城市地下空间工程中英文对照外文翻译文献Word下载.docx

城市地下空间工程中英文对照外文翻译文献Word下载.docx

《城市地下空间工程中英文对照外文翻译文献Word下载.docx》由会员分享，可在线阅读，更多相关《城市地下空间工程中英文对照外文翻译文献Word下载.docx（26页珍藏版）》请在冰豆网上搜索。

CorrelationPowerAnalysiswithaLeakageModel

Abstract.Aclassicalmodelisusedforthepowerconsumptionofcryptographicdevices.ItisbasedontheHammingdistanceofthedatahandledwithregardtoanunknownbutconstantreferencestate.OncevalidatedexperimentallyitallowsanoptimalattacktobederivedcalledCorrelationPowerAnalysis.ItalsoexplainsthedefectsofformerapproachessuchasdifferentialPowerAnalysis.

Keywords:

Correlationfactor,CPA,DPA,Hammingdistance,poweranalysis,DES,AES,securecryptographicdevice,sidechannel.

1Introduction

Inthescopeofstatisticalpoweranalysisagainstcryptographicdevices,twohistoricaltrendscanbeobserved.Thefirstoneisthewellknowndifferentialpoweranalysis（DPA）introducedbyPaulKocher[12,13]andformalizedbyThomasMessergesetal.[16].Thesecondonehasbeensuggestedinvariouspapers[8,14,18]andproposedtousethecorrelationfactorbetweenthepowersamplesandtheHammingweightofthehandleddata.Bothapproachesexhibitsomelimitationsduetounrealisticassumptionsandmodelimperfectionsthatwillbeexaminedmorethoroughlyinthispaper.ThisworkfollowspreviousstudiesaimingateitherimprovingtheHammingweightmodel[2],orenhancingtheDPAitselfbyvariousmeans[6,4].

TheproposedapproachisbasedontheHammingdistancemodelwhichcanbeseenasageneralizationoftheHammingweightmodel.Allitsbasicassumptionswerealreadymentionedinvariouspapersfromyear2000[16,8,6,2].ButtheyremainedallusiveaspossibleexplanationofDPAdefectsandneverleadedtoanycompleteandconvenientexploitation.Ourexperimentalworkisasynthesisofthoseformerapproachesinordertogiveafullinsightonthedataleakage.Following[8,14,18]weproposetousethecorrelationpoweranalysis（CPA）toidentifytheparametersoftheleakagemodel.ThenweshowthatsoundandefficientattackscanbeconductedagainstunprotectedimplementationsofmanyalgorithmssuchasDESorAES.Thisstudydeliberatelyrestrictsitselftothescopeofsecretkeycryptographyalthoughitmaybeextendedbeyond.

Thispaperisorganizedasfollows:

Section2introducestheHammingdistancemodelandSection3provