“Automatic Code Recognition for Smartcards Using a Kohonen Neural Network”, USENIX Association,Proceedings of the Fifth Smart Card Research and Advanced Application Conference (CARDIS 02), San Jose,CA,USA,November 2002, http://www.usenix.org/
events/cardis02/ full_papers/valverde/valverde.pdf
[8]T.Messerges,“Using Second-Order Power Analysis to Attack DPA Resistant Software”, CHES 2000, LNCS 1965, pp.238-351, Springer-Verlag, 2000.
