计算机科学 ›› 2023, Vol. 50 ›› Issue (11A): 220700223-7.doi: 10.11896/jsjkx.220700223
吴童, 周大伟, 欧庆于, 褚潍禹
WU Tong, ZHOU Dawei, OU Qingyu, CHU Weiyu
摘要: 旁路攻击与故障攻击是当前应用较广泛的攻击方式。文中分析比对了其泄漏模型,并从算法层面和物理层面阐述了二者本质上的一致性。最后,从如何构建统一的物理泄漏函数模型,提出统一的物理安全测评标准,设计通用防御策略等角度分析了当前研究热点,这对从二者的关联性角度出发继续做好深入研究具有重要意义。
中图分类号:
| [1]KOCHER P,JAFFEJ,JUN B.Differential Power Analysis[C]//Advances in Cryptology- CRYPTO’99.Lecture Notes in Computer Science,1999:388-397. [2]KOCHER P.Timing Attacks on Implementations of Diffie-Hellman,RSA,DSS,and Other Systems[J].Lecture Notes in Computer Science,1996,1109(1):104-113. [3]GANDOLFI K,MOURTEL C,OLIVIER F.ElectromagneticAnalysis:Concrete Results[M].Berlin,Heidelberg:Springer,2001:251-261. [4]BRIER E,CLAVIER C,OLIVIER F.Correlation Power Analysis with a Leakage Model[C]//Cryptographic Hardware and Embedded Systems-CHES 2004.Lecture Notes in Computer Science,2004:16-29. [5]GIERLICHS B,BATINA L,TUYLS P,et al.Mutual Information Analysis[C]//Cryptographic Hardware and Embedded Systems(CHES 2008).10th International Workshop,Washington,2008. [6]CHARI S,RAO J R,ROHATGI P.Template Attacks[C]//International Workshop on Cryptographic Hardware & Embedded Systems.2002. [7]QUISQUATER J J,SAMYDE D.Eddy Current for Magnetic Analysis with Active Sensor[C]//Proceedings of eSMART-2002.2018:1-20. [8]CAI F,BAI G,LIU H.Optical Fault Injection Attacks for Flash Memory of Smartcards[C]//2016 6th International Conference on Electronics Information and Emergency Communication.IEEE,2016:46-50. [9]AGOYAN M,DUTERTRE J,NACCACHE D,et al.WhenClocks Fail:On Critical Paths and Clock Faults[M].Berlin,Heidelberg:Springer,2010:182-193. [10]CHONG H K,QUISQUATER J J.Faults,Injection Methods,and Fault Attacks[J].IEEE Design & Test of Computers,2007,24(6):544-545. [11]YANG L,SAKIYAMA K,GOMISAWA S,et al.Fault Sensiti-vity Analysis[C]//Cryptographic Hardware & Embedded Systems.International Workshop,Santa Barbara,2010. [12]BIHA M,SHAMIR A.Real-time detection of anomalous taxi trajectories from GPS traces[C]// Advances in Cryptology-CRYPTO ’97.Lecture Notes in Computer Science,1997:513-525. [13]MORADI A,MISCHKE O,PAAR C,et al.On the Power of Fault Sensitivity Analysis and Collision Side-Channel Attacks in a Combined Setting[M].Berlin,Heidelberg:Springer:2011:292-311. [14]GHALATY N F,YUCE B,TAHA M,et al.Differential Fault Intensity Analysis[C]//Workshop on Fault Diagnosis & Tolerance in Cryptography.2014. [15]DOBRAUNIG C,EICHLSEDER M,KORAK T,et al.SIFA:Exploiting Ineffective Fault Inductions on Symmetric Cryptography [J].IACR Transactions on Cryptographic Hardware and Embedded Systems,2018,20(3):547-572. [16]DOBRAUNIG C,MANGARD S,MENDEL F,et al.Fault Attacks on Nonce-Based Authenticated Encryption:Application to Keyak and Ketje[C]//International Conference on Selected Areas in Cryptography.2018. [17]RAMEZANPOUR K,AMPADU P,DIEHL W.Fault intensity map analysis with neural network key distinguisher[J].Journal of Cryptographic Engineering,2021,11(3):273-288. [18]RAMEZANPOUR K,AMPADU P,DIEHL W.Fault intensitymap analysis with neural network key distinguisher[C]//Proceedings of the 3rd ACM Workshop on Attacks and