谢满德,沈海斌,竺红卫

DOI: https://doi.org/10.3969/j.issn.1004-3365.2004.06.003

2004-01-01

Abstract:The fundamental principle of differential power analysis (DPA) attacks against universal cryptosystems and a particular theory of DPA attacks against data encryption standard (DES) algorithm are described in detail. An improved algorithm is proposed for DPA. Based on the analysis of noise characteristics of the power signals, an approach to modeling the signal-to-noise ratio (SNR) is proposed and corresponding theory is demonstrated. Finally, experimental results of the algorithm are presented.

Yanting Ren,Liji Wu

DOI: https://doi.org/10.1109/WOCC.2013.6676458

2013-01-01

Abstract:In wireless sensor networks (WSN), CPU smart cards can be used as crypto accelerators and temper-resistant storages to improve security. But Side Channel Attacks (SCA) can bypass temper-resistant mechanisms and recover the confidential information without being detected. In this work, a typical black-box Side Channel Attack (SCA) on a real-life 32-Bit CPU smart card against Triple Data Encryption Standard (3DES) is successfully conducted, and the whole 112 key bits of 3DES are recovered with moderate effort which is around 80,000 power traces. Our result highlights that SCA is a practical threat in the security of WSN, and proper countermeasures against SCA should be used.

Qian Lei,Liji Wu,Shaohui Zhang,Xiangmin Zhang,Xiangyu Li,Liyang Pan,Zhimeng Dong

DOI: https://doi.org/10.1109/cis.2015.102

2015-01-01

Abstract:Side-channel analysis is becoming a major threat to the security chips of smart cards, including power analysis, electromagnetic analysis and fault injection. Based on software hardware co-design, we implemented a side-channel analysis platform covering CPA/DPA/TA/CA methods, which could effectively reveal the secret keys on security chips. Our work integrates power analysis, electromagnetic analysis and fault injection into single platform, which contains regular international cryptographic algorithm of AES/3DES/ RSA/ECC and China standard cryptographic algorithm of SM2/SM3/SM4. And a novel UML model for software implementation is proposed. Six smart card products with countermeasures have been analyzed on our platform, and all keys have been revealed successfully. Particularly, the key of a contactless smart card product was revealed by 350,000 power traces, and compared to the foreign report out of 1,000,000 power traces, we have about 65% increase on efficiency of revealing keys.

rui feng,liji wu,xiangmin zhang

2011-01-01

Abstract:Finance Bank IC Card is now utilized all over the world. countermeasures against power analysis for 3-DES Crypto engine (which is widely used in Bank IC Card now) is one of the key technology to design Bank IC Card. Considering the contactless interface of Bank IC Card, both high level security and low power consumption are essential to the designing of countermeasures against power analysis. There are already lots of methods against power analysis which will be summarized below, but they add higher overheads in area, power, or performance to unsecured encryption engines. In this work we present a Current Equalizer and a Control Logic Circuit to isolate the encryption activity of 3-DES Crypto Engine from external power supplies, to realize high level security with low power consumption.

Kun Gu,Liji Wu,Xiangyu Li,Xiangxin Zhang

DOI: https://doi.org/10.1109/cis.2011.149

2011-01-01

Abstract:Information security is very important for the smart cards. Electromagnetic analysis (EMA) attack is a common method of side channel attacks which is a serious threat for the security of smart cards. So it is necessary to build a system to estimate the ability of the smart card to resist EMA attack. In this paper, an automatic EMA system for smart cards is designed and implemented. This system can measuring the electromagnetic field of smart card and can also carry out EMA attack. To verify the effectiveness of this system, an EMA attack was successfully carried out by it on a FPGA which 3DES cryptographic algorithm was loaded and implemented. 3DES is widely used in bank IC card and USB key. It is important to make sure of the safety of these financial IC cards. The experimental results showed that the applicable electromagnetic field signal can be traced to estimate the ability of the security device to resist EMA attack.

Xiuyuan Bi,Liji Wu,Guoqiang Bai

DOI: https://doi.org/10.1109/asicon.2009.5351582

2009-01-01

Abstract:The Power Analysis Attacks have become a major threat to the cryptographic chips, especially in financial fields. Many countermeasures against these attacks have been proposed, and most of these countermeasures are focused on the microcontroller-based implementations. In this paper, a novel VLSI design of 3DES circuit is achieved for IC bankcard, and “Random Insertion of Dummy Cycles” is used against Power Analysis Attacks. Compared with the pure 3DES circuit, the extra cost for performance and extra area are significantly lowered by design optimization. The design has been verified to be feasible by FPGA, and it can keep the secret key secure under the Differential Power Analysis Attacks when the amount of power traces is less than 22,0001.

