摘要
持久故障攻击是一种利用持久性故障及统计方法恢复密钥信息的强大攻击技术,可应用于分组密码查表实现的密钥恢复,其最大的优势在于仅需一次故障注入即可恢复密钥信息,并且持久故障攻击可以应用于检测技术、掩码技术等经典的分组密码防护实现。虽然如此,经典的故障攻击防护技术仍然提高了持久故障攻击难度,检测、感染技术都使得提取正确密钥所需的密文数量有了常数倍的提升,这对于实际场景中的攻击会造成阻碍。对S盒进行实时的健康性检测是一种防范持久故障攻击的有效手段,一旦检测到S盒被注入故障则不再进行后续加密。持久故障攻击充分利用了S盒的双射特性,故针对S盒的双射特性进行健康性检测是一种高效的防护方法,对于一个8比特的S盒,只需进行255次异或操作即可完成对S盒双射特性的检验,远高于SHA3等通用的校验方法。此外,激光传感器等非算法层面的防护也应受到重视。
Persistent Fault Attack(PFA)is a powerful attack which relies on persistent fault and statistical analysis,it can be applied in extracting secret key of block cipher implementation based on lookup tables.The greatest advantage of PFA is that it can recover the secret key with only one fault injection,meanwhile,it can be applied in countermeasures on fault attack like detection,mask and so on.However,these countermeasures still can make the attack more difficult,key recovery on implementation with countermeasures based on detection and infection need several times cipher text,this will hinder actual attack.Built-in health test for S-box will be a good countermeasure for PFA,the cipher device will stop working once there is a fault injection.PFA relies on the bijective characteristic of the S-box in block cipher,therefore,testing the bijection characteristic of S-box is an effective method to get a health test result for S-box.Just 255 XOR operations will give a reliable health test result for S-box,it costs much less than a normal test method like SHA3.Furthermore,non-algorithmic countermeasures like laser sensor should attractive some attention.
作者
王舰
陈华
匡晓云
杨祎巍
黄开天
WANG Jian;CHEN Hua;KUANG Xiao-yun;YANG Yi-wei;HUANG Kai-tian(TCA Laboratory,Institute of Software,Chinese Academy of Sciences,Beijing 100190,China;University of Chinese Academy of Sciences,Beijing 100049,China;Electric Power Research Institute,China Southern Power Grid,Guangzhou 510663,China)
出处
《计算机科学》
CSCD
北大核心
2021年第S02期523-527,539,共6页
Computer Science
基金
国家重点研发计划(2018YFB0904900,2018YFB0904901)。
