密码系统的侧信道分析:进展与问题

doi:10.19665/j.issn1001-2400.2021.01.003

摘要/Abstract

摘要：

侧信道分析是密码系统的现实威胁之一。通过长期跟踪研究,对侧信道分析的主要研究方向,譬如信息预处理、非建模类和建模类分析等进行了分类总结,归纳了侧信道分析研究的核心内容,指出现有分析方法中存在的主要问题是依赖人为假设。人为假设一旦偏离实际情况,将会严重地影响侧信道分析的实际效果。给出了解决上述问题可能的技术路线,即使用零假设(弱假设)方法,并对该方向的后续研究进行了展望。

关键词: 侧信道分析, 信息预处理, 非建模类分析, 建模类分析, 零假设(弱假设)方法

Abstract:

Side-channel attack is among the real threats to a cryptosystem in practice.By tracking its latest development,the main research directions including information pre-processing,non-profiled and profiled analysis are classified and demonstrated.The research key points of side-channel attack are summarized,in which the limitation of relying on artificial assumptions is pointed out to be as the principal issue of the state-of-the-art methods.Once the artificial assumptions deviate from the actual situation,the effect of side-channel attack will be seriously affected or weakened.A possible technical solution to ruling out this limitation is given,that is,to make use of what we call the zero-assumption (or weak assumption) method.The next-step research points under this assumption are listed briefly.

Key words: side-channel attack, information pre-processing, non-profiled analysis, profiled analysis, method without (with weak) assumptions

中图分类号:

TN911.3

谷大武,张驰,陆相君. 密码系统的侧信道分析:进展与问题[J]. 西安电子科技大学学报, 2021, 48(1): 14-21.

GU Dawu,ZHANG Chi,LU Xiangjun. Progress of and some comments on the research of side-channel attack for cryptosystems[J]. Journal of Xidian University, 2021, 48(1): 14-21.

