Distributed power analysis attack on SM4 encryption chip

Haoran Gong,Tailiang Ju
DOI: https://doi.org/10.1038/s41598-023-50220-2
IF: 4.6
2024-01-11
Scientific Reports
Abstract:Encryption chips are specialized integrated circuits that incorporate encryption algorithms for data encryption and decryption, ensuring data confidentiality and security. In China, the domestic SM4 algorithm is commonly utilized, as opposed to the international AES encryption algorithm. These widely implemented encryption standards have been proven to be difficult to crack through crypt analysis methods Currently, power consumption side-channel attacks are the most prevalent method. They involve capturing power consumption data during the encryption process and subsequently recovering the encryption key from this data. The two leading methods are Differential Power Analysis (DPA) and machine learning techniques. DPA does not necessitate prior knowledge but relies heavily on the number of power consumption curves. With only 50 power consumption data points, the accuracy is a mere 80%. Machine learning methods require prior knowledge, achieving an accuracy rate above 95% with only 30 power traces, albeit with training times typically exceeding 15 min. In this paper, a distributed energy analysis attack approach was presented based on Correlation Power Analysis (CPA). The power consumption data was divided into 16 subsets, with each subset corresponding to 8 bytes of the key. By training each subset separately, the 8-byte key's corresponding power consumption data is reduced to only 100 dimensions, resulting in a 76% decrease in cracking time and a 3% improvement in cracking accuracy rate.This article also trains a more complex 256 classification model to directly crack the final key, achieving a success rate of 28% in cracking 128-bit passwords with only 1 power trace
multidisciplinary sciences
What problem does this paper attempt to address?
The paper mainly focuses on power analysis attack methods targeting SM4 encryption chips. SM4 is an encryption algorithm widely used in China, different from the internationally common AES algorithm. The goal of the paper is to improve existing attack methods to reduce the time and number of power traces required to crack the key while maintaining a high success rate. The paper first introduces the importance of encryption chips and the concept of side-channel attacks, particularly power analysis-based attack methods. Subsequently, the authors propose a distributed energy analysis attack method based on Correlation Power Analysis (CPA). By dividing the power data into multiple subsets for separate training, this method reduces cracking time and improves accuracy. Specifically, the main contributions of this method include: 1. **Distributed Energy Analysis Attack**: By dividing the power data into 16 subsets, each corresponding to 8-bit keys, and training these subsets separately, the cracking time is significantly reduced, and the success rate is improved. This method reduces the power data dimension corresponding to the 8-bit key from the original 24,400 to 100, thereby reducing cracking time by 76% and improving the success rate by 3%. 2. **Complex Classification Model**: The paper also trains a more complex 256-classification model to directly crack the final key. Even with only 1 power trace, it can achieve a 28% success rate in cracking the 128-bit password. 3. **Countering Masked SM4 Encryption Chips**: The paper discusses how to crack SM4 encryption chips that use simple masking techniques. By performing a fixed mask XOR operation at the S-box output, all keys and masks were successfully cracked. 4. **Cracking Keys from a Single Power Trace**: Further research shows that by optimizing the classification model (e.g., using a 1D CNN+LSTM model), keys can be recovered from a single power trace, achieving a success rate of 28%. In summary, this study aims to improve the efficiency and accuracy of power analysis attacks on SM4 encryption chips, proposing an effective distributed power analysis method and demonstrating its feasibility in practical applications.