针对SM4算法的功耗模板-碰撞分析

分析发现在非平衡Feistel结构的SM4算法中,前后轮次的中间数据具有相关性.因此,通过内部碰撞原理并结合模板匹配的方法后,可用于恢复SM4算法轮子密钥,并给出了一种针对SM4算法的功耗模板-碰撞分析的侧信道方法.分析时选择特殊的明文采集功耗曲线,将算法加密过程中非平衡Feistel结构的右半部分的中间变量值(如S盒...

Power Template-Collision Analysis Based on SM4 Algorithm

It is found that in the SM4 algorithm of unbalanced Feistel network, the intermediate data from previous and subsequent rounds are relevant. Therefore, the round keys of the SM4 algorithm can be restored through the internal collision principle and the template matching method. And a side channel method of power template-collision analysis based on SM4 algorithm is given. A special set of plaintext is selected to collect the power consumption traces to analyze. And during the algorithm encryption process, the intermediate data (such as the output value of the S-box) in the right half of the unbalanced Feistel network is used as the analysis target. The round keys can be restored by using each round of the S-box output values collision. Experiments prove that approximately 2,500 power consumption traces without masking (except the template traces) are used, which can effectively implement analysis. Compared with the traditional collision analysis, the analysis reduces computational complexity, and extends collision analysis to the unbalanced Feistel network, which improves and enhances the applicability and practicability of collision analysis.