Mei Xie

2005-01-01

Abstract:In some detail, the paper expounds the principle about simple power analysis(SPA) attacks against the general cryptography and a particular theory against data encryption standard (DES) algorithm. At the same time, the paper addresses some improvement of SPA. At last, the paper discusses some countermeasures against the powe analysis attack.

LI Jing,LI Lin-sen

DOI: https://doi.org/10.3969/j.issn.1000-3428.2013.07.045

2013-01-01

Abstract:Based on the principle of Side-channel Analysis(SCA) and power leakage of IC chip,this paper analyzes the relationship of encryption process and power leakage of IC chip.According to the problem of power leakage in chip Data Encryption Stardard(DES) encryption,it brings out power diff-function Differential Power Analysis(DPA) and correlation analysis method,which are based on S-box output.It uses Inspector platform to do DPA examinations,and is succeed in cracking the key of some chip's DES encryption.Examinations results not only prove the correctness of test method,but also find the power leakage security vulnerability of traditional DES algorithm used in IC chip.

LI Hai-bin,ZHOU Yu-jie

DOI: https://doi.org/10.3969/j.issn.1002-0802.2007.11.105

2007-01-01

Abstract:Since the introduction of Power Analysis on smart cards by Paul Kocher,many countermeasures have been suggested to protect implementations of cryptographic algorithms.In this paper,a new protection principle ——the transformed masking method is proposed.And this method is applied to protect the most popular block cipher: DES.

QIAN Si-jin,ZHANG Kai-ze,WANG Yan-bo,HE De-quan

DOI: https://doi.org/10.3321/j.issn:1002-8331.2007.32.044

2007-01-01

Abstract:Based on the thorough analysis of the Differential Power Analysis theory,a DES-oriented DPA system is designed in this paper and the DPA analysis correct rate is achieved.Through detail observation and analysis of the experimental data,we’ve found one factor which may seriously affect the DES’ DPA analysis correct rate,that is the 4th S-Box collision phenomenon which is deserved to be researched deeply in the future.

Qingsheng Hu,Xiangning Fan,Qiaowei Zhang

DOI: https://doi.org/10.1109/cyberc.2019.00019

2019-01-01

Abstract:In order to improve the efficiency of side-channel attack and reduce attack costs, an effective differential power analysis (DPA) method for advanced encryption standard (AES) is presented. By building the power acquisition platform based on current main stream EDA tools, a lot of power consumption traces can be achieved with ease. In addition, a critical distinguishing function is investigated so as to the key recovering can be more efficient and practical. Finally, two attacking experiments using our analytical method for AES are performed based on the developed DPA platform. Simulation results show that the key of the AES can be cracked correctly illustrating our analytical method has high effectiveness.

LIU Peng,WEI Lian-feng

DOI: https://doi.org/10.16208/j.issn1000-7024.2008.10.006

2008-01-01

Abstract:To be more secure,crypto-chips should be protected against simple power analysis attack and differential power analysis attack.Three technologies of differential power analysis are described and the performance of them is compared.To counter power analysis software and hardware level solutions are developed,but none of them achieved a total prevention of such attacks.The combi-nation of software and hardware is higher-efficiency in countermeasures to power analysis.Finally research directions are discussed.

Jean-Sébastien Coron

DOI: https://doi.org/10.1007/3-540-48059-5_25

1999-01-01

Abstract:Differential Power Analysis, first introduced by Kocher et al. in [14], is a powerful technique allowing to recover secret smart card information by monitoring power signals. In [14] a specific DPA attack against smart-cards running the DES algorithm was described. As few as 1000 encryptions were sufficient to recover the secret key. In this paper we generalize DPA attack to elliptic curve (EC) cryptosystems and describe a DPA on EC Diffie-Hellman key exchange and EC El-Gamal type encryption. Those attacks enable to recover the private key stored inside the smart-card. Moreover, we suggest countermeasures that thwart our attack.

Cong Chen,Xiangyu Li,Liji Wu,Xiangmin Zhang

DOI: https://doi.org/10.1109/ICSICT.2010.5667831

2010-01-01

Abstract:In this paper, an automatic general-purpose Differential Power Analysis (DPA) System for cryptographic devices is designed and implemented. This system aims at testing the security of cryptographic devices, e.g., Smart Card, FPGA and ASIC circuit against DPA attacks. To verify the effectiveness of the system, a DPA attack was successfully carried out by it on an AES cryptographic ASIC chip which had countermeasures implemented in it. The experimental results showed that the correct cipher key of this AES chip could be obtained during less than 3 hours of data processing time with at least 5000 power traces.

