机构地区:[1]Key Laboratory of Computer Networks and Information Security, Xidian University, Xi'an 710071, China [2]State Key Laboratory of Information Security, Graduate University of Chinese Academy of Sciences, Beijing 100049, China
出 处:《The Journal of China Universities of Posts and Telecommunications》2011年第5期118-123,共6页中国邮电高校学报(英文版)
基 金:supported by the National Basic Research Program of China (2007CB311201);the National Natural Science Foundation of China (60833008, 60803149)
摘 要:Power analysis has been a powerful and thoroughly studied threat for implementations of block ciphers and public key algorithms but not yet for stream ciphers. Based on the consumed power differences between two neighboring clock cycles, this paper presents a correlation power analysis (CPA) attack on the synchronous stream cipher DECIM^v2 (the tweaked version of the original submission DECIM). This attack resynchronizes the cryptographic device ceaselessly with many different initialization values (IVs) to obtain enough power traces. Then by modeling the statistical properties of the differential power traces with the correlation coefficients, the proposed attack algorithm can completely reveal the secret key of DECIM^v2. Furthermore, a simulation attack is mounted to confirm the validity of the algorithm. The results show that the entire secret key of DECIM^v2 can be restored within several minutes by performing 12 CPA attacks. It seems that there are still some defects in the design of DECIM^v2 and thus some further improvements should be made to resist the proposed attack.Power analysis has been a powerful and thoroughly studied threat for implementations of block ciphers and public key algorithms but not yet for stream ciphers. Based on the consumed power differences between two neighboring clock cycles, this paper presents a correlation power analysis (CPA) attack on the synchronous stream cipher DECIM^v2 (the tweaked version of the original submission DECIM). This attack resynchronizes the cryptographic device ceaselessly with many different initialization values (IVs) to obtain enough power traces. Then by modeling the statistical properties of the differential power traces with the correlation coefficients, the proposed attack algorithm can completely reveal the secret key of DECIM^v2. Furthermore, a simulation attack is mounted to confirm the validity of the algorithm. The results show that the entire secret key of DECIM^v2 can be restored within several minutes by performing 12 CPA attacks. It seems that there are still some defects in the design of DECIM^v2 and thus some further improvements should be made to resist the proposed attack.
关 键 词:CRYPTOGRAPHY CRYPTANALYSIS side channel attacks (SCA) CPA DECIM^v2
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术] TN949.12[自动化与计算机技术—计算机科学与技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
