記 錄 編 號 8609 狀 態 G0495506124 助 教 查 核 建檔完成 索 書 號
advertisement
記 錄 8609 編 號 狀 G0495506124 態 助 教 建檔完成 查 核 索 書 查核完成 號 學 校 輔仁大學 名 稱 系 所 電子工程學系 名 稱 舊 系 所 名 稱 學 495506124 號 研 究 蔡宗達 生 (中 ) 研 究 Tsung Ta Tsai 生 (英 ) 論 文 克服短雜脈衝與過早傳輸效應以抵擋電力分析攻擊 名 稱 (中 ) 論 文 名 Overcoming Glitches and Early Propagation Effect to Counteract DPA Attacks 稱 (英 ) 其 他 題 名 指 導 教 林寬仁 授 (中 ) 指 導 教 Kuan Jen Lin 授 (英 ) 校 內 全 文 2008.8.21 開 放 日 期 校 外 全 文 2008.8.21 開 放 日 期 全 文 不 開 放 理 由 電 子 全 文 同意 送 交 國 圖. 國 圖 全 文 2008.8.21 開 放 日 期. 檔 案 全文 說 明 電 子 01 01 全 文 學 位 碩士 類 別 畢 業 96 學 年 度 出 版 97 年 語 文 英文 別 關 鍵 DPA 字 (中 ) 關 鍵 差異電力分析 字 (英 ) 不同邏輯電路形式被用以設計密碼演算電路以抵擋差異電力分析(differential power analysis)攻擊。 然而它們大多花費大量的硬體成本使電路沒有短雜脈 衝(glitch)與移除訊號過早傳輸(early propagation)之效應。在一個最近發表的 摘 做法 iMDPL (improved Masked Dual-Rail Pre-charge logic),即使已經使用了五 倍以上的硬體,我們仍然發現存在漏洞,可能降低安全強度。在本論文 要 中,我們研究兩種方法來克服短雜脈衝與訊號過早傳輸(early propagation)之 (中 效應。第一種方法 並未企圖消除短雜脈衝與訊號過早傳輸(early propagation) ) 之效應,而在於將它們的效應平均分配給不同電位之輸出,如此可以抵擋 差異電力分析攻擊,並節省大量硬體。我們提出等量(equivalence)性質之觀 念,來證明其安全性,並以實驗模擬驗證其安全性。第二中方法則是使用 亂數產生器來混亂訊號到達時間,以致攻擊者無法利用短雜脈衝與訊號過 早傳輸現象。我們也實作並評估此一方法。 Various logic styles have been proposed to counteract DPA (Differential Power Analysis) attacks. However, large area penalty must be incurred to make circuits glitch-free and to eliminate the early propagation effects. We found that a most recent 摘 design iMDPL still has leakage to DPA attacks in spite of using over 5 times area overhead. In this thesis, we study two countermeasures to overcome the glitch and 要 early propagation effects. The first approach does not attempt to make the whole (英 circuit glitch-free and no early propagation effect. On the other hand, it equalizes the ) glitches and early propagation effects for different-level outputs. We propose a new property called equivalence property to prove its security. The second approach applies an RNG (Random Number Generator) to insert random delays into the key path to make glitches and early propagation effects independent of intermediate data which are processed. Therefore, an attacker cannot exploit them to reveal a key. Abstract (in Chinese) .…...………………………………………………….……………i 文 Abstract .………….…..………….………………………………….…………… 目 ……...ii 次 Acknowledgement ………………………………………………………………… 論 …...iii Contents …...………………………………………………………………..…… …..…iv List of Tables ……........…………………………………………………………….…..vi List of Figures ……….....…...…………………………………………...….………….vii 1 Introduction ……………………………………………………………………….1 1.1 Differential Power Analysis Attack …………..……..……...….………….….1 1.2 Countermeasures………………………………………………………………2 1.3 Purpose of This thesis....…………………..…………………..…...………….3 1.4 Organization ……………………...…………………..….……...…………....4 2 AES Algorithm and Hardware Implementation …............................................5 2.1 Finite Fields…………………………………………………................…….5 2.2 AES Algorithm …..…….......……………….…………………...........……..9 2.3 AES Key Expansion ...……………………..……………………….……….12 2.4 The AES Hardware Implementation ………..……………………...……….13 3 DPA Attacks and PMRML Countermeasure…………………………………..17 3.1 DPA Attacks ...………….…………………………………..……….....……17 3.2 Countermeasures……...…..…………………………………………………22 3.3 Glitches and Early Propagation Effect….…………………………………...24 4 PMRML and Equivalence Property…………...……………..…………………26 4.1 Pre-charge Masked Reed-Muller Logic (PMRML)..................................…..26 4.2 Equivalence Property……………….........................................................…29 4.3 Security Evaluation of the PMRML .………………………………………..31 4.4 Security Evaluation of the iMDPL………………..………………………...33 5 Countermeasure using Randomized Delay …………………..