计算机科学

计算机科学 ›› 2015, Vol. 42 ›› Issue (3): 148-152.doi: 10.11896/j.issn.1002-137X.2015.03.031

• 信息安全 • 上一篇    下一篇

一种AVR环境下KLEIN分组密码抗计时和缓存边信道攻击的快速保护方法

温雅敏,黎凤霞,龚 征,唐韶华   

  1. 广东财经大学数学与统计学院 广州510320,华南理工大学计算机科学与工程学院 广州510641,华南师范大学计算机学院 广州510631;上海市信息安全综合管理技术研究重点实验室 上海200240,华南理工大学计算机科学与工程学院 广州510641
  • 出版日期:2018-11-14 发布日期:2018-11-14
  • 基金资助:
    本文受国家自然科学基金项目(61300204,61100201,61170080,U1135004),广东省自然科学基金(S2012040006711),广东省高等学校优秀青年教师培养计划项目(Yq2013051),广州市科技计划项目珠江科技新星专项(2014J2200006),广东省教育厅高校优秀青年创新人才培育项目(2012LYM_0066)资助

Fast Implementation of KLEIN for Resisting Timing and Cache Side-channel Attacks on AVR

WEN Ya-min, LI Feng-xia, GONG Zheng and TANG Shao-hua   

  • Online:2018-11-14 Published:2018-11-14

PDF (PC)

436

摘要: 随着物联网应用的广泛兴起,轻量级分组密码算法在资源受限环境下的应用前景得到了广泛关注。在物联网应用中,攻击者往往采用边界信道的方式对相应设备进行密钥恢复攻击。在RFIDSec 2011会议上,Gong等人提出了一种新的适用于物联网资源环境下软件实现的轻量级分组密码算法KLEIN[1]。从AVR微处理器的特点出发,基于AVR汇编语言给出了KLEIN分组加密算法的bitslicing实现。在实现过程中,分别基于读取和存储操作进行相应的优化,降低了算法在MixNibbles步骤中的计算复杂度,从而使得KLEIN算法能通过bitslicing方式对计时(Ti-ming)和缓存(Cache)边信道攻击方式进行防御。从AVR平台的实际试验结果来看,优化后的KLEIN算法的bitslicing实现在AVR微处理器平台上具有实用性。

关键词: 物联网,边信道攻击,轻量级分组密码,KLEIN,Bitslicing

Abstract: With the rapid development of IoT (Internet of Things) applications,lightweight block ciphers are widely focused in the applications of resource-constrained environments.In IoT applications,attackers often use side-channel information to recover secret keys.At RFIDSec 2011,Gong et al.proposed a new lightweight block cipher named KLEIN for the software implementation in resource-constrained environments.We proposed a bitslicing implementation of the KLEIN block cipher based on AVR ASM.In the implementation,look-up tables and logical operations are combined for reducing the computational costs in the MixNibbles step,which leads to a better balance between the algorithm’s speed and storage.Our experiments on AVR show the bitslicing implementation of KLEIN is feasible for practical applications.

Key words: IoT,Side-channel attack,Lightweight block cipher,KLEIN,Bitslicing

[1] Gong Z,Nikova S,Law Y.KLEIN:A New Family of Lightweight Block Ciphers[C]∥Proceeding of RFID Security and Privacy 2011.Berlin Heidlberg:Springer,2011:1-18
[2] Bogdanov A,Knudsen L R,Leander G,et al.PRESENT:An Ultra-Lightweight Block Cipher[C]∥Proceeding of CHES 2007.Berlin Heidlberg:Springer,2007:450-466
[3] Nakahara,Jr J.Fast Variants of the MESH Block Ciphers[C]∥Proceeding of Indocrypt 2004.Berlin Heidlberg:Springer,2004:162-174
[4] Nakahara,Jr J,Rijmen V,et al.The MESH Block Ciphers[C]∥Proceeding of the International Workshop on Info.Security Applications,WISA 2003.Berlin Heidlberg:Springer,2003:458-473
[5] Poschmann A.Lightweight Cryptography- Cryptographic Engineering for a Pervasive World[D].Germany:Ruhr-University Bochum.February 2009
[6] Konighofer R.A Fast and Cache-Timing Resistant Implementation of the AES[C]∥Proceeding of CT-RSA 2008.Berlin Heidlberg:Springer,2008:187-202
[7] Moradi A,Poschmann A,Ling S,et al.Pushing the limits:AVery Compact and A Threshold Implementation of AES[C]∥Proceeding of Eurocrypt 2011.Berlin Heidlberg:Springer,2011:69-88
[8] Biham E.A fast new DES implementation in software[C]∥Proceeding of FSE 1997.Berlin Heidlberg:Springer,1997:260-272
[9] Neve M,Seifert J P.Advances on access-driven cache attacks on AES[C]∥Proceeding of SAC 2006.Berlin Heidlberg:Springer,2007:147-162
[10] Osvik D A,Shamir A,Tromer E.Cache attacks and counter-measures:The case of AES[C]∥Proceeding of CT-RSA 2006.Berlin Heidlberg:Sprin-ger,2006:1-20
[11] Bonneau J,Mironov I.Cache-collision timing attacks againstAES[C]∥Proceeding of CHES 2006.Berlin Heidlberg:Sprin-ger,2006:201-215
[12] Aciic O,Schindler W,Koc C.Cache based remote timing attack on the AES[C]∥Proceeding of CT-RSA 2007.Berlin Heidlberg:Springer,2006:271-286
[13] 赵新杰,王韬,矫文成,等.一种新的针对AES的访问驱动Cache攻击[J].小型微型计算机系统,2009,30(4):797-800
[14] 赵新杰,王韬,郑媛媛.Camellia访问驱动Cache计时攻击研究[J].计算机学报,2010,33(7):1153-1165
[15] 赵新杰,王韬,郭世泽,等.AES访问驱动Cache计时攻击[J].软件学报,2011(3):572-591
[16] 赵新杰,王韬,郭世泽,等.分组密码Cache攻击技术研究[J].计算机研究与发展,2012,49(3):453-468
[17] 温雅敏,龚征,胡沐创,等.面向ATtiny微处理器的KLEIN分组密码算法实现[J].小型微型计算机系统,2013,34(7):1641-1644
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发