Qian Wang,Liji Wu,Xiangmin Zhang,Xiangyu Li,Jun Guo

DOI: https://doi.org/10.1109/CIS.2013.159

2013-01-01

Abstract:As bank IC cards with chips are widely used nowadays, the security of them becomes increasingly important. Fault attack, which aims to inject fault into the chip during the calculation, is a serious threat to the information security of the chip. Thus considerable countermeasures are involved to meet the overall requirements and facilitate the intended application for bank IC cards. In this paper, countermeasures against fault attacks for 3DES (Triple Data Encryption Algorithm) which is one of the widely used block ciphers in the bank IC cards are designed and implemented. Those countermeasures in our paper are based on the symmetry structure of DES block and we try to dig the efficiency in it. The basic countermeasure reduces the time latency from 100% to 1/n × 100% for n round block cipher. On the basis of this, an optimized countermeasure lowers the redundancy rate from 1/4 to 1/16. Another optimization reduces the area cost of duplication than the second method, which has the same latency. The countermeasures are designed for the 3DES algorithm in RTL level, implemented and verified in FPGA board. The fault attack platform successfully injected clock glitch into the DES engine and demonstrated the validity of the countermeasure. Over 1000 3DES calculations are tested and the successful detection rate is 100%.

李莹,殷中科,曹晓,邓水光

DOI: https://doi.org/10.3785/j.issn.1008-973X.2012.03.002

2012-01-01

Abstract:The security performance of the Schnorr signature protocol for JavaCard was analyzed in order to enhance security and improve the efficiency. A linear cryptanalysis scheme based on key-recovery attack against the signature protocol was presented, and the feasibility of the attacking method was proved by a case of successful attack. On this basis, a notion of security preprocessing was proposed, which is a linear detection based scheme. The linear detection random numbers and corresponding variables were stored in the special areas of JavaCard. This approach can avoid generation of random number and the complexity modular exponentiation when the digital signature is created in card. Security performance analysis result shows that the proposed scheme not only can promote the operation speed effectively with the same hardware platform and cryptography intensity, but also avoids a type of linear cryptanalysis.

Lu Zhang,Luis Vega,Michael Taylor

DOI: https://doi.org/10.48550/arXiv.1605.00681

2016-05-03

Abstract:Power side-channel attacks are a very effective cryptanalysis technique that can infer secret keys of security ICs by monitoring the power consumption. Since the emergence of practical attacks in the late 90s, they have been a major threat to many cryptographic-equipped devices including smart cards, encrypted FPGA designs, and mobile phones. Designers and manufacturers of cryptographic devices have in response developed various countermeasures for protection. Attacking methods have also evolved to counteract resistant implementations. This paper reviews foundational power analysis attack techniques and examines a variety of hardware design mitigations. The aim is to highlight exposed vulnerabilities in hardware-based countermeasures for future more secure implementations.

Cryptography and Security

Chengbin Jin,Yongbin Zhou,Xinkuan Qiu,Qi Feng,Qian Zhang

DOI: https://doi.org/10.1016/j.cose.2021.102531

2022-02-01

Abstract:In this paper, we examine the question of how to perform an efficient side-channel analysis (SCA) of real-world crypto products with proprietary side-channel countermeasures. Concretely, answering this question requires a suitable selection of side-channel analysis methods and various steps to instantiate it to break various side-channel countermeasures. We take the analysis of a protected prototype system as an example, to discuss how to efficiently use traditional SCA methods and Deep-Learning based SCA methods in the context of analyzing current side-channel countermeasures. Then, we extend the analysis research on a real-world commercial off-the-shelf (COTS) 4G Universal Subscriber Identity Module (USIM) card, showing how to reverse-engineer the embedded side-channel countermeasures by using side-channel information only. The experiment results show that the secret key and other operator-related parameters can be fully recovered without prior knowledge of side-channel countermeasures. This research allows us to provide a living case study of the physical security analysis of real-world crypto products, which might be worthy of more in-depth investigations.

computer science, information systems

Wei Liu,Liji Wu,Xiangmin Zhang,An Wang

DOI: https://doi.org/10.1109/CIS.2014.103

2014-01-01

Abstract:Side-channel power analysis attacks have been proven to be the most powerful attacks on implementations of cryptographic primitives. DPA and CPA are probably the most wide-spread practical attacks on numerous embedded cryptographic systems. Additive noise is a kind of typical power analysis resistant implementing technique. The success rate of the DPA and CPA attacks is significantly affected by the Signal-to-Noise Ratio (SNR) of the power traces. Hence, it is important to eliminate noise effectively and improve the SNR for power attacks to extract the secret key. In this paper, a new method is proposed with wavelet analysis to reduce noise effects, which aims to improve the performance of side-channel power attacks named as WPA (Wavelet-based Power Attack). The key is successfully recovered on commercially available contact-less smart card based on 3DES, which is widely used for security-sensitive applications. Experimental results show that WPA significantly improves the success rate for encryption key detection. Compared to the fourth-order cumulant noise reduction method for power attack, the required number of the power traces is 50% less.

