Subjects: Information Science and Systems Science >> Basic Disciplines of Information Science and Systems Science submitted time 2023-02-14 Cooperative journals: 《桂林电子科技大学学报》
Abstract: Aiming at the influence of the noise and other factors in the process of classical correlation power analysis, based
on the linear correlation between Hamming weight and power traces, a correlation power analysis method for AES cryptographic
chip is proposed. According to the uneven distribution of the median Hamming weight of the S-box output of the
cryptographic algorithm, a set of plaintexts with strong correlation with the power traces is obtained by filtering the correct
keys and the wrong keys by using the discrimination ratio. In the stage of key recovery, the leakage points of the first two
S-boxes are found by observing this set of plaintext inputs, and the leakage intervals of the remaining 14 S-boxes are found
one by one by using the separate guessing method, so that the key information of the remaining bytes can be captured without
traversing all power traces. The experimental analysis of AT89S52 chip shows that the proposed method can correctly
recover the one-byte key of AES with 90% success rate by using only 9 plaintexts and corresponding power traces, and the
computational complexity is only 4.1% of the classical correlation power analysis, which significantly improves the efficiency
of the correlation power analysis.
Subjects: Information Science and Systems Science >> Basic Disciplines of Information Science and Systems Science submitted time 2023-02-14 Cooperative journals: 《桂林电子科技大学学报》
Abstract: Aiming at the structure of the lightweight authentication encryption algorithm ASCON, a differential power analysis)
method is proposed. It combines the implementation characteristics of the algorithm S-box, uses the Hamming weight
model as the power consumption discrimination function, groups the traces, and recovers the master key for encryption.
Furthermore, for the "ghost peaks" what appear in DPA attacks, a traces preprocessing method is given. First, the traces
are grouped according to plaintext and averaged, and then DPA attacks are launched on the preprocessed traces. The 44 bit
master key of ASCON cipher can be recovered by attacking its sa permutation, where 1 500 traces are collected. In addition,
the time required to directly attack the original traces is 21 849.888 9 ms, and the time required to attack the preprocessed
traces is 198.911 3 ms. After preprocessing the traces, the time taken to attack the preprocessed traces is about 1/109 of
that of directly attacking the original traces.
Subjects: Computer Science >> Integration Theory of Computer Science submitted time 2019-01-03 Cooperative journals: 《计算机应用研究》
Abstract: Currently, with the extensive use of the 4-bit S-Boxes in lightweight encryption algorithms, it appears to be an important issue to look for the algebraic relationships between their inputs and outputs. This paper proposed a general algorithm for calculating the nonlinear loop algebraic relationships by using the low algebraic relationships between input and output of S-Box. Moreover, it checked algebraic relationships of both the well-known optimal 4-bit S-Boxes and the S-boxes used in some famous lightweight encryption algorithms. The results shown that only 3 classes of 16 categories of optimal 4-bit S-Boxes had square loop algebraic relationships. In particular, the S-Boxes belonging to the same equivalence class may possess different square loop algebraic relationships. Furthermore, the S-Boxes of some lightweight cryptographic algorithms (e. g. , MANTIS, PRIDE, and Marvin) had many square loop algebraic relationships. There exists potential security flaws of these S-boxes which possess low degree algebraic relationships.
Hits
Hits
Downloads
Comment