共查询到18条相似文献,搜索用时 203 毫秒
1.
密码设备面临故障攻击的威胁,针对密码芯片的故障攻击手段研究是密码学和硬件安全领域的重要研究方向。脉冲激光具有较好的时空分辨性,是一种准确度较高的故障攻击手段。该文详细描述了激光注入攻击的原理和方法,以集成AES-128算法的微控制器(MCU)为例实施了激光注入攻击实验。实验以微控制器的SRAM为攻击目标,分别成功实现了差分故障攻击和子密钥编排攻击,恢复了其16 Byte的完整密钥,其中后一种攻击是目前首次以激光的手段实现。研究表明,激光注入攻击能准确定位关键数据存放的物理位置,并能在任意的操作中引入错误,实现单比特的数据翻转,满足故障攻击模型的需求。激光注入攻击能在较短时间内完成自动攻击和密文收集,攻击过程贴近真实场景,对密码芯片具有极大的威胁。 相似文献
2.
3.
随着密码学和密码芯片的广泛应用,针对密码芯片的攻击也日益增多.差分能量分析(Differential Power Analysis,DPA)攻击是最常见的一种侧信道攻击方法.DPA攻击者无须了解加密算法的具体细节,而只通过密码设备的能量迹分析即可破解出设备的密钥.因此,研究DPA攻击十分必要.实现了智能卡DPA实验系统,并对于此系统的能量迹测量数据进行优化处理,从而更有利于针对此类攻击的分析和相应防御措施的设计. 相似文献
4.
电磁旁路攻击是旁路攻击中的一种有效方法,为了克服传统的电磁旁路攻击必须近距离获取电磁信息的局限性,针对没有电磁防护的密码设备提出一种基于相关性分析的远场攻击方法.使用微控制器运行高级加密标准算法,使用天线在远场探测电磁信号,先对采集的电磁信号均值和滤波以减少噪声的影响,再使用相关性分析方法进行旁路攻击,在天线距离微控制器10 m处成功破解出完整的密钥.同时也对远场电磁旁路攻击中的频率和样本量做了深入研究,带有密钥信息的电磁旁路主要集中在一段频率范围内,而且随着样本量的增加密钥信息越明显,以此为基础结合密码芯片产生密钥信息泄露的机理,提出了改进的电磁旁路攻击方法. 相似文献
5.
提出了一种新的PRESENT密码故障分析方法——代数故障攻击。将代数攻击和故障攻击相结合,首先利用代数攻击方法建立密码算法等效布尔代数方程组;然后通过故障攻击手段获取错误密文信息,并将故障差分和密文差分转化为额外的布尔代数方程组;最后使用CryptoMiniSAT解析器求解方程组恢复密钥。结果表明:在PRESENT-80的第29轮注入宽度为4的故障,故障位置和值未知时,2次故障注入可在50s内恢复64bit后期白化密钥,将PRESENT-80密钥搜索空间降低为216,经1min暴力破解恢复完整主密钥;和现有PRESENT故障攻击相比,该攻击所需样本量是最小的;此外该代数故障分析方法也可为其他分组密码故障分析提供一定思路。 相似文献
6.
基于密钥编排故障的SMS4算法的差分故障分析 总被引:5,自引:1,他引:4
提出并讨论了一种针对SMS4密钥编排方案的差分故障攻击方法.该方法采用面向字节的随机故障模型,通过在SMS4算法的密钥编排方案中导入故障,仅需要8个错误密文即可恢复SMS4算法的128bit原始密钥.数学分析和实验结果表明,该方法不仅扩展了故障诱导的攻击范围,而且提高了故障诱导的攻击成功率,减少了错误密文数,为故障攻击其他分组密码提供了一种通用的分析手段. 相似文献
7.
8.
9.
10.
以探索电磁故障注入(EMFI)攻击对动态随机存取存储器(DRAM)的安全性影响为目标,该文使用电磁故障注入攻击平台对DRAM进行了扫描攻击,对出现的故障进行统计分类,随后基于DRAM的基本结构分析阐述了造成故障的机理,最后展示了通过电磁脉冲攻击DRAM对计算机系统的安全威胁.实验表明电磁脉冲在DRAM中既可以引起瞬时故障也可以引起持续性故障,且以多故障为主.分析发现,电磁脉冲故障攻击技术可以以低的时间和空间分辨率向DRAM的指定地址注入持续性故障.另外,该文成功地将持续性故障注入到了存储在DRAM中的AES-128程序中并破解了其密钥,证明了使用电磁脉冲对DRAM进行攻击能对计算机系统造成安全威胁,展示了DRAM安全性的研究对硬件系统安全具有重要意义. 相似文献
11.
