节点文献
DES缓存攻击技术研究
Research of Cache Attack on DES
【作者】 张宁博;
【作者基本信息】 山东大学 , 信息安全, 2008, 硕士
【摘要】 信息安全不仅是各国政府和军事部门关切的问题,也是企事业单位需要解决的。所以美国国家标准局(NIST)于1977年公布由IBM公司研制的一种加密算法,批准它作为非机要部门使用的数据加密标准,简称DES。DES是Data Encryption Standard的缩写。自从公布以来,它一直超越国界,成为国际上商用保密通信和计算机通信最常用的加密算法。多年来DES一直活跃在国际保密通信的舞台上,扮演了十分突出的角色。但由于DES分组大小和密钥长度分别是64位和56位,这成为DES的主要安全弱点。进入20世纪90年代以后,Eli Biham和Adi Shamir提出“差分密码分析”,Mitsuru Matsui提出了“线性密码分析”,但这些方法需要很大的选择明文数量,付出很大的代价才能解出一个密钥。旁路攻击是一种新兴的攻击方法,它利用密码算法加密过程中产生的环境信息来达到破解密码算法的目的。旁路攻击已经成为一种密码分析的有效手段。缓存攻击是一种基于缓存的旁路攻击,它利用加密平台的缓存特性来获取相关的密钥信息。基于缓存的旁路攻击能够作用于一切实现于“Cache Memory”层次存储结构计算机设备上的查表实现的DES算法,从而危害到服务器、桌面以及嵌入式等各种领域的主流计算机系统。目前,在国外已经有了一些关于使用缓存分析攻击DES的论文发表,Paul Kocher于1996年首先提出了旁路攻击,并对能量分析攻击进行了研究。J.Kelsey,B.Schneier,D.Wagner,and C.Hall后来提出了缓存分析攻击,但国内相应的研究才刚刚起步,所以本文将DES算法作为研究缓存分析攻击的目标算法,探索缓存分析攻击方法和研究思路,并提出相应的防御措施。本文根据DES在访问数组时缓存表现出来的“命中”和“未命中”的特性,对DES算法进行分析。在介绍DES算法和缓存结构的基础上,分析了缓存攻击DES的原理和两种攻击模型,并且进行了软件实现。
【Abstract】 Information security is not only concerned by the governments and the military sectors, but also by the Enterprises .So United States National Bureau of Standards (NIST) published an algorithm developed by IBM, and ratify it as the Data Encryption Standard for the non-confidential departments in 1977, DES is the acronym. Since its publication, it has become the major encryption algorithms for confidential communications of international commerce and computer. DES has become a well known and widely used cryptosystem for many years.However, DES has major weakness because of the only 56-bit-long key size and the 64-bit-long block size. When it came to 1990s, Eli Biham and Adi Shamir proposed differential cryptanalysis, and Mitsuru Matsui proposed the linear cryptanalysis. But both the methods need huge number of plaintexts to decrypt the key.Side-channel attack is a new method to analysis cryptography. It makes use of the environment information which is generated in encryption to decrypt the cryptography. It has been an effective method. Cache attack is one kind of side-channel attack that based on cache. It makes use of the cache feature to gain some information of the key. It can be used for all DES algorithm that implemented with table-lookup and run under the machine with cache, so it can harm many computer system, such as server, desktop and embedded system.At present, there have been some papers about how to use cache to attack DES encryption. In 1996 Paul Kocher first proposed the side channel attacks and did some research on the power analysis attack. J. Kelsey, B. Schneier, D. Wagner, and C. Hall put forward cache analysis attacks while the domestic related research just made the first step. So this paper intends to make use of the cache attack to DES to explore the cache analysis method and put forward defensive measures. According to the characteristic of hitting or missing showed by the visiting arrays cache operation in the DES encryption progress, this paper proposes a analysis technique of cache attack to DES. On the basis of the DES algorithm and Cache structure, we introduce the principle of DES, and analysis two attacking models and implemented it.
- 【网络出版投稿人】 山东大学 【网络出版年期】2009年 01期
- 【分类号】TP393.08
- 【被引频次】2
- 【下载频次】187