【作者】 李海军；

【导师】 马光胜；

【作者基本信息】 哈尔滨工程大学 ， 计算机应用技术， 2008， 博士

【摘要】 功耗攻击方法是得到广泛重视和应用的一种旁道攻击方法，它观测加密芯片运行时的功耗变化特征，研究处理数据与功耗之间的相关性，根据相关性推算出芯片内部存储的密钥。功耗攻击方法实施简单，攻击能力强，具有通用性，与具体加密算法无关，能够攻击各种加密算法的芯片。差分功耗分析(Differential Power Analysis，DPA)和高阶差分功耗分析(High OrderDifferential Power Analysis，H-O DPA)攻击能力更强，而且随着研究的深入，实施攻击方法越来越成熟，攻击成本下降，对加密芯片构成极大威胁。有些针对特定加密算法进行改进的攻击方法，其攻击效果更好。本论文主要针对功耗分析技术的特点及关键技术，特别是DPA和高阶DPA技术进行研究，提出具体的改进防御方法，增强加密芯片防御DPA的能力，并进行加密芯片的设计和仿真。对新出现的专门针对具体加密算法的攻击方法，也进行了研究并提出相应的防御方法。完成的主要研究工作如下：1)提出修改AES算法的防御方法。引入随机化方法和变形屏蔽方法(Transformed Masking Method，TMM)修改AES算法，同时将AES算法中GF(2~8)求逆运算的部分用简单动态差分逻辑构建，使AES芯片能够防御零值攻击。安全性分析表明，攻击新的方法所需的样本数是标准二阶DPA攻击的(16+4~*n)~2倍，这使攻击变得不可行，仿真表明可以防御零值攻击。2)对采用屏蔽方法的DES芯片提出改进的屏蔽方法。在数据进入S盒之前不恢复密钥，而是修改S盒，即能够保护密钥，又使得数据在经过S盒变换后能够消除屏蔽。DES算法中同时存在异或屏蔽和加法屏蔽，引入两者之间相互安全转换的方法，使得算法中的敏感数据不以明文出现，能够完全屏蔽。分析表明可以防御关联攻击、重叠攻击等新的攻击方法。3)针对DES加密系统提出采用算法层和逻辑层组合的方法改进独特屏蔽方法(Unique Masking Method，UMM)；研究灵敏放大器型逻辑(SenseAmplifier Based Logic，SABL)特性，设计功耗平衡SABL单元库，半定制设计流程，并指出用SABL实现S盒的原因。对其安全性分析和仿真实验表明可以防御高阶DPA攻击。4)设计能够防御高阶DPA攻击的DES芯片。修改原始S盒，增加1个随机数和2组S盒。采用SABL实现DES芯片关键部分模块；采用CMOS实现非关键部分模块，最后构成整体DES芯片。设计实现芯片时考虑智能卡的限制，在一些性能指标上进行折中，采用部分流水结构。对其进行性能仿真并与现有芯片进行分析比较，芯片能够实现加解密，提高防御高阶DPA攻击的能力，比以前的方法节省资源。更多还原

【Abstract】 Power analysis method is a side channel attack method which got widelyattention and application, it observes the power variation characteristic whenencryption chip running, research the correlation of processing data and powerconsuming, to reason the Key stored in the chip according to correlation. For ourapproach is easy and the attack ability is strong, this approach is widely adopted.It can attack the chip with all kinds of encryption algorithm, not constrained by aspecific algorithm. Differential power analysis (DPA) and high order DPA (H-ODPA) attack ability is stronger, with the development of research, theimplementation approach is mature, the cost reduced dramatically, they seriouslythreaten encryption chip. There are many improved power attack approach aim atthe specifically encryption algorithm and the attack effect is better.Our thesis aimed at the characteristic of power attack technology and criticaltechnology, especially DPA and high order DPA, to proposes improved specifydefend approach, to enhance encryption chip defeat DPA, to design the encryptionchip and simulation. To research the defend approach according to new attackapproach, our main works are as follows:1) Propose defend method which modified AES algorithm. Introduce therandom method and Transformed Masking Method (TMM) to modify AESalgorithm, to implement with the inverse operation of GF(2~8) in the AESalgorithm with the Simple Dynamic Differential Logic (SDDL) logic. Theanalysis indicates that success attack need (16+4~*n)~2 times trace than thestandard DPA, this is infeasible. The simulation experiment indicates that ourapproach can defend the zero value attack.2) Propose an improved method with masking approach DES encryption chip,to modify the S box instead of restoring the key before proceeding data inputs-box, it can protect key and to eliminate data masking after the transformation ofS box. There exist XOR masking and Addition masking operation in the DESalgorithm, we implement the approach to transform in the XOR masking and Addition masking operation, the sensitive data will not appear in the cipher textand is completely masked. The simulation result indicates it can defend thecorrelation attack, superposition attack and so on3) Propose improved Unique Masking Method (UMM) algorithm whichcombines algorithm level and logic level method aiming at DES encryptionsystem; Research the characteristic of Sense Amplifier Based Logic (SABL),design power consuming balance SABL cell library, semi-custom design flow andpoint out the reason to implement S box with SABL. The security analysis andsimulation experiment shows our approach can defend the high-order DPA attack.4) Design the DES chip which can defend high order DPA attack. To modifythe S box, add one random number and two groups of S boxes. To achieve theDES chip critical module with SABL, non-critical module is implemented withCMOS, then construct the whole DES chip finally. To tradeoff some performanceindex in the implementation process consider the restriction of smartcard, a partsegment pipeline was used in its structure. To implement simulation analysis withthe performance and comparison with the chip in existence, it shows that the chipcan achieve encryption and decryption. The new approach improved the ability ofdefending high order DPA attack, reduced the resource consuming in the meantime.更多还原