谢满德,沈海斌,竺红卫

DOI: https://doi.org/10.3969/j.issn.1004-3365.2004.06.003

2004-01-01

Abstract:The fundamental principle of differential power analysis (DPA) attacks against universal cryptosystems and a particular theory of DPA attacks against data encryption standard (DES) algorithm are described in detail. An improved algorithm is proposed for DPA. Based on the analysis of noise characteristics of the power signals, an approach to modeling the signal-to-noise ratio (SNR) is proposed and corresponding theory is demonstrated. Finally, experimental results of the algorithm are presented.

Chenxu Wang,Mingyan Yu,Jinxiang Wang,Peihe Jiang,Xiaochen Tang

DOI: https://doi.org/10.1109/CCIS.2012.6664584

2012-01-01

Abstract:In CHES 2007, Bogdanov et al. proposed an ultra-lightweight block cipher named PRESENT, which has been included in the new international standard ISO/IEC 29192-2:2012. The correlation power analysis (CPA) attack against PRESENT is discussed in this paper. The first power analysis attack against the hardware implementation of PRESENT has been proposed by Zhang et al. in 2010. In this paper, we proposed a more practical attack method which does not need to reset the attacked device before each measurement. In order to test our method, we built a power consumption acquisition platform based on simulation and used two attack models to reveal the secret key via CPA. These two models need at least 450 and 230 plaintexts to successfully disclose the first round key, respectively. The results showed PRESENT cipher's vulnerability to power analysis attack.

LIU Zheng-lin,HAN Yu,ZOU Xue-cheng,CHEN Yi-cheng

DOI: https://doi.org/10.3969/j.issn.1007-130x.2008.03.006

2008-01-01

Abstract:The power consumption of a digital circuit implemented in the CMOS technology depends on the data that the circuit is processing. Power analysis attacks based on the fact pose a serious threat to cryptographic devices for extracting secret data. In this paper, we discuss the vulnerability of AES hardware implementations, and present the hypothetical circuit model. We also assess the susceptibility to differential power analysis (DPA) and correlation power analysis (CPA) attacks using different statistical methods in theoretical estimation. Furthermore, we give some possible hardware countermeasures against PA attacks.

Xinjie Zhao,Shize Guo,Fan Zhang,Tao Wang,Zhijie Shi,Huiying Liu,Keke Ji,Jing Huang

DOI: https://doi.org/10.1016/j.jss.2012.11.007

IF: 3.5

2013-01-01

Journal of Systems and Software

Abstract:The side-channel cube attack (SCCA) is a powerful cryptanalysis technique that combines the side-channel and cube attack. This paper proposes several advanced techniques to improve the Hamming weight-based SCCA (HW-SCCA) on the block cipher PRESENT. The new techniques utilize non-linear equations and an iterative scheme to extract more information from leakage. The new attacks need only 2^8^.^9^5 chosen plaintexts to recover 72 key bits of PRESENT-80 and 2^9^.^7^8 chosen plaintexts to recover 121 key bits of PRESENT-128. To the best of our knowledge, these are the most efficient SCCAs on PRESENT-80/128. To show the feasibility of the proposed techniques, real attacks have been conducted on PRESENT on an 8-bit microcontroller, which are the first SCCAs on PRESENT on a real device. The proposed HW-SCCA can successfully break PRESENT implementations even if they have some countermeasures such as random delay and masking.

Cong Chen,Xiangyu Li,Liji Wu,Xiangmin Zhang

DOI: https://doi.org/10.1109/ICSICT.2010.5667831

2010-01-01

Abstract:In this paper, an automatic general-purpose Differential Power Analysis (DPA) System for cryptographic devices is designed and implemented. This system aims at testing the security of cryptographic devices, e.g., Smart Card, FPGA and ASIC circuit against DPA attacks. To verify the effectiveness of the system, a DPA attack was successfully carried out by it on an AES cryptographic ASIC chip which had countermeasures implemented in it. The experimental results showed that the correct cipher key of this AES chip could be obtained during less than 3 hours of data processing time with at least 5000 power traces.

李元,刘政林,邹雪城,韩煜,陈毅成

IF: 1.992

2008-01-01

Microelectronics Journal

Abstract:An Atmel AT89C55 microcontroller was used to construct a real attack platform of cipher circuits.Power analyses against opcode and operand were conducted on this low-cost platform.Measured results showed that there existed a linear relationship between hamming weight of changing operand and difference of measuring power.Unit hamming weight would cause approximately 5 mV of power deviation under experimental conditions.Using differential power analysis (DPA)and correlation power analysis (CPA), the encrypted operation of advanced encryption standard (AES)was attacked.Experimental results showed that the CPA method had a higher success rate, and the1 number of plaintext samples and average filtering could significantly affect SNR of correlation coefficients.