……………… 35 5.1 Random Delay Insertion …………………………………………………….35 5.2 TRNG and PRNG ……………………………………...……………………37 5.3 Evaluation of RNG…………………………………………………………..38 6 Experimental Results...........................................................................42 6.1 PMRML Evaluation using SPICE…..……………………………………….42 6.2 Experimental Results………………………………………………………...44 7 Conclusion………………………………………………......................................47 References ….……………………………………………………………………… ….48 參 考 文 獻 [1] M. L. Akkar and C. Giraud, “An Implementation of DES and AES, Secure against Some Attacks,” CHES, LNCS, vol. 2162, pp. 309-318, 2001. [2] ASIM J. AL-KHALILI, “A Controlled Probability Random Pulse Generator Suitable for VLSI Implementation,” IEEE Trans. on Instrumentation and Measurement, vol. 39, no. 1, Feb. 1990. [3] M. Bucci and L. Raimondo, ”A Countermeasure against Differential Power Analysis Based on Random Delay Insertion, ” Proc. IEEE ISCAS 2005, pp. 3547-3550, 2005. [4] Z. Cheng and Y. Zhou, “Dual-Rail Random Switching Logic: A Countermeasure Free of Output Transition Leakage,” CHES, LNCS, vol. 4249, pp. 242-254, 2006. [5] M. Davio, J. P. Deschamps and A. Thayse, Discrete and Switching Functions, McGraw-Hill, 1978. [6] G. Jovan Dj, “New Methods for Digital Generation and Postprocessing of Random Data, ” IEEE Trans. on Computers, PP. 1217-1229, 2006. [7] W. Fischer and B. M. Gammel, “Masking at Gate Level in the Presence of Glitches,” CHES, LNCS 3659, pp. 187-200, 2005. [8] J. D. Golić and R. Menicocci, “Universal Masking on Logic Gate Level,” Electronics Letters, vol. 40, pp. 526-527, 2004. [9] J. D. Golic and C. Tymen, “Multiplicative Masking and Power Analysis of AES,” CHES, LNCS, vol. 2523, pp. 198-212, 2003. [10] B. Jun and Kocher, ”The Intel Random Number Generator, ” white paper for Intel Corporation, Cryptography Research Inc., 1948. [11] P. Kocher, J. Jaffe and B. Jun, “Differential Power Analysis,” Advances in Cryptology – CRYPTO, LNCS, vol. 1666, pp. 388-397, 1999. [12] K. J. Kulikowski, M. Su, A. B. Smirnov, A. Taubin, M. G. Karpovsky and D. MacDonald, “Delay Insensitive Encoding and Power Analysis: A Balancing Act,” ASYNC, pp. 116-125, 2005. [13] R. Lidl, H. Niederreiter, Introduction to Finite Fields and Their Application, Cambridge University Press, New York, 1994. [14] K. J. Lin, S. C. Fang, S. H. Yang and C. C. Lo, “Overcoming Glitches and Dissipation Timing Skews in Design of DPA-Resistant Cryptographic Hardware,” Proc. IEEE/ACM DATE, Nice, 2007. [15] D. Markus and G. Jovan Dj., ”High-Speed True Random Number Generation with Logic Gates Only, ”CHES LNCS 4727, pp. 45-62, 2007. [16] S. Mangard, M. Aigner and S. Dominikus, “A Highly Regular and Scalable AES Hardware Architecture,” IEEE Trans. on Computer, vol. 52, pp. 483-491, Apr. 2003. [17] S. Mangard, E. Oswald and T. Popp, Power Analysis Attacks – Revealing the Secrets of Smart Cards, Springer, 2007. [18] S. Mangard, T. Popp, and B. Gammel, “Side-Channel Leakage of Masked CMOS Gates,” CT-RSA, LNCS 3376, pp. 351-365, 2005. [19] T. S. Messerges, E. A. Dabbish and R. H. Sloan, “Examining Smart-Card Security under the Thread of Power Analysis Attacks,” IEEE TC, vol. 51, no. 5, pp. 541-552, 2002. [20] S. Morioka and A. Satoh, “An Optimized S-Box Circuit Architecture for Low Power AES Design,” CHES, LNCS, vol. 2523, pp. 172-186, 2003. [21] NIST, “Advanced Encryption Standard (AES),” FIPS PUBS 197, Nov. 2001. [22] T. Popp and S. Mangard, “Masked Dual-Rail Precharge Logic: DPA-Resistance Without Routing Constraints,” CHES, pp. 172-186, 