计算机科学 ›› 2015, Vol. 42 ›› Issue (Z6): 402-407.

• 信息安全 • 上一篇    下一篇

面向无线传感器网络的抗攻击低开销AES实现方法

罗新强,齐悦,万亚东,王沁   

  1. 北京科技大学计算机与通信工程学院 北京100083,北京科技大学计算机与通信工程学院 北京100083,北京科技大学计算机与通信工程学院 北京100083,北京科技大学计算机与通信工程学院 北京100083
  • 出版日期:2018-11-14 发布日期:2018-11-14
  • 基金资助:
    本文受国家高技术研究发展计划(863计划)项目(2011AA040101-3,4AA041801-2),国家自然科学基金项目(61003251,9,61173150)资助

Attack-resistant and Low-cost AES Implementation for Wireless Sensor Network

LUO Xin-qiang, QI Yue, WAN Ya-dong and WANG Qin   

  • Online:2018-11-14 Published:2018-11-14

摘要: 高级加密标准(AES)加密被众多无线传感器网络(WSN)标准定义为其数据链路层的核心密码算法。传统AES实现由于计算复杂度高,难以在资源受限的WSN节点上实现。通过查找表可以大幅提高AES软件实现的加密速度,但是传统的基于4张1kB查找表的AES实现(4-T)不仅存储开销大,而且面临着访问驱动Cache攻击的威胁。通过对查找表的结构进行优化,提出一种基于单张512B查找表的AES实现方法(1-T),在降低存储开销的同时,提高了AES实现抵抗访问驱动Cache攻击的能力。此外,通过对轮加密公式的优化,减小了对加密速度的影响。在ARM平台上的实验显示,1-T实现的加密时间相比4-T增加43.5%,但仅是采用硬件加速器AES实现的加密时间的38.55%。

Abstract: Advanced encryption standard(AES) is specified as the core cipher algorithm of the data link layer by many wireless sensor network(WSN) standards.But traditional AES implementation is hard to perform on the resource-constrained WSN nodes due to its high computation complexity.Look-up table(LUT) can improve the speed of AES software implementations significantly,but the traditional AES implement(4-T) based on 4 LUTs consumes high storage and faces the threat of access-driven cache attack.This paper proposed an AES implementation(1-T) based on one 512-Byte LUT,by optimizing the structure of the LUT,decreasing its storage consumption and increasing its ability of against access-driven cache attack significantly at the same time.In order to eliminate the encryption speed impact on 1-T,the round encryption function of 1-T was optimized as well.The experiment result on ARM shows that,the 1-T’s encryption time is increased 43.5% comparing to 4-T’s,but only 38.55% of the one of the AES implementation based on hardware accelerator.

Key words: Wireless sensor network,AES encryption,Look-up table,Access-driven cache attack,Low-cost

