摘要
针对带有重用掩码的高级加密标准(Advanced Encryption Standard,AES)算法,提出一种改进的基于掩码AES选择明文碰撞攻击方法。在汉明重量模型下求解能量迹表达式中的各个参数,根据求解出的参数和任意两个S盒输入的汉明距离与欧几里德距离之间的特定关系式建立模板。利用每次选择的明文攻击与模板匹配,减小密钥搜索空间范围,直至恢复密钥。仿真实验结果表明,改进的攻击方法使得敌手在没有和待攻击设备相同的设备情况下也能建立模板进行攻击,在σ=0.009和σ=0.012时,改进的攻击方法比自适应选择明文碰撞攻击方法成功率分别高出8.2%和13%。
For the AES algorithm with reused mask,an improved chosen-plaintext collision attack for masked AES is proposed.The parameters in the power trace expression are solved under the Hamming weight model.According to the parameters and the specific relationship between the Hamming distance and Euclidean distance of any two S-box inputs,the template is established.Using each chosen plaintext attack to match the template,the search space of the key is reduced until the key is recovered.Simulation results show that the improved method enables the adversary to build template to attack without the same device as the target one.Compared with the adaptive-chosen plaintext collision attack,its success rate is 8.2%and 13%higher atσ=0.009 andσ=0.012,respectively.
作者
郑东
王柳生
赵秉宇
张美玲
ZHENG Dong;WANG Liusheng;ZHAO Bingyu;ZHANG Meiling(National Engineering Laboratory for Wireless Security,Xi'an University of Posts and Telecommunications,Xi'an 710121,China)
出处
《西安邮电大学学报》
2021年第6期57-65,共9页
Journal of Xi’an University of Posts and Telecommunications
基金
国家重点研发计划项目(2017YFB0802000)
国家自然科学基金项目(62072369)
陕西省重点研发计划项目(2020ZDLGY08-04)。
关键词
高级加密标准
选择明文碰撞攻击
最小二乘法
掩码
advanced encryption standard
chosen-plaintext collision attack
the least square method
masking