Weiwei Shan,Xin Chen,Bo Li,Peng Cao,Jie Li,Gugang Gao,Longxing Shi

DOI: https://doi.org/10.1109/tim.2013.2259754

IF: 5.6

2013-01-01

IEEE Transactions on Instrumentation and Measurement

Abstract:Differential power analyses (DPA) have become great threats to cryptographic chips. However, the DPA resistance evaluation is difficult during circuit design time. In this paper, a simulation test platform at circuit design time and an experimental measurement platform are built to evaluate the DPA resistant capability of cryptographic chips. The design time security evaluation is obtained by dynamic power simulation taking the timing behavior into account, which uses time-based mode PrimeTime Power Extension (PTPX) and accurate timing characterization. The test effects of both platforms are verified on an unprotected Data Encryption Standard (DES) circuit. Then a novel DPA-resistant DES algorithm protected by an asymmetric mask is proposed. Its hardware implementation is realized via field programmable gate array (FPGA). Its power analysis attack resistant capability is evaluated using both simulation and experimental platforms. Compared with non-protected DES, by using five times larger samples and five times longer attack time, the sub-key of the improved DES algorithm still cannot be gained through a correlation DPA attack. Experimental results show the simulation and experimental evaluation platforms are consistent in DPA resistance evaluation, which makes it practical to verify the security at circuit design time. And our proposed asymmetric mask method is effective in protecting the DES algorithm.

Rui Li,Xiaoxin Cui,Wei Wei,Di Wu,Kai Liao,Nan Liao,KaiSheng Ma,Dunshan Yu,Xiaole Cui

DOI: https://doi.org/10.1109/EDSSC.2013.6628153

2013-01-01

Abstract:Differential Power Analysis (DPA) reveals the secret key from the cryptographic device by side channel power leakage. Masking and Random Delay Insertion (RDI) are two effective countermeasures against DPA attack. This paper propose a novel countermeasure which associating masking with RDI, further, Multi-Masking instead of Transformed Masking is proposed in order to defend DPA attack based on hamming distance model. The combined countermeasure is implemented on Data Encryption Standard (DES). The results show that combined countermeasure defends DPA attack with 105 power traces, and increases 40% ability against DPA.

孙维东,俞军,沈磊

DOI: https://doi.org/10.15943/j.cnki.fdxb-jns.2013.03.003

2013-01-01

Abstract:The ability of symmetric encryption algorithm AES and DES against the differential fault analysis is examined.Two kinds of differential fault analysis on AES are described,and the initial key is recovered by software emulation.The result shows that the attack on AES can be realized by 20 times of fault-inductions.Then a new differential fault analysis on DES is described.The principle of this attack is analogous to differential fault analysis on AES.Result shows that attack on DES needs more fault-inductions.Therefore symmetric encryption algorithm AES and DES without any protection are vulnerable to differential fault analysis.It is presented that such attacks can be resisted by fault-detection.

LIU Zheng-lin,HAN Yu,ZOU Xue-cheng,CHEN Yi-cheng

DOI: https://doi.org/10.3969/j.issn.1007-130x.2008.03.006

2008-01-01

Abstract:The power consumption of a digital circuit implemented in the CMOS technology depends on the data that the circuit is processing. Power analysis attacks based on the fact pose a serious threat to cryptographic devices for extracting secret data. In this paper, we discuss the vulnerability of AES hardware implementations, and present the hypothetical circuit model. We also assess the susceptibility to differential power analysis (DPA) and correlation power analysis (CPA) attacks using different statistical methods in theoretical estimation. Furthermore, we give some possible hardware countermeasures against PA attacks.

Wei Liu,Liji Wu,Xiangmin Zhang,An Wang

DOI: https://doi.org/10.1109/CIS.2014.103

2014-01-01

Abstract:Side-channel power analysis attacks have been proven to be the most powerful attacks on implementations of cryptographic primitives. DPA and CPA are probably the most wide-spread practical attacks on numerous embedded cryptographic systems. Additive noise is a kind of typical power analysis resistant implementing technique. The success rate of the DPA and CPA attacks is significantly affected by the Signal-to-Noise Ratio (SNR) of the power traces. Hence, it is important to eliminate noise effectively and improve the SNR for power attacks to extract the secret key. In this paper, a new method is proposed with wavelet analysis to reduce noise effects, which aims to improve the performance of side-channel power attacks named as WPA (Wavelet-based Power Attack). The key is successfully recovered on commercially available contact-less smart card based on 3DES, which is widely used for security-sensitive applications. Experimental results show that WPA significantly improves the success rate for encryption key detection. Compared to the fourth-order cumulant noise reduction method for power attack, the required number of the power traces is 50% less.

