Grain-128同步流密码的选择初始向量相关性能量攻击  被引量:3

Chosen initial vector correlation power attack on synchronous stream cipher Grain-128

在线阅读下载全文

作  者:杨昌盛[1] 于敬超 严迎建[1] 

机构地区:[1]信息工程大学,郑州450004

出  处:《计算机应用》2014年第5期1318-1321,1349,共5页journal of Computer Applications

摘  要:不同于分组密码,序列密码构造相对简单且大量使用线性运算,因此攻击点功耗与其他功耗成分之间往往存在较强的相关性,使得能量分析攻击难以实施。针对上述现状,提出了一种面向Grain-128同步流密码的选择初始向量(IV)相关性能量攻击方案。首先对Grain-128的输出函数h(x)进行了分析,并基于此确定了攻击点表达式;其次通过选取特定的初始向量,消除了攻击点功耗和其他功耗成分之间的相关性,从而解决了能量攻击所面临的关键问题;最后基于功耗分析工具PrimeTimePX对攻击方案进行了验证。结果表明,该方案仅需736个IV样本即可实施23轮攻击,恢复46比特密钥。Unlike block cipher, stream ciphers are relatively simple and widely use linear operation, so there is often a strong correlation between the power of attack point and other power components, making it difficult to implement power analysis attacks. For the aforementioned situation, a chosen-Initial Vector (IV) correlation power analysis attack on synchronous stream cipher Grain-128 was proposed. First, the attack point and its power consumption model were gotten by analyzing the property of Grain-128's output function h(x). Then the correlation between the power of attack point and other power components was eliminated by choosing specific initial vectors, and the key problem facing the energy attacks was solved. Finally, a verification experiment was conducted based on power analysis tool PrimeTimePX. The results show that the scheme can implement 23 rounds attack and recover 46 bits key with only 736 initial vectors.

关 键 词:同步流密码 Grain-128 选择Ⅳ 相关性能量分析攻击 

分 类 号:TN918.4[电子电信—通信与信息系统] TP309.7[电子电信—信息与通信工程]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象