Solutions in Hardware Security Workshop.2019:33-42. [19]SAHA S,BAG A,BASU ROY D,et al.Fault Template Attacks on Block Ciphers Exploiting Fault Propagation[M].Cham:Springer International Publishing,2020:612-643. [20]Fan ZHANG X L X Z.Persistent Fault Analysis on Block Ciphers[J].IACR Transactions on Cryptographic Hardware and Embedded Systems,2018,3:150-172. [21]CHENG Y,ZHENG M,HUANG F,et al.A Fast-Detection and Fault-Correction Algorithm against Persistent Fault Attack[C]//2021 IEEE 20th International Conference on Trust,Security and Privacy in Computing and Communications (TrustCom).IEEE,2021:557-568. [22]LIU Y,ZHANG J,WEI L,et al.DERA:Yet another differential fault attack on cryptographic devices based on error rate analysis[C]//Proceedings of the 52nd Annual Design Automation Conference.2015:1-6. [23]WANG Q,WANG A,QU G,et al.New Methods of Template Attack Based on Fault Sensitivity Analysis[J].IEEE Transactions on Multi-Scale Computing Systems,2017,3(2):113-123. [24]DOFE J,PAHLEVANZADEH H,YU Q.A Comprehensive FPGA-Based Assessment on Fault-Resistant AES against Correlation Power Analysis Attack[J].Journal of Electronic Testing,2016,32(5):611-624. [25]PIRET G,QUISQUATER J J.A differential fault attack technique against SPN structures,with application to the AES and KHAZAD[C]//Cryptographic Hardware and Embedded Systems-CHES 2003.Springer Berlin Heidelberg,2003:77-88. [26]YANG L,ENDO S,DEBANDE N,et al.Exploring the Relations between Fault Sensitivity and Power Consumption[C]//International Conference on Constructive Side-channel Analysis & Secure Design.2013. [27]SPRUYT A,MILBURN A,CHMIELEWSKI ?.Fault injection as an oscilloscope:fault correlation analysis[C]//Cryptographic Hardware and Embedded Systems.2021:192-216. [28]CARLET C,DANGER J,GUILLEY S,et al.Achieving side-channel high-order correlation immunity with leakage squeezing[J].Journal of Cryptographic Engineering,2014,4(2):107-121. [29]ROCHE T,LOMNÉ V,KHALFALLAH K.Combined fault and side-channel attack on protected implementations of AES[C]//Smart Card Research and Advanced Applications:10th IFIP WG 8.8/11.2 International Conference(CARDIS 2011).Springer Berlin Heidelberg,2011:65-83. [30]OU C,ZHOU X,LAM S,et al.Information Entropy-BasedLeakage Profiling[J].IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems,2021,40(6):1052-1062. [31]OTT R L,LONGNECKER M T.An introduction to statistical methods and data analysis[M].Cengage Learning,2015:198-199. [32]DING A A,CHEN C,EISENBARTH T.Simpler,faster,andmore robust t-test based leakage detection[C]//Constructive Side-Channel Analysis and Secure Design:7th International Workshop(COSADE 2016).Springer International Publishing,2016:163-183. [33]STANDAERT F.How(Not) to Use Welch’s T-Test in Side-Channel Security Evaluations[M].Cham:Springer International Publishing,2019:65-79. [34]DURVAUX F,STANDAERT F.From Improved Leakage Detection to the Detection of Points of Interests in Leakage Traces[M].Berlin,Heidelberg:Springer,2016:240-262. [35]MORADI A,RICHTER B,SCHNEIDER T,et al.Leakage Detection with the χ2-Test[C]//Cryptographic Hardware and Embedded Systems.2018:209-237. [36]CHOTHIA