图/表 3

参考文献 50

[1]	CHARI S, RAO J R, ROHATGI P. Template Attacks [C]//Lecture Notes in Computer Science:2523.Heidelberg:Springer Verlag, 2003: 13-28.
[2]	GIERLICHS B, LEMKE-RUST K, PAAR C. Templates vs Stochastic Methods [C]//Lecture Notes in Computer Science:4249.Heidelberg:Springer Verlag, 2006: 15-29.
[3]	MANGARD S, OSWALD E, POPP T. Power Analysis Attacks:Revealing the Secrets of Smart Cards[M]. Heidelberg:Springer Verlag, 2007.
[4]	MATHER L, OSWALD E, BANDENBURG J, et al. Does My Device Leak Information? a Priori Statistical Power Analysis of Leakage Detection Tests [C]//Lecture Notes in Computer Science:8269.Heidelberg:Springer Verlag, 2013: 486-505.
[5]	GIERLICHS B, BATINA L, TUYLS P, et al. Mutual Information Analysis [C]//Lecture Notes in Computer Science:5154.Heidelberg:Springer Verlag, 2008: 426-442.
[6]	ARCHAMBEAU C, PEETERS E, STANDAERT F X, et al. Template Attacks in Principal Subspaces [C]//Lecture Notes in Computer Science:4249.Heidelberg:Springer Verlag, 2006: 1-14.
[7]	STANDAERT F X, ARCHAMBEAU C. Using Subspace-based Template Attacks to Compare and Combine Power and Electromagnetic Information Leakages [C]//Lecture Notes in Computer Science:5154.Heidelberg:Springer Verlag, 2008: 411-425.
[8]	EISENBARTH T, PAAR C, WEGHENKEL B. Building a Side Channel Based Disassembler [C]//Lecture Notes in Computer Science:6340.Heidelberg:Springer Verlag, 2010: 78-99.
[9]	HOGENBOOM J. Principal Component Analysis and Side-channel Attacks[D]. Nijmegen:Radboud Universiteit, 2010.
[10]	VAN WOUDENBERG J G J, WITTEMAN M F, BAKKER B. Improving Differential Power Analysis by Elastic Alignment [C]// Lecture Notes in Computer Science:6558.Heidelberg:Springer Verlag, 2011: 104-119.
[11]	CHARVET X, PELLETIER H.Improving the DPA Attack Using Wavelet Transform[C/OL].[ 2020- 07- 26]. http://www.cadshop.ru/articles/4.pdf.
[12]	MUIJRERS R A, VAN WOUDENBERG J G J, BATINA L.RAM:Rapid Alignment Method [C]//Lecture Notes in Computer Science:7079.Heidelberg:Springer Verlag, 2011: 266-282.
[13]	STROBEL D, PAAR C. An Efficient Method for Eliminating Random Delays in Power Traces of Embedded Software [C]//Lecture Notes in Computer Science:7259.Heidelberg:Springer Verlag, 2012: 48-60.
[14]	DURVAUX F, RENAULD M, STANDAERT F X, et al. Efficient Removal of Random Delays from Embedded Software Implementations Using Hidden Markov Models [C]//Lecture Notes in Computer Science:7771.Heidelberg:Springer Verlag, 2013: 123-140.
[15]	HODGERS P, HANLEY N, O'NEILL M.Pre-processing Power Traces with a Phase-sensitive Detector [C]//Proceedings of the 2013 IEEE International Symposium on Hardware-Oriented Security and Trust.Washington:IEEE Computer Society, 2013: 131-136.
[16]	CAGLI E, DUMAS C, PROUFF E. Convolutional Neural Networks with Data Augmentation against Jitter-based Countermeasures [C]//Lecture Notes in Computer Science:10529.Heidelberg:Springer Verlag, 2017: 45-68.
[17]	TIMON B. Non-profiled Deep Learning-based Side-channel Attacks with Sensitivity Analysis[J]. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2019,2019(2):107-131.
[18]	MESSERGES T S, DABBISH E A, SLOAN R H.Investigations of Power Analysis Attacks on Smartcards[C]//Proceedings of the 1999 1st Workshop on Smartcard Technology.Berkeley:USENIX Association1999: 151-161.
[19]	MESSERGES T S, DABBISH E A, SLOAN R H. Power Analysis Attacks of Modular Exponentiation in Smartcards [C]//Lecture Notes in Computer Science:1717.Heidelberg:Springer Verlag, 1999: 144-157.
[20]	BRIER E, CLAVIER C, OLIVIER F. Correlation Power Analysis with a Leakage Model [C]//Lecture Notes in Computer Science:3156.Heidelberg:Springer Verlag, 2004: 16-29.
[21]	MESSERGES T S. Using Second-order Power Analysis to Attack DPA Resistant Software [C]//Lecture Notes in Computer Science:1965.Heidelberg:Springer Verlag, 2000: 238-251.
[22]	LE T H, CLÉDIÈRE J, CANOVAS C, et al.A Proposition for Correlation Power Analysis Enhancement [C]//Lecture Notes in Computer Science:4249.Heidelberg:Springer Verlag, 2006: 174-186.
[23]	BEVAN R, KNUDSEN E. Ways to Enhance Differential Power Analysis [C]//Lecture Notes in Computer Science:2587.Heidelberg:Springer Verlag, 2003: 327-342.
[24]	MANGARD S, OSWALD E, STANDAERT F X. One for All-all for One:Unifying Standard Differential Power Analysis Attacks[J]. IET Information Security, 2011,5(2):100-110.
[25]	DOGET J, PROUFF E, RIVAIN M, et al. Univariate Side Channel Attacks and Leakage Modeling[J]. Journal of Cryptographic Engineering, 2011,1(2):123-144.
[26]	RENAULD M, STANDAERT F X, VEYRAT-CHARVILLON N, et al. A Formal Study of Power Variability Issues and Side-channel Attacks for Nanoscale Devices [C]//Lecture Notes in Computer Science:6632.Heidelberg:Springer Verlag, 2011: 109-128.
[27]	BATINA L, GIERLICHS B, LEMKE-RUST K. Differential Cluster Analysis [C]//Lecture Notes in Computer Science:5747.Heidelberg:Springer Verlag, 2009: 112-127.
