针对AES查表法最后一轮加密的L3缓存攻击  

L3 Cache Attack Against Last Round of Encryption AES Table Lookup Method

在线阅读下载全文

作  者:陆垚 陈开颜 王寅龙 尚倩伊 LU Yao;CHEN Kai-yan;WANG Yin-long;SHANG Qian-yi(Army Engineering University of PLA,ShiJiazhuang 050000,China)

机构地区:[1]陆军工程大学,石家庄050000

出  处:《计算机科学》2020年第S01期375-380,共6页Computer Science

摘  要:文中对Cache最新的攻击方法进行了研究,在配置Intel i5-4590四核心、3.3 GHz CPU处理器的机器上,对Linux系统虚拟环境下Bouncy Castle JDK1.0库中的AES快速加密法—AESFastEngine.java进行flush+flush计时攻击。在加密进程持续执行时,使用flush+flush方法遍历共享主存地址来检测活动地址集(S盒地址),然后找到S盒偏移位,对S盒偏移位中的表项进行监控,从密文数据中筛选对应flush+flush时间较短的密文值,再利用S盒中的表项值恢复最后一轮密钥值,即通过确定监测S盒中固定范围的表项的使用情况来恢复最后一轮加密使用的密钥值,这种方法需要大量的已知密文,并且能够精确地计算出S盒的偏移和最后一轮的密钥值。According to the research status of Cache Side-Channel attacks,on machines equipped with Intel i5-4590 four-core,3.3GHz CPU processor,flush+flush timing attack is carried out on AES fast encryption method(AESFastEngine.Java)of Bouncy Castle JDK1.0 library in Linux system virtual environment.When the encryption process continues to execute,flush+flush method is used to traverse the shared main memory address to detect the active address set(s-box address),and then the S-box offsets is found to monitor table entries in the s-box offset.Select ciphertext value corresponding to shorter flush+flush time from all ciphertexts,and restore the last round key value with the table entry value of S box,that is,the key value used in the last round can be restored by determining the usage of entries in S-box.This method needs a large number of known ciphertext,and can accurately calculate the offsets of S-box and the last round key values.

关 键 词:AES查表法 RIJNDAEL算法 flush+flush攻击 CACHE计时攻击 S盒偏移位 

分 类 号:TP309.7[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象