Qingsheng Hu,Xiangning Fan,Qiaowei Zhang

DOI: https://doi.org/10.1109/cyberc.2019.00019

2019-01-01

Abstract:In order to improve the efficiency of side-channel attack and reduce attack costs, an effective differential power analysis (DPA) method for advanced encryption standard (AES) is presented. By building the power acquisition platform based on current main stream EDA tools, a lot of power consumption traces can be achieved with ease. In addition, a critical distinguishing function is investigated so as to the key recovering can be more efficient and practical. Finally, two attacking experiments using our analytical method for AES are performed based on the developed DPA platform. Simulation results show that the key of the AES can be cracked correctly illustrating our analytical method has high effectiveness.

SUN Chun-hui,LI Hui,YANG Yang,ZHU Hui

DOI: https://doi.org/10.3969/j.issn.1001-0548.2013.03.005

2013-01-01

Abstract:In this paper, the PRESENT algorithm is analyzed by the improved electromagnetic attack. The sensitive areas are found through magnetic coil over cipher chip on physical experiment platform. Differential electromagnetic analysis is implemented on the output of S-box and that of XOR. The results of analysis are mutually supported and complemented. In this way, 64 bits of the 80 bit original key can be recovered efficiently. The other 16 bits can be recovered through exhaustive attack and then the 80-bit original key could be recovered. In the analysis process, the peak value of the difference between mean values leaks the information of sub-key operating order in cipher chip. Furthermore, a flaw in the original PRESENT algorithm description is pointed out and corrected.

Xinjie Zhao,Shize Guo,Fan Zhang,Tao Wang,Zhijie Shi,Hao Luo

DOI: https://doi.org/10.1587/transfun.e96.a.332

2012-01-01

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences

Abstract:This paper proposes several improved Side-channel cube attacks (SCCAs) on PRESENT-80/128 under single bit leakage model. Assuming the leakage is in the output of round 3 as in previous work, we discover new results of SCCA on PRESENT. Then an enhanced SCCA is proposed to extract key related non-linear equations. 64-bit key for both PRESENT-80 and 128 can be obtained. To mount more effective attack, we utilize the leakage in round 4 and enhance SCCA in two ways. A partitioning scheme is proposed to handle huge polynomials, and an iterative scheme is proposed to extract more key bits. With these enhanced techniques, the master key search space can be reduced to 28 for PRESENT-80 and to 229 for PRESENT-128.

HUANG Jing,ZHAO Xin-jie,ZHANG Fan,GUO Shi-ze,ZHOU Ping,CHEN Hao,YANG Jian

DOI: https://doi.org/10.11959/j.issn.1000-436x.2016165

2016-01-01

Abstract:An enhanced algebraic fault analysis on PRESENT was proposed.Algebraic cryptanalysis was introduced to build the algebraic equations for both the target cipher and faults.The equation set of PRESENT was built reversely in order to accelerate the solving speed.An algorithm of estimating the reduced key entropy for given amount of fault injec-tions was proposed,which can evaluate the resistance of PRESENT against fault attacks under different fault models.Fi-nally,extensive glitch-based fault attacks were conducted on an 8-bit smart card PRESENT implemented on a smart card.The best results show that only one fault injection was required for the key recovery,this is the best result of fault attacks on PRESENT in terms of the data complexity.

Gaoli Wang,Shaohui Wang

DOI: https://doi.org/10.1109/cis.2010.84

2010-01-01

Abstract:PRESENT is a lightweight block cipher designed by A. Bogdanov et al. in 2007 for extremely constrained environments such as RFID tags and sensor networks, where the AES is not suitable for. In this paper, the strength of PRESENT against the differential fault attack on the key schedule is explored. Our attack adopts the nibble oriented model of random faults and assumes that the attacker can induce a single nibble fault on the round key. The attack can efficiently recover the secret key with the computational complexity of $2^{29}$, and sixty-four pairs of correct and faulty cipher texts on average.