Lihui Wang,Qing Li,Zhimin Zhang,Weijun Shan,David Wei Zhang

DOI: https://doi.org/10.2991/iset-15.2015.29

2015-01-01

Abstract:Elliptic Curve Cryptography (ECC) is becoming widely deployed in embedded cryptographic devices. However, simple power analysis (SPA) attacks may retrieve secret keys by exploiting the power consumption of ECC devices. To resist the SPA attack there appear a number of countermeasures and the most widely used methods are Montgomery ladder and double-and-add-always algorithm. This paper proposes a refined simple power analysis attack to these countermeasures. Experimental results on smart cards demonstrate that this attack method can retrieve secret keys by distinguishing the power consumption of different jump instructions if the implementation of ECC's countermeasure is not carefully designed. The experiments also demonstrate that the proposed countermeasure in this paper can resist this kind of SPA attack

Jiangshan Long,Changhai Ou,Zhu Wang,Shihui Zheng,Fei Yan,Fan Zhang,Siew-Kei Lam

2022-01-01

Abstract:The performance of Side-Channel Attacks (SCAs) decays rapidly when considering more sub-keys, making the full-key recovery a very challenging problem. Limited to independent collision information utilization, collision attacks establish the relationship among sub-keys but do not significantly slow down this trend. To solve it, we first exploit the samples from the previously attacked S-boxes to assist attacks on the targeted S-box under an assumption that similar leakage occurs in program loop or code reuse scenarios. The later considered S-boxes are easier to be recovered since more samples participate in this assist attack, which results in the “snowball” effect. We name this scheme as Snowball, which significantly slows down the attenuation rate of attack performance. We further introduce confusion coefficient into the collision attack to construct collision confusion coefficient, and deduce its relationship with correlation coefficient. Based on this relationship, we give two optimizations on our Snowball exploiting the “values” information and “rankings” information of collision correlation coefficients named Least Deviation from Pearson correlation coefficient (PLD) and Least Deviation from confusion coefficient (CLD). Experiments show that the above optimizations significantly improve the performance of our Snowball.

Han Gan,Hongxin Zhang,Muhammad Saad Khan,Xueli Wang,Fan Zhang,Pengfei He

DOI: https://doi.org/10.1109/cc.2017.8068768

2017-01-01

China Communications

Abstract:Correlation power analysis (CPA) has become a successful attack method about crypto-graphic hardware to recover the secret keys. However, the noise influence caused by the random process interrupts (RPIs) becomes an important factor of the power analysis attack efficiency, which will cost more traces or attack time. To address the issue, an improved method about empirical mode decomposition (EMD) was proposed. Instead of restructuring the decomposed signals of intrinsic mode functions (IMFs), we extract a certain intrinsic mode function (IMF) as new feature signal for CPA attack. Meantime, a new attack assessment is proposed to compare the attack effectiveness of different methods. The experiment shows that our method has more excellent performance on CPA than others. The first and the second IMF can be chosen as two optimal feature signals in CPA. In the new method, the signals of the first IMF increase peak visibility by 64% than those of the tradition EMD method in the situation of non-noise. On the condition of different noise interference, the orders of attack efficiencies are also same. With external noise interference, the attack effect of the first IMF based on noise with 15dB is the best.

Haoran Gong,Tailiang Ju

DOI: https://doi.org/10.1038/s41598-023-50220-2

IF: 4.6

2024-01-11

Scientific Reports

Abstract:Encryption chips are specialized integrated circuits that incorporate encryption algorithms for data encryption and decryption, ensuring data confidentiality and security. In China, the domestic SM4 algorithm is commonly utilized, as opposed to the international AES encryption algorithm. These widely implemented encryption standards have been proven to be difficult to crack through crypt analysis methods Currently, power consumption side-channel attacks are the most prevalent method. They involve capturing power consumption data during the encryption process and subsequently recovering the encryption key from this data. The two leading methods are Differential Power Analysis (DPA) and machine learning techniques. DPA does not necessitate prior knowledge but relies heavily on the number of power consumption curves. With only 50 power consumption data points, the accuracy is a mere 80%. Machine learning methods require prior knowledge, achieving an accuracy rate above 95% with only 30 power traces, albeit with training times typically exceeding 15 min. In this paper, a distributed energy analysis attack approach was presented based on Correlation Power Analysis (CPA). The power consumption data was divided into 16 subsets, with each subset corresponding to 8 bytes of the key. By training each subset separately, the 8-byte key's corresponding power consumption data is reduced to only 100 dimensions, resulting in a 76% decrease in cracking time and a 3% improvement in cracking accuracy rate.This article also trains a more complex 256 classification model to directly crack the final key, achieving a success rate of 28% in cracking 128-bit passwords with only 1 power trace

