一种针对格基后量子密码的能量侧信道分析框架  

作　　者：胡伟[1] 袁超绚 郑健 王省欣 李倍倍 唐时博 HU Wei;YUAN Chaoxuan;ZHENG Jian;WANG Xingxin;LI Beibei;TANG Shibo(School of Cyberspace Security,Northwestern Polytechnical University,Xi’an 710072,China)

机构地区：[1]西北工业大学网络空间安全学院,西安710072

出　　处：《电子与信息学报》2023年第9期3210-3217,共8页Journal of Electronics & Information Technology

基　　金：国家重点研发计划(2022YFB3103800)。

摘　　要：为应对量子计算对传统公钥密码的安全威胁,后量子密码(PQC)已逐渐成为新一代密码技术。虽然后量子密码通过数学理论保证了算法的安全性,但在密码实现运算过程中易发生侧信道信息泄漏。该文提出一种针对格基PQC的能量侧信道分析攻击框架,利用秘密多项式系数与能耗之间的关系创建侧信道攻击模板,实现了对Kyber算法的侧信道攻击。该文还首次提出一种高阶选择密文攻击方法,成功实现了对Kyber算法的能量侧信道分析,与现有工作相比该方法恢复Kyber512和Kyber768的密钥所需密文条数分别降低了58.48%和47.5%。实验结果表明了该文构建的能量侧信道分析框架的可行性,验证了高阶选择密文攻击方法的有效性,可为后续PQC算法实现侧信道安全风险评估提供方法与工具支撑。To address the security threat of quantum commutating on classic public key cryptography.Post-Quantum Cryptography(PQC)has gradually become a new generation cryptography technology.Although PQC ensures the security strength of the algorithms through mathematical theory,it can still be vulnerable to side-channel attacks during the execution of cipher implementation.A power side channel attack framework for lattice-based PQC is developped.By investigating the relationship between secret polynomial coefficient and power consumption,a template is created for the side-channel analysis of the Kyber algorithm.A novel high-order chosen ciphertext attack method is proposed,and power side channel attack on Kyber is realized successfully.Compared with existing work,the number of ciphertexts required to recover the entire Kyber512 key and Kyber768 key is reduced by 58.48%and 47.5%respectively.The feasibility of the proposed power side channel attack framework and the effectiveness of the proposed high-order chosen ciphertext attack method have been verified by experimental results.The method and tool support required for subsequent evaluation of the side channel security threat encountered by PQC is provided by this work.

关 键 词：后量子密码 能量侧信道 攻击框架 高阶选择密文攻击 Kyber 

分 类 号：TN918[电子电信—通信与信息系统] TP309[电子电信—信息与通信工程]