Jie Li,Yuxiang Lv,Huafang Sun,Weiwei Shan

DOI: https://doi.org/10.1109/icdma.2012.29

2012-01-01

Abstract:To deal with the threat of power analysis to encryption device, a new power analysis resistant DES algorithm architecture is proposed, which is combined with "asymmetric" mask technique. And its digital hardware circuit is designed. Then its power analysis attack resistant ability is tested. Compared with non-protected DES, using nearly 5 times larger samples and attack time, the key of the proposed DES still cannot be gained through correlation power analysis. Experiment results show that the designed DES algorithm has a certain anti power analysis effect.

yijie ge,zheng guo,zhigang mao,junrong liu,jiachao chen

DOI: https://doi.org/10.2991/csic-15.2015.14

2015-01-01

Abstract:Security of cryptographic embedded devices has become a prevalent concern, especially since the introduction of Differential Power Analysis (DPA) by Paul Kocher et al. In the past years, many efforts have been made to improve the resistance against Side Channel Attack (SCA) of cryptographic devices. Among the countermeasures, masking is a typical and efficient strategy. However, a number of effective attacks on masked cryptographic devices have been developed in recent years, and this paper continues this line of research. On theory, a DES with a masking scheme is secure under first order SCA, but we dig out a new leakage problem which makes it possible to attack a masked DES without using higher-order power analysis. Concretely, we perform a first-order correlation power analysis based on the leakage relationship between two different arithmetic components of DES. And the reason for this leakage is analyzed and verified by us through simulation and real card attacks.

丁国良,李志祥,尹文龙,赵强

DOI: https://doi.org/10.3724/sp.j.1087.2009.02200

2009-01-01

Abstract:To study the vulnerability of Advanced Encryption Standard (AES) against electromagnetic side channel attacks, the article analyzed the electromagnetic information leakage model of microcomputer and the choice of D function. Then, concerning the AES-128 bits cryptographic system realized by the 89C51 microchip, Differential Electromagnetic Analysis (DEMA) algorithm, which was used into an attack experiment and succeeded in obtaining 128 bits secret key of AES-128, was described. After analyzing the experimental results, the leakage of secret information produced by ByteSub transformation was detected. This method can be regarded as a new protective measure in cryptographic systems.

Yicheng Chen,Xuecheng Zou,Zhenglin Liu,Yu Han

DOI: https://doi.org/10.3321/j.issn:1671-4512.2007.11.027

2007-01-01

Abstract:On the basis of discussing Hamming distance power model, proposed was a novel max differential power attack (MDPA) algorithm to attack advanced encryption standard (AES) hardware implementation, which can find the correct key by comparing energy difference which was produced by real key and equivalent plaintexts. The equivalent plaintexts were generated by changing partly plaintexts using the corresponding keys to appoint the value which was imported by the attacked S-box. The different technique was applied to remove most parts of noise. Attack simulations were illustrated by MDPA and correlation power analysis (CPA). The experimental result shows that MDPA scheme was an effective power attack method, and able to enhance the CPA effectually at a reasonable cost.

Jie Li,Weiwei Shan,Chaoxuan Tian

DOI: https://doi.org/10.4028/www.scientific.net/amm.121-126.867

2011-01-01

Applied Mechanics and Materials

Abstract:In order to evaluate the security of Application Specific Integrated Circuit (ASIC) implemented cryptographic algorithms at an early design stage, a Hamming distance model based power analysis is proposed. The Data Encryption Standard (DES) algorithm is taken as an example to illustrate the threats of differential power analysis (DPA) attack against the security of ASIC chip. A DPA attack against the ASIC implementation of a DES algorithm is realized based on hamming distance power model (HD model), and it realized the attack by successfully guessing the right 48-bit subkey. This result indicates that the power analysis attack based on the HD model is simple, rapid and effective for the design and evaluation of security chips.

李元,刘政林,邹雪城,韩煜,陈毅成

IF: 1.992

2008-01-01

Microelectronics Journal

Abstract:An Atmel AT89C55 microcontroller was used to construct a real attack platform of cipher circuits.Power analyses against opcode and operand were conducted on this low-cost platform.Measured results showed that there existed a linear relationship between hamming weight of changing operand and difference of measuring power.Unit hamming weight would cause approximately 5 mV of power deviation under experimental conditions.Using differential power analysis (DPA)and correlation power analysis (CPA), the encrypted operation of advanced encryption standard (AES)was attacked.Experimental results showed that the CPA method had a higher success rate, and the1 number of plaintext samples and average filtering could significantly affect SNR of correlation coefficients.

窦强,童元满,窦文华

DOI: https://doi.org/10.3969/j.issn.1007-130x.2009.12.005

2009-01-01

Abstract:Several primitive operations are extracted from the transformations of the AES algorithm. The randomized mask based implementations of these primitive operations are proposed. And these masked operations are implemented in hardware. All the transformations in AES are then transformed to the sequence of these primitive operations. The execution flow is implemented in software. Combined with the random execution,the proposed software and hardware hybrid implementation scheme is proved to be secure against the first order DPA(differential power analysis) and the high order DPA (HODPA) attacks. The experimental results show that our scheme is efficient and suitable for smartcard implementation.