multidisciplinary sciences

Xinjie Zhao,Shize Guo,Fan Zhang,Tao Wang,Zhijie Shi,Hao Luo

DOI: https://doi.org/10.1587/transfun.e96.a.332

2012-01-01

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences

Abstract:This paper proposes several improved Side-channel cube attacks (SCCAs) on PRESENT-80/128 under single bit leakage model. Assuming the leakage is in the output of round 3 as in previous work, we discover new results of SCCA on PRESENT. Then an enhanced SCCA is proposed to extract key related non-linear equations. 64-bit key for both PRESENT-80 and 128 can be obtained. To mount more effective attack, we utilize the leakage in round 4 and enhance SCCA in two ways. A partitioning scheme is proposed to handle huge polynomials, and an iterative scheme is proposed to extract more key bits. With these enhanced techniques, the master key search space can be reduced to 28 for PRESENT-80 and to 229 for PRESENT-128.

Qingshuang Han,Liji Wu,Xiangmin Zhang

DOI: https://doi.org/10.1109/cis.2016.0144

2016-01-01

Abstract:With the development of Public Key Infrastructure (PKI) information technology, USB Key are being more and more used. When the Side Channel Attacks (SCA) caused a huge threat to the smart card, we also concerned about the impact which will be given on USB Key's security. Because of the different implementation and interface protocols, the side channel security characteristics between them are different in collecting the information of side channel. This paper proposes a method for acquiring power trace of USB Key. The method is a kind of driving design, which involves three aspects: Bus driver, card Reader driver and USB Key device driver. In order to confirm the design, we collected power trace from four kinds of USB Key, then the SCA performed to prove that the information we collected can be used. Some specific experimental results will be demonstrated in this paper.

Cong Chen,Xiangyu Li,Liji Wu,Xiangmin Zhang

DOI: https://doi.org/10.1109/ICSICT.2010.5667831

2010-01-01

Abstract:In this paper, an automatic general-purpose Differential Power Analysis (DPA) System for cryptographic devices is designed and implemented. This system aims at testing the security of cryptographic devices, e.g., Smart Card, FPGA and ASIC circuit against DPA attacks. To verify the effectiveness of the system, a DPA attack was successfully carried out by it on an AES cryptographic ASIC chip which had countermeasures implemented in it. The experimental results showed that the correct cipher key of this AES chip could be obtained during less than 3 hours of data processing time with at least 5000 power traces.

Limin Guo,Qing Li,Lihui Wang,Zhimin Zhang,Dan Liu,Weijun Shan

DOI: https://doi.org/10.2991/iset-15.2015.28

2015-01-01

Abstract:Dynamic password technology is one of the most widely utilized methods for identity authentication. The security of dynamic password system depends on the cryptographic strength of the underlying hash function. And SM3 is the only standard hash algorithm of China. However, most cryptographic algorithm implementations are vulnerable against side channel attacks. But specific side channel attacks on dynamic password token based on SM3 hash function have not been given so far. This paper presents a differential power analysis attack on dynamic password token based on SM3 algorithm. SM3 hash algorithm is based on the mixing of different algebraic operations, such as XOR and addition modulo 2(32), thus the proposed DPA attack is mainly against these basic group operations. Experimental results are given by attacking an implementation of generating dynamic password using SM3 algorithm in a smart card, which demonstrate the feasibility of such attacks described in this paper.

Rui Li,Xiaoxin Cui,Wei Wei,Di Wu,Kai Liao,Nan Liao,KaiSheng Ma,Dunshan Yu,Xiaole Cui

DOI: https://doi.org/10.1109/EDSSC.2013.6628153

2013-01-01

Abstract:Differential Power Analysis (DPA) reveals the secret key from the cryptographic device by side channel power leakage. Masking and Random Delay Insertion (RDI) are two effective countermeasures against DPA attack. This paper propose a novel countermeasure which associating masking with RDI, further, Multi-Masking instead of Transformed Masking is proposed in order to defend DPA attack based on hamming distance model. The combined countermeasure is implemented on Data Encryption Standard (DES). The results show that combined countermeasure defends DPA attack with 105 power traces, and increases 40% ability against DPA.