分组密码抗ASCA安全性研究  

作　　者：李延斌[1] 唐明[2,1] 郭志鹏[1] 王龙龙[1] 胡晓波 张焕国[2,1] 

机构地区：[1]武汉大学计算机学院,武汉430072 [2]武汉大学空天信息安全与可信计算教育部重点实验室,武汉430072 [3]北京南瑞智芯微电子科技有限公司,北京102200

出　　处：《计算机学报》2016年第3期468-477,共10页Chinese Journal of Computers

基　　金：国家自然科学基金(61472292;61202386);金融IC卡及读写机具密码检测与安全防护技术研究及能力建设(2014ZX01032401-001)资助~~

摘　　要：代数侧信道攻击(ASCA)已经成为一种对分组密码非常有效的分析方法.得到ASCA分析所需要的最少轮次,将有利于构造密码算法抗侧信道分析的轻量化防护策略.文中基于信息论方法,提出了一种在汉明重模型下评估分组密码抗ASCA安全性的方法,并给出了一种抗基于汉明重模型ASCA分析的安全性指标,称为汉明重扩散度(HWE),以度量分组密码的非线性部件及轮函数对抗ASCA分析的能力.文中从理论上证明了在同时考虑ASCA和线性分析或差分分析时,HWE与非线性度以及差分均匀性这两项重要的密码学指标之间存在矛盾.因为差分均匀性和代数免疫度之间的关系,同理可知HWE和代数免疫度指标之间也存在矛盾.文中的实验结果表明,ASCA方法分析MIBS算法时至少需要4个加密轮次,才有足够的泄漏信息满足ASCA中所有方程求解,与文中提出的理论度量结果一致.作者的研究工作从理论上对迭代型分组密码抗ASCA能力进行度量指标的设计与研究,研究结果发现现有分组密码具有ASCA的防御脆弱性.The ASCA （Algebraic Side-Channel Attack） has become a very effective analytical method for block ciphers. Considering lightweight countermeasure, it would be helpful to know the minimal number of rounds needed in ASCA. In this paper, based on information theory, we present a method to evaluate the security of block ciphers against ASCA under the Hamming Weight model. We propose a security index referred to as HIVE （Hamming Weight Extension） to measure the resistance of nonlinear operations and round functions of block ciphers to ASCA. Furthermore, we find that the HIVE and two other important cryptographic indices, nonlinearity and differential uniformity, conflict with each other when ASCA and linear analysis or differential analysis are taken into account simultaneously. Considering the propositional relationship between differential uniformity and algebraic immunity, we find that the confliction between HWE and nonlinearity as well as differential uniformity and algebraic immunity. We present our experimental results with the MIBS algorithm and find that it needs to iterate at least 4 rounds of the MIBS to guarantee that the HWE of both nonlinear operations and round functions are nonzero, which are consistent with our analysis.

关 键 词：代数侧信道分析 汉明重模型 非线性度 差分均匀性 代数免疫度 分组密码 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]