[1] LAN/MAN Standards Committee.Part 15.4:wireless medium access control (MAC) and physical layer (PHY) specifications for low-rate wireless personal area networks (LR-WPANs)[S].IEEE Computer Society,2007
[2] An ISA Standard Wireless systems for Industrial automation[C]∥Process Control and Related Applications.ISA Std.ISA-100.11a-2009,2009
[3] 莫路锋,毛方杰,等.基于感知数据的无线传感网被动诊断方法[J].北京邮电大学学报,2013,36(1):101-104
[4] 王涛春,秦小麟,等.两层无线传感器网络中隐私保护的范围查询[J].北京邮电大学学报,2014,37(2):104-108
[5] 周才学.基于证书的签名方案的分析与改进[J].北京邮电大学学报,2013,36(6):98-101
[6] Daemen J,Rijmen V.AES proposal:Rijndael[C]∥First Advanced Encryption Standard(AES) Conference.1998
[7] Schaumont P R,Kuo H,Verbauwhede I M.Unlocking the design secrets of a 2.29 Gb/s Rijndael processor[C]∥Proceedings 39th Design Automation Conference,2002.IEEE,2002:634-639
[8] Rahimunnisa K,Karthigaikumar P,Kirubavathy J,et al.A 0.13-μm implementation of 5 Gb/s and 3-mW folded parallel architecture for AES algorithm[J].International Journal of Electronics,2013(ahead-of-print):1-12
[9] Morioka S,Satoh A.A 10-Gbps full-AES crypto design with a twisted BDD S-Box architecture[J].IEEE Transactions on VLSI Systems,2004,12(7):686-691
[10] Chang J K T,Liu C,Gaudiot J L.Hardware Acceleration for Cryptography Algorithms by Hotspot Detection[M]∥Grid and Pervasive Computing.Springer Berlin Heidelberg,2013:472-481
[11] Nguyen K,Lanante L,Nagao Y,et al.Implementation of 2.6Gbps super-high speed AES-CCM security protocol for IEEE 802.11i[C]∥2013 13th International Symposium on Communications and Information Technologies(ISCIT).IEEE,2013:669-673
[12] Xu Leslie.Secure the Enterprise with Intel? AES-NI:White Paper.http://www.intel.cn/content/www/cn/zh/ enterprise-security/enterprise-security-aes-ni-white-paper.html
[13] Lee R B,Chen Y Y.Processor accelerator for AES[C]∥2010 IEEE 8th Symposium on Application Specific Processors(SASP).IEEE,2010:16-21
[14] Daemen J,Rijmen V.Resistance against implementation at-tacks:A comparative study of the AES proposals[C]∥The Second AES Candidate Conference.1999:122-132
[15] Yumbul K,Sava, E,Kocaba, ,et al.Design and implementation of a versatile cryptographic unit for risc processors[J].Security and Communication Networks,2014,7(1):36-52
[16] Bertoni G,Breveglieri L,Fragneto P,et al.Efficient software implementation of AES on 32-bit platforms[M]∥Cryptographic Hardware and Embedded Systems-CHES 2002.Springer Berlin Heidelberg,2003:159-171
[17] Gladman B.A Specification for Rijndael,the AES Algorithm.http://fp.gladman.plus.com,May 2002
[18] Atasu K,Breveglieri L,Macchetti M.Efficient AES implementations for ARM based platforms[C]∥Proceedings of the 2004 ACM symposium on Applied computing.ACM,2004:841-845
[19] Liu B,Baas B M.Parallel AES encryption engines for many-core processor arrays[J].IEEE Transactions on Computers,2013,62(3):536-547
[20] Viega J,Messier M,Chandra P.Network Security with OpenSSL:Cryptography for Secure Communications [M].O’Reilly Media,Inc.,2002
[21] Bernstein D J.Cache-timing attacks on AES.2005.http://cr.yp.to/papers.html\#cachetiming
[22] Bonneau J,Mironov I.Cache-collision timing attacks againstAES[M]∥Cryptographic Hardware and Embedded Systems-CHES 2006.Springer Berlin Heidelberg,2006:201-215
[23] Aclimez O,Schindler W,Ko  K.Cache based remote timing attack on the AES[M]∥Topics in Cryptology-CT-RSA 2007.Springer Berlin Heidelberg,2006:271-286
[24] 王韬,赵新杰,郭世泽,等.针对 AES 的 Cache 计时模板攻击研究[J].计算机学报,2012,35(2):325-341
[25] Bertoni G,Zaccaria V,Breveglieri L,et al.AES power attack based on induced cache miss and countermeasure[C]∥International Conference on Information Technology:Coding and Computing,2005(ITCC 2005).IEEE,2005,1:586-591
[26] Aclimez O,Ko  K.Trace-driven cache attacks on AES(short paper)[M]∥Information and Communications Security.Sprin-ger Berlin Heidelberg,2006:112-121
[27] Gallais J F,Kizhvatov I,Tunstall M.Improved trace-drivencache-collision attacks against embedded AES implementations[M]∥Information Security Applications.Springer Berlin Heidelberg,2011:243-257
[28] Osvik D A,Shamir A,Tromer E.Cache attacks and countermeasures:the case of AES[M]∥Topics in Cryptology-CT-RSA 2006.Springer Berlin Heidelberg,2006:1-20
[29] Tromer E,Osvik D A,Shamir A.Efficient cache attacks on AES,and countermeasures[J].Journal of Cryptology,2010,23(1):37-71
[30] 赵新杰,王韬,郭世泽,等.AES 访问驱动 Cache 计时攻击[J].软件学报,2011,22(3):572-591

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!