[28]	SCHINDLER W, LEMKE K, PAAR C. A Stochastic Model for Differential Side Channel Cryptanalysis [C]//Lecture Notes in Computer Science:3659.Heidelberg:Springer Verlag, 2005: 30-46.
[29]	WHITNALL C, OSWALD E, STANDAERT F X. The Myth of Generic DPA… and the Magic of Learning [C]//Lecture Notes in Computer Science:8366.Heidelberg:Springer Verlag, 2014: 183-205.
[30]	WANG W, YU Y, STANDAERT F X, et al. Ridge-based DPA:Improvement of Differential Power Analysis for Nanoscale Chips[J]. IEEE Transactions on Information Forensics and Security, 2018,13(5):1301-1316.
[31]	VEYRAT-CHARVILLON N, STANDAERT F X. Generic Side-channel Istinguishers:Improvements and Limitations [C]//Lecture Notes in Computer Science:6841.Heidelberg:Springer Verlag, 2011: 354-372.
[32]	HOSPODAR G, GIERLICHS B, DE MULDER E, et al. Machine Learning in Side-channel Analysis:a First Study[J]. Journal of Cryptographic Engineering, 2011,1(4):293-302.
[33]	LERMAN L, BONTEMPI G, MARKOWITCH O. Side Channel Attack:an Approach Based on Machine Learning[C/OL].[2020-07-26].https://www.researchgate.net/publication/269463480.
[34]	SUN Y, WANG S, LI Y, et al. Ernie:Enhanced Representation through Knowledge Integration[J/OL].[2020-11-18].https://arxiv.org/pdf/1904.09223.pdf.
[35]	CHOROWSKI J, WEISS R J, BENGIO S, et al. Unsupervised Speech Representation Learning Using Wakened[J]. IEEE/ACM Transactions on Audio,Speech,and Language Processing, 2019,27(12):2041-2053.
[36]	CHEN X, LIN K Y, LIU W, et al. Weakly-supervised Discovery of Geometry-aware Representation for 3D Human Pose Estimation [C]//Proceedings of the IEEE Computer Society Conference on Computer Vision and Pattern Recognition.Washington:IEEE Computer Society, 2019: 10887-10896.
[37]	YAO H, ZHANG S, HONG R, et al. Deep Representation Learning with Part Loss for Person Re-identification[J]. IEEE Transactions on Image Processing, 2019,28(6):2860-2871.
[38]	GHAREHCHOPOGH F S, GHOLIZADEH H. A Comprehensive Survey:Whale Optimization Algorithm and Its Applications[J]. Swarm and Evolutionary Computation, 2019,48:1-24.
[39]	ZAID G, BOSSUET L, HABRARD A, et al. Methodology for Efficient CNN Architectures in Profiling Attacks[J]. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2020,2020(1):1-36.
[40]	WOUTERS L, ARRIBAS V, GIERLICHS B, et al. Revisiting a Methodology for Efficient CNN Architectures in Profiling Attacks[J]. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2020,2020(3):147-168.
[41]	ZHANG J, ZHENG M, NAN J, et al. A Novel Evaluation Metric for Deep Learning-based Side Channel Analysis and Its Extended Application to Imbalanced Data[J]. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2020,2020(3):73-96.
[42]	KIM J, PICEK S, HEUSER A, et al. Make Some Noise:Unleashing the Power of Convolutional Neural Networks for Profiled Side-channel Analysis[J]. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2019,2019(3):148-179.
[43]	HOANG A T, HANLEY N, O’NEILL M.Plaintext:a Missing Feature for Enhancing the Power of Deep Learning in Side-channel Analysis?[J]. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2020,2020(4):49-85.
[44]	BHASIN S, CHATTOPADHYAY A, HEUSER A, et al.Mind the Portability:a Warriors Guide through Realistic Profiled Side-channel Analysis:Cryptology ePrint Archive:Report2019/661[R/OL]. [2020-07-26].https://eprint.iacr.org/2019/661.
[45]	GOLDER A, DAS D, DANIAL J, et al. Practical Approaches Toward Deep-learning-based Cross-device Power Side-channel Attack[J]. IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 2019,27(12):2720-2733.
[46]	KANG G, JIANG L, YANG Y, et al. Contrastive Adaptation Network for Unsupervised Domain Adaptation [C]//Proceedings of the IEEE Computer Society Conference on Computer Vision and Pattern Recognition.Washington:IEEE Computer Society, 2019: 4888-4897.
[47]	YOU K, LONG M, CAO Z, et al. Universal Domain Adaptation [C]//Proceedings of the 2019 IEEE Computer Society Conference on Computer Vision and Pattern Recognition.Washington:IEEE Computer Society, 2019: 2715-2724.
[48]	ZHANG Y, TANG H, JIA K, et al. Domain-symmetric Networks for Adversarial Domain Adaptation [C]//Proceedings of the 2019 IEEE Computer Society Conference on Computer Vision and Pattern Recognition.Washington:IEEE Computer Society, 2019: 5026-5035.
[49]	LI Y, YUAN L, VASCONCELOS N. Bidirectional Learning for Domain Adaptation of Semantic Segmentation [C]//Proceedings of the 2019 IEEE Computer Society Conference on Computer Vision and Pattern Recognition.Washington:IEEE Computer Society, 2019: 6929-6938.
[50]	CHANG W G, YOU T, SEO S, et al. Domain-specific Batch Normalization for Unsupervised Domain [C]//Proceedings of the 2019 IEEE Computer Society Conference on Computer Vision and Pattern Recognition.Washington:IEEE Computer Society, 2019: 7346-7354.