检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]军械工程学院计算机工程系,河北石家庄050003
出 处:《通信学报》2010年第6期89-98,共10页Journal on Communications
基 金:国家自然科学基金资助项目(60772082);河北省自然科学基金资助项目(08M010)~~
摘 要:分别提出并讨论了针对SMS4加密前4轮和最后4轮的访问驱动Cache计时分析方法,设计间谍进程在不干扰SMS4加密前提下采集加密前4轮和最后4轮查表不可能访问Cache组集合信息并转化为索引值,然后结合明文或密文对密钥的不可能值进行排除分析,最终恢复SMS4初始密钥。实验结果表明多进程共享Cache存储器空间方式和SMS4查找表结构决定其易遭受Cache计时攻击威胁,前4轮和最后4轮攻击均在80个样本左右恢复128bit SMS4完整密钥,应采取一定的措施防御该类攻击。Two access driven Cache timing analysis methods on both first four rounds and last four rounds of SMS4 encryption were proposed and discussed.On the precondition of not interfering SMS4 encryption,a spy process was designed to gather the un-accessed lookup table related Cache sets during first four rounds and last four rounds of SMS4 encryption,then transferred them into impossible lookup table indices,combing plaintext or cipher text to analyze the impossible key byte candidates,finally the initial SMS4 key was recovered.Experiment results demonstrate that multi-process sharing Cache space feature and SMS4 lookup table structure decide that SMS4 is vulnerable to Cache timing attack,for about 80 samples are enough to recover full 128bit SMS4 key during both first four rounds attack and last four rounds attack,so it’s necessary to take certain countermeasures to prevent this kind of attack.
关 键 词:SMS4 访问驱动 CACHE计时攻击 Cache组 查表索引
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.223.109.25