Three-dimensional (3D) integration is envisioned as a natural defense to thwart side-channel analysis (SCA) attacks on the hardware implementation of cryptographic algorithms. However, neither physical experiments nor quantitative analysis is available in existing works to study the impact of power distribution network (PDN) on the SCA attacks. Through quantitative analyses and experiments with realistic 3D models, this work demonstrates the impact of noise in PDN on the 3D chip's resilience against correlation power analysis (CPA) attack, which is one of SCA attacks. The characteristic of PDN noise is extracted from our experiments. To expand the natural defense originated from the 3D integration, this work proposes to exploit the PDN noise inherently existing in 3D chips to thwart CPA attacks. Instead of introducing external noise or flattening the power profile, the proposed method utilizes the spatially and temporally varied supply voltages from other 3D planes to blur the power correlation of the crypto unit. Both theoretical analysis and experimental validation prove that the proposed method can effectively enhance the resilience of a crypto unit embedded in the 3D chip against CPA attacks. Simulation results show the proposed method improves the average guessing entropy by 9× over the baseline. Emulation on an FPGA platform demonstrates that the proposed method successfully slows down the key retrieval speed of CPA attack, with significantly less power overhead than representable power equalization techniques. Test vector leakage assessment (TVLA) shows that the proposed method improves the confidence to accept null hypothesis 201× over the baseline. 相似文献
12.
Differential Power Analysis (DPA) is an effective attack method to break the crypto chips and it has been considered to be a threat to security of information system. With analyzing the principle of resist-ing DPA, an available countermeasure based on randomization is proposed in this paper. Time delay is in-serted in the operation process and random number is precharged to the circuit during the delay time, the normal schedule is disturbed and the power is randomized. Following this methodology, a general DPA re-sistance random precharge architecture is proposed and DES algorithm following this architecture is imple-mented. This countermeasure is testified to be efficient to resist DPA. 相似文献
13.
As one of the most popular lightweight ci-phers in recent years, LBlock has attracted great attention. Researchers have explored the security of LBlock against various attacks. We focus on fault attack—one of the most important implementation attacks. In the past two years, fault attacks under the random fault model have been suc-cessfully applied to LBlock, supposing faults were injected at the end of the 24th to the 31st round. If faults are injected at the end of the 23rd round, previous attacks only work under the semi-random fault model. For the first time, we address this issue and propose a 23rd round fault attack under the random fault model. Compared with the previous works, our attack extends the fault injection to earlier round, with reasonable time cost and no extra faults. Experiments show that it only takes 10 faults to recover the secret key. 相似文献
14.
15.
In this paper, we present two explicit inva-lid-curve attacks on the genus 2 hyperelliptic curve o-ver a finite field. First, we propose two explicit attack models by injecting a one-bit fault in a given divisor. Then, we discuss the construction of an invalid curve based on the faulted divisor. Our attacks are based on the fact that the Hyperelliptic Curve Scalar Multiplica-tion (HECSM) algorithm does not utilize the curve parameters and We consider three hyperelliptic curves as the attack targets. For curve with security level 186 (in bits), our attack method can get the weakest inva-lid curve with security level 42 (in bits); there are 93 invalid curves with security level less than 50. We al-so estimate the theoretical probability of getting a weak hyperelliptic curve whose cardinality is a smooth integer. Finally, we show that the complexity of the fault attack is subexponential if the attacker can freely inject a fault in the input divisor. Cryptosystems based on the genus 2 hyperelliptic curves cannot work against our attack algorithm in practice. 相似文献
16.
G. Canivet P. Maistri R. Leveugle J. Cl��di��re F. Valette M. Renaudin 《Journal of Cryptology》2011,24(2):247-268
Programmable devices are an interesting alternative when implementing embedded systems on a low-volume scale. In particular,
the affordability and the versatility of SRAM-based FPGAs make them attractive with respect to ASIC implementations. FPGAs
have thus been used extensively and successfully in many fields, such as implementing cryptographic accelerators. Hardware
implementations, however, must be protected against malicious attacks, e.g. those based on fault injections. Protections have
been usually evaluated on ASICs, but FPGAs can be vulnerable as well. This work presents thus fault injection attacks against
a secured AES architecture implemented on a SRAM-based FPGA. The errors are injected during the computation by means of voltage
glitches and laser attacks. To our knowledge, this is one of the first works dealing with dynamic laser fault injections.
We show that fault attacks on SRAM-based FPGAs may behave differently with respect to attacks against ASIC, and they need
therefore to be addressed by specific countermeasures, that are also discussed in this paper. In addition, we discuss the
different effects obtained by the two types of attacks. 相似文献
17.
假数据注入攻击是电力系统安全研究的重要问题之一,对智能电网发展趋势下的电力系统安全、稳定运行具有重要的意义.综述了电力系统中假数据注入攻击的研究进展,分析了EMS和假数据注入攻击的原理,并对假数据注入攻击研究工作进行了介绍,最后总结了研究现状中存在的问题以及需要进一步研究的工作. 相似文献