T,GUHA A.A Statistical Test for InformationLeaks Using Continuous Mutual Information[C]//IEEE Computer Security Foundations Symposium.2011. [37]HETTWER B,GEHRER S,G?NEYSU T.Applications of machine learning techniques in side-channel attacks:a survey[J].Journal of Cryptographic Engineering,2020,10:135-162. [38]CHATZIKOKOLAKIS K,CHOTHIA T,GUHA A.Statistical Measurement of Information Leakage[C]//DBLP.2010:390-404. [39]BISWAS A,BANERJI A,CHANDRAVANSHI P,et al.Experimental Side Channel Analysis of BB84 QKD Source[J].IEEE Journal of Quantum Electronics,2021,57(6):1-7. [40]LEV-AMI T,SAGIV M.TVLA:A system for implementing static analyses[C]//International Static Analysis Symposium.Berlin,Heidelberg:Springer,2000:280-301. [41]AIGNER M,OSWALD E,AIGNER@IAIK M,et al.Poweranalysis tutoriall[C]//Institute for Applied Information Proces-sing and Communication University of Technology Graz.2000. [42]GLAMOANIN O,COULON L,REGAZZONI F,et al.Built-in Self-Evaluation of First-Order Power Side-Channel Leakage for FPGAs[C]//The 2020 ACM/SIGDA International Symposium on Field-Programmable Gate Arrays(FPGA ’20).ACM,2020. [43]STANDAERT F,MALKIN T G,YUNG M.A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks[M].Berlin,Heidelberg:Springer,2009:443-461. [44]PAHLEVANZADEH H,DOFE J,YU Q.Assessing CPA re-sistance of AES with different fault tolerance mechanisms[C]//2016 21st Asia and South Pacific Design Automation Conference(ASP-DAC).IEEE,2016: 661-666. [45]YANG S,WOLF W,VIJAYKRISHNAN N,et al.Power Attack Resistant Cryptosystem Design:A Dynamic Voltage and Frequency Switching Approach[C]//2005 Design,Automation and Test in Europe Conference and Exposition(DATE 2005).IEEE,2005. [46]BUCCI M,LUZZI R,GUGLIELMO M,et al.A countermeasure against differential power analysis based on random delay insertion[C]//2005 IEEE International Symposium on Circuits and Systems(ISCAS).IEEE,2005:3547-3550. [47]CHONG K,NG J,CHEN J,et al.Dual-Hiding Side-Channel-Attack Resistant FPGA-Based Asynchronous-Logic AES:Design,Countermeasures and Evaluation[J].IEEE Journal on Emerging and Selected Topics in Circuits and Systems,2021,11(2):343-356. [48]TIRI K,VERBAUWHEDE I.A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation[C]//Design,Automation & Test in Europe Conference & Exhibition.2004. [49]TIRI K.A VLSI Design Flow for Secure Side-ChannelAttack Resistant ICs[C]//DBLP.2005:1530-1591. [50]NIKNIA F,DANGER J,GUILLEY S,et al.Aging Effects onTemplate Attacks Launched on Dual-Rail Protected Chips[J].IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems,2022,41(5):1276-1289. [51]ISHAI Y,PRABHAKARAN M,SAHAI A,et al.Private Cir-cuits II:Keeping Secrets in Tamperable Circuits[C]//International Conference on the Theory & Applications of Cryptographic Techniques.2006. [52]JAKUB B,HOU X.Feeding Two Cats with One Bowl:On Designing a Fault and Side-Channel Resistant Software Encoding Scheme[C]//Cryptographers Track at the Rsa Conference.2017. [53]SEKER O,FERNANDEZ-RUBIO A,EISENBARTH T,et al.Extending Glitch-Free Multiparty Protocols to Resist Fault Injection Attacks[C]//Cryptographic Hardware and Embedded Systems.2018. |
|
||
首页