一种抗能量分析攻击的复合寄存器系统  被引量：4

作　　者：刘泽艺[1,2,3] 高能[1,3] 屠晨阳[1,2,3] 马原[1,2,3] 刘宗斌[1,3] 

机构地区：[1]中国科学院数据与通信保护研究教育中心,北京100093 [2]中国科学院大学,北京100049 [3]中国科学院信息工程研究所,北京100093

出　　处：《密码学报》2014年第5期411-421,共11页Journal of Cryptologic Research

基　　金：国家重点基础研究发展项目(973计划)(2013CB338001)

摘　　要：能量分析攻击是最常见、最成熟的一种侧信道分析技术,对密码算法硬件实现以及多种密码芯片产品产生巨大的威胁.在针对密码算法硬件实现的能量分析攻击中,主要的攻击目标是寄存器,对寄存器进行差分能量分析(Differential Power Analysis,DPA)是最普遍的一类攻击方式.双轨预充电逻辑(Dual-rail Precharge Logic,DPL)作为隐藏技术中的代表方案,是一类抵抗能量分析攻击的有效方法,但使用DPL结构会使密码芯片面积加倍,同时吞吐率也会降低一半.针对这些缺陷,本文提出了一种复合寄存器系统的设计方案.该方案针对硬件电路中能量消耗最大的寄存器部分进行重点防护,使整个复合寄存器系统在每一时钟周期内的总汉明重量与总汉明距离值保持恒定.该方案在保持密码芯片吞吐率基本不变的同时,对寄存器进行了有效的抗能量分析保护.实验表明,在本文提出的复合寄存器方案保护下,10万条能量曲线也无法恢复出真实密钥,相比于无保护寄存器260条即可恢复出真实密钥的情况,有效提高了密码算法实现的安全性.Power Analysis is one of the most common and mature techniques in side channel analysis, which brings huge threats to hardware implementations of cryptographic algorithms and various Cipher Chips. In Power Analysis field focusing on the hardware implementation of the cryptographic algorithms, registers are the main attacking targets. Differential Power Analysis(DPA) aiming at registers is one of the most popular analysis. However, Dual-rail Precharge Logic(DPL), as the representative in hiding techniques, is an effective countermeasure against DPA, but with the cost of doubling the chip area and meanwhile halving the data throughput rate. To overcome these drawbacks, we propose a scheme of compound register system. The scheme focuses on registers which have the highest power consumption and makes countermeasure by utilizing the additional registers to compensate the hamming weight and hamming distance value of the originally working register, making both of the values constants in every clock cycle. The scheme has the ability to protect the originally working register while holding the rate of data throughput. Our evaluation experiment shows that, it's impossible to recover the secret key with more than one hundred thousand traces by using our compound register system, while roughly 260 power traces are enough to compromise the unprotected register scheme. Thus, the proposed system effectively improves the security of the implementation of the cryptographic algorithm.

关 键 词：差分能量分析 双轨预充电逻辑 复合寄存器系统 

分 类 号：TP332.11[自动化与计算机技术—计算机系统结构]