{"title":"基于故障敏感性分析的模板攻击新方法","authors":"Qian Wang;An Wang;Gang Qu;Guoshuang Zhang","doi":"10.1109/TMSCS.2016.2643638","DOIUrl":null,"url":null,"abstract":"Fault Sensitivity Analysis (FSA) is a side-channel attack that utilizes the sensitive delay of circuits to retrieve the key in cryptographic systems. In this paper, we propose the concept of right or wrong collision (RWC) rate and use it to build templates on two S-boxes, one is the target of the attack and the other is used as a reference. Compared to the traditional Hamming weight model which has eight different values, our template model is two-dimensional with 256 different values and has the potential to significantly reduce the number of plaintext required to reveal the key. Attack experiments show that our template attack can successfully break the masked AES algorithm with only one clock frequency. Furthermore, we propose two improved template attack methods that can reduce the complexity for building templates to 1/256 and 9/256 of the original method, respectively. The improved method with different frequencies also improves the efficiency of template matching by 86.3 percent. Finally and most importantly, our methods can be used to break masked AES where the S-boxes do not have to be implemented by parallel AND gates, a major limitation of the current Hamming weight models.","PeriodicalId":100643,"journal":{"name":"IEEE Transactions on Multi-Scale Computing Systems","volume":"3 2","pages":"113-123"},"PeriodicalIF":0.0000,"publicationDate":"2017-01-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1109/TMSCS.2016.2643638","citationCount":"13","resultStr":"{\"title\":\"New Methods of Template Attack Based on Fault Sensitivity Analysis\",\"authors\":\"Qian Wang;An Wang;Gang Qu;Guoshuang Zhang\",\"doi\":\"10.1109/TMSCS.2016.2643638\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Fault Sensitivity Analysis (FSA) is a side-channel attack that utilizes the sensitive delay of circuits to retrieve the key in cryptographic systems. In this paper, we propose the concept of right or wrong collision (RWC) rate and use it to build templates on two S-boxes, one is the target of the attack and the other is used as a reference. Compared to the traditional Hamming weight model which has eight different values, our template model is two-dimensional with 256 different values and has the potential to significantly reduce the number of plaintext required to reveal the key. Attack experiments show that our template attack can successfully break the masked AES algorithm with only one clock frequency. Furthermore, we propose two improved template attack methods that can reduce the complexity for building templates to 1/256 and 9/256 of the original method, respectively. The improved method with different frequencies also improves the efficiency of template matching by 86.3 percent. Finally and most importantly, our methods can be used to break masked AES where the S-boxes do not have to be implemented by parallel AND gates, a major limitation of the current Hamming weight models.\",\"PeriodicalId\":100643,\"journal\":{\"name\":\"IEEE Transactions on Multi-Scale Computing Systems\",\"volume\":\"3 2\",\"pages\":\"113-123\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-01-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://sci-hub-pdf.com/10.1109/TMSCS.2016.2643638\",\"citationCount\":\"13\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Transactions on Multi-Scale Computing Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/7805342/\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Multi-Scale Computing Systems","FirstCategoryId":"1085","ListUrlMain":"https://ieeexplore.ieee.org/document/7805342/","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
New Methods of Template Attack Based on Fault Sensitivity Analysis
Fault Sensitivity Analysis (FSA) is a side-channel attack that utilizes the sensitive delay of circuits to retrieve the key in cryptographic systems. In this paper, we propose the concept of right or wrong collision (RWC) rate and use it to build templates on two S-boxes, one is the target of the attack and the other is used as a reference. Compared to the traditional Hamming weight model which has eight different values, our template model is two-dimensional with 256 different values and has the potential to significantly reduce the number of plaintext required to reveal the key. Attack experiments show that our template attack can successfully break the masked AES algorithm with only one clock frequency. Furthermore, we propose two improved template attack methods that can reduce the complexity for building templates to 1/256 and 9/256 of the original method, respectively. The improved method with different frequencies also improves the efficiency of template matching by 86.3 percent. Finally and most importantly, our methods can be used to break masked AES where the S-boxes do not have to be implemented by parallel AND gates, a major limitation of the current Hamming weight models.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