Shenghua Chen,Wei Ge,Jinjiang Yang,Bo Liu,Jun Yang

DOI: https://doi.org/10.1109/trustcom/bigdatase.2018.00206

2018-01-01

Abstract:Side-channel Attack, such as simple power analysis and differential power analysis (DPA), is an efficient method to gather the key, which challenges the security of crypto chips. Side-channel Attack logs the power trace of the crypto chip and speculate the key by statistical analysis. To reduce the threat of power analysis attack, an innovative method based on random execution is proposed in this paper. In order to enhance ability against DPA, the method disorders the correspondence between power trace and operands by scrambling the data execution sequence randomly and dynamically. Experiments and verification are done on the Sakura-G FPGA platform. The results show that the key is not reveal after even 1 million power traces by adopting proposed method and only 1.12% slices overhead is introduced. Compared to unprotected chip, it increases more than 140× measure to disclosure.

Weiwei Shan,Xin Chen,Bo Li,Peng Cao,Jie Li,Gugang Gao,Longxing Shi

DOI: https://doi.org/10.1109/tim.2013.2259754

IF: 5.6

2013-01-01

IEEE Transactions on Instrumentation and Measurement

Abstract:Differential power analyses (DPA) have become great threats to cryptographic chips. However, the DPA resistance evaluation is difficult during circuit design time. In this paper, a simulation test platform at circuit design time and an experimental measurement platform are built to evaluate the DPA resistant capability of cryptographic chips. The design time security evaluation is obtained by dynamic power simulation taking the timing behavior into account, which uses time-based mode PrimeTime Power Extension (PTPX) and accurate timing characterization. The test effects of both platforms are verified on an unprotected Data Encryption Standard (DES) circuit. Then a novel DPA-resistant DES algorithm protected by an asymmetric mask is proposed. Its hardware implementation is realized via field programmable gate array (FPGA). Its power analysis attack resistant capability is evaluated using both simulation and experimental platforms. Compared with non-protected DES, by using five times larger samples and five times longer attack time, the sub-key of the improved DES algorithm still cannot be gained through a correlation DPA attack. Experimental results show the simulation and experimental evaluation platforms are consistent in DPA resistance evaluation, which makes it practical to verify the security at circuit design time. And our proposed asymmetric mask method is effective in protecting the DES algorithm.

Han Gan,Hongxin Zhang,Muhammad Saad Khan,Xueli Wang,Fan Zhang,Pengfei He

DOI: https://doi.org/10.1109/cc.2017.8068768

2017-01-01

China Communications

Abstract:Correlation power analysis (CPA) has become a successful attack method about crypto-graphic hardware to recover the secret keys. However, the noise influence caused by the random process interrupts (RPIs) becomes an important factor of the power analysis attack efficiency, which will cost more traces or attack time. To address the issue, an improved method about empirical mode decomposition (EMD) was proposed. Instead of restructuring the decomposed signals of intrinsic mode functions (IMFs), we extract a certain intrinsic mode function (IMF) as new feature signal for CPA attack. Meantime, a new attack assessment is proposed to compare the attack effectiveness of different methods. The experiment shows that our method has more excellent performance on CPA than others. The first and the second IMF can be chosen as two optimal feature signals in CPA. In the new method, the signals of the first IMF increase peak visibility by 64% than those of the tradition EMD method in the situation of non-noise. On the condition of different noise interference, the orders of attack efficiencies are also same. With external noise interference, the attack effect of the first IMF based on noise with 15dB is the best.

王晨旭,张凯峰,喻明艳,王进祥

DOI: https://doi.org/10.3778/j.issn.1002-8331.1207-0302

2013-01-01

Abstract:Differential Power Analysis(DPA), a technology of non-invasive side-channel attack, has posed a serious threat for the safety of cipher integrated circuits. In order to evaluate the effectiveness of power analysis attack countermeasure conveniently, following the gate-level power analysis method, a Correlation Power Analysis(CPA)research platform based on PrimeTime PX and MATLAB is built. The auxiliary platform has a strong universality, and only by reworking cipher-specific power model, the algorithm level countermeasures for different ciphers can be evaluated easily. As an application, standard AES algorithm and the improved AES algorithm with threshold countermeasure method is attacked, showing the platform effectiveness.

