摘要
针对轻量级认证加密算法ASCON的结构,提出一种差分功耗分析方法。该方法结合算法S盒实现特点,利用汉明重量模型作为功耗区分函数,将功耗曲线分组,并恢复出加密用的主密钥。进一步地,对于DPA攻击中出现的“魅峰”,给出一种功耗曲线预处理方法,先将曲线根据明文分组并求均值,再对预处理后的曲线发起DPA攻击。通过采集s a置换泄露的1500条功耗曲线,能快速恢复出其主密钥的44 bit。此外,直接攻击原始曲线所需时间为21849.8889 ms,引入预处理技术后,攻击预处理的曲线所需时间为198.9113 ms,约为直接攻击原始曲线所需时间的1/109。
Aiming at the structure of the lightweight authentication encryption algorithm ASCON,a differential power analysis method is proposed.It combines the implementation characteristics of the algorithm S-box,uses the Hamming weight model as the power consumption discrimination function,groups the traces,and recovers the master key for encryption.Furthermore,for the"ghost peaks"what appear in DPA attacks,a traces preprocessing method is given.First,the traces are grouped according to plaintext and averaged,and then DPA attacks are launched on the preprocessed traces.The 44 bit master key of ASCON cipher can be recovered by attacking its s a permutation,where 1500 traces are collected.In addition,the time required to directly attack the original traces is 21849.8889 ms,and the time required to attack the preprocessed traces is 198.9113 ms.After preprocessing the traces,the time taken to attack the preprocessed traces is about 1/109 of that of directly attacking the original traces.
作者
潘力
韦永壮
PAN Li;WEI Yongzhuang(School of Computer and Information Security,Guilin University of Electronic Technology,Guilin 541004,China)
出处
《桂林电子科技大学学报》
2023年第2期142-148,共7页
Journal of Guilin University of Electronic Technology
基金
国家自然科学基金(61872103,62062026)
广西自然科学基金(2019GXNSFGA245004)。
关键词
ASCON轻量级认证加密算法
差分能量分析
汉明重量模型
预处理
ASCON lightweight authenticated encryption algorithm
differential power analysis
Hamming weight model
preprocessing