2005. [23] T. Popp, M. Kirschbaum, T. Zefferer and S. Mangard, “Evaluation of the Masked Logic Style MDPL on a Prototype Chip,” CHES 2007, pp.81-94, 2007. [24] A. Rudra, P. K. Dubey, C. S. Jutla, V. Kumar, J. R. Rao and P. Rohatgi, “Efficient Rijndael Encryption Implementation with Composite Field Arithmetic,” CHES, LNCS, vol. 2162, pp. 171-184, 2001. [25] H. Saputra, N. Vijaykrishnan, M. Kandemir, M. J. Irwin, R. Brooks, S. Kim and W. Zhang, “Masking the Energy Behavior of DES Encryption,” Proc. DATE, pp. 84-89, 2003. [26] A. Satoh, S. Morioka, K. Takano and S. Munetoh, “A Compact Rijndael Hardware Architecture with S-Box Optimization,” ASIACRYPT, LNCS, vol. 2248, pp. 239-254, 2001. [27] K. Schramm, “Advanced Methods in Side Channel Cryptanalysis,” Ph.D. Thesis, Department for Electrical Engineering and Information Technology, University of Bochum, Germany, 2006. [28] D. Schellekens, B. Preneel, and I. Verbauwhede, “FPGA Vendor Agnostic True Random Number Generator, ” Proc. 16th Int’l Conf. Field Programmable Logic and Applications, PP. 1-6, 2006. [29] C. P. Su, T. F. Lin, C. T. Huang and C. W. Wu, “A High-Throughput Low-Cost AES Processor,” IEEE Communications Magazine, vol. 41, Issue 12, pp. 86-91, Dec. 2003. [30] B. Sunar, W. J. Martin and D. R. Stinson, “A Provably Secure True Random Number generator with Built-In Tolerance to Active Attacks,” IEEE Trans. on Computer, pp. 109-119, 2007. [31] D. Suzuki and M. Saeki, “Security Evaluation of DPA Countermeasures Using Dual-Rail Pre-charge Logics,” CHES, LNCS, vol. 4249, pp. 255-269, 2006. [32] D. Suzuki, M. Saeki and T. Ichikaw, “Random Switching Logic: A Countermeasure against DPA based on Transition Probability,” Cryptology ePrint Archive, Report 2004-346, http://eprint.iacr.org/, 2004. [33] K. Tiri, D. Hwang, A. Hodjat, B. Lai, S. Yang, P. Schaumont and I. Verbauwhede, “A Side-Channel Leakage Free Coprocessor IC in 0.18μm CMOS for Embedded AES-based Cryptographic and Biometric Processing,” DAC, Jun. 2005. [34] E. Trichina and T. Korkishko, “Secure AES Hardware Module for Resource Constrained Devices,” ESAS, LNCS, vol. 3313, pp. 215-229, 2005. [35] E. Trichina, D. D. Seta and L. Germani, “Simplified Adaptive Multiplicative Masking for AES,” CHES, LNCS, vol. 2523, pp. 187-197, 2003. [36] Neal R. Wagner, “The Laws of Cryptography: The Finite Field GF (28),” http://www.cs.utsa.edu/~wagner/laws/FFM.html, 2001. [37] J. Wolkerstorfer, E. Oswald and M. Lamberger, “An ASIC Implementation of the AES SBoxes,” CTRSA, LNCS, vol. 2271, pp. 67-78, 2002. [38] X. Zhang and K. K. Parhi, “HighSpeed VLSI Architectures for the AES Algorithm,” IEEE Trans. on VLSI Systems, vol. 12, Issue 9, pp. 957-967, Sep. 2004 論 文 51 頁 數 附 註 全 文 點 0000011 閱 次 數 資 料 建 2008/8/21 置 時 間 轉 檔 2008/09/17 日 期 全 文 檔 495506124 2008.8.21 18:34 140.136.147.13 new 01 495506124 2008.9.8 10:42 存 140.136.146.139 del 01 495506124 2008.9.8 10:42 140.136.146.139 new 01 取 記 錄 異 動 記 錄 C 495506124 Y2008.M8.D21 18:24 140.136.147.13 M 495506124 Y2008.M8.D21 18:37 140.136.147.13 M 495506124 Y2008.M8.D21 18:38 140.136.147.13 M 495506124 Y2008.M8.D21 18:38 140.136.147.13 M 495506124 Y2008.M8.D21 18:38 140.136.147.13 M 495506124 Y2008.M8.D21 18:39 140.136.147.13 M 495506124 Y2008.M8.D21 18:39 140.136.147.13 M elec3789 Y2008.M8.D21 18:39 140.136.147.13 M elec3789 Y2008.M9.D4 15:49 140.136.145.220 M elec3789 Y2008.M9.D4 15:50 140.136.145.220 M elec3789 Y2008.M9.D4 16:00 140.136.145.220 M 495506124 Y2008.M9.D8 10:43 140.136.146.139 M elec3789 Y2008.M9.D8 13:52 140.136.145.220 M elec3789 Y2008.M9.D8 13:52 140.136.145.220 I 030540 Y2008.M9.D17 9:32 140.136.209.41