Yan Ting Ren,Li Ji Wu

DOI: https://doi.org/10.4028/www.scientific.net/amr.718-720.2376

2013-01-01

Advanced Materials Research

Abstract:In order to test the security of cryptographic devices against Side Channel Attacks (SCA), an automatic general-purpose power analysis system (TH-PAS-01) is designed and implemented. TH-PAS-01 is scalable and can be applied to many cryptographic devices when specific modules are installed. Using the system TH-PAS-01, correlation power analysis (CPA) are carried out on an AES chip under two working models: normal and shuffling mode. The security level of the countermeasure provided by the target chip is verified by TH-PAS-01. The experimental results show that the correct key of the AES chip is obtained with around 50,000 power traces when the chip was working under normal mode, while the whole key bits are not obtained with 960,000 power traces when the chip works under shuffling mode. The automatic general-purpose system TH-PAS-01 is feasible for security analysis on power analysis for cryptographic devices.

SHI Wei,DAI Kui,TONG Yuan-man,GONG Rui,WANG Zhi-ying

DOI: https://doi.org/10.3969/j.issn.1007-130x.2007.05.006

2007-01-01

Abstract:Differential-power-analysis attacks are currently the most effective on cryptographic devices.In such attacks,the power consumption of a cryptographic device is analyzed to reveal the secret key that is used inside the device.In order to counteract these attacks,DPA-resistant standard cells,instead of the static complementary CMOS standard cells,can be used to implement cryptographic devices.This paper analyzes the resistance of two different logic styles(DDCVSL and SABL)against DPA attacks in the design rules of two different process technologies.The experimental results demonstrate that DDCVSL and SABL all have a high DPA-resistance with the shrinking channel-length of the transistors.Meanwhile,the power consumption,delay and area of DDCVSL are less than those of SABL.

LIU Peng,WEI Lian-feng

DOI: https://doi.org/10.16208/j.issn1000-7024.2008.10.006

2008-01-01

Abstract:To be more secure,crypto-chips should be protected against simple power analysis attack and differential power analysis attack.Three technologies of differential power analysis are described and the performance of them is compared.To counter power analysis software and hardware level solutions are developed,but none of them achieved a total prevention of such attacks.The combi-nation of software and hardware is higher-efficiency in countermeasures to power analysis.Finally research directions are discussed.

Haoran Gong,Tailiang Ju

DOI: https://doi.org/10.1038/s41598-023-50220-2

IF: 4.6

2024-01-11

Scientific Reports

Abstract:Encryption chips are specialized integrated circuits that incorporate encryption algorithms for data encryption and decryption, ensuring data confidentiality and security. In China, the domestic SM4 algorithm is commonly utilized, as opposed to the international AES encryption algorithm. These widely implemented encryption standards have been proven to be difficult to crack through crypt analysis methods Currently, power consumption side-channel attacks are the most prevalent method. They involve capturing power consumption data during the encryption process and subsequently recovering the encryption key from this data. The two leading methods are Differential Power Analysis (DPA) and machine learning techniques. DPA does not necessitate prior knowledge but relies heavily on the number of power consumption curves. With only 50 power consumption data points, the accuracy is a mere 80%. Machine learning methods require prior knowledge, achieving an accuracy rate above 95% with only 30 power traces, albeit with training times typically exceeding 15 min. In this paper, a distributed energy analysis attack approach was presented based on Correlation Power Analysis (CPA). The power consumption data was divided into 16 subsets, with each subset corresponding to 8 bytes of the key. By training each subset separately, the 8-byte key's corresponding power consumption data is reduced to only 100 dimensions, resulting in a 76% decrease in cracking time and a 3% improvement in cracking accuracy rate.This article also trains a more complex 256 classification model to directly crack the final key, achieving a success rate of 28% in cracking 128-bit passwords with only 1 power trace

multidisciplinary sciences

Jie Li,Weiwei Shan,Yuxiang Lü,Huafang Sun

DOI: https://doi.org/10.3969/j.issn.1001-0505.2012.06.008

2012-01-01

Abstract:With the threat of differential power analysis (DPA, a type of side channel attack) to encryption devices, a new DPA countermeasure method is proposed and implemented on data encryption standard (DES) algorithm, using "asymmetric" mask technique which introduces asymmetrical random transformation to eliminate the relevance between power consumption and the key in order to resist DPA attack. Its hardware implementation was designed and realized on FPGA(field-programmable gate array). Then, a real power analysis attack FPGA platform is built to test the proposed DES as well as the unprotected DES respectively. The experiment results show that even when the power samples and analyzing time are nearly 5 times larger than the unprotected DES, our improved DES still cannot be attacked to gain the right key by Correlation Power Analysis. Therefore, the "asymmetric" mask technique is effective in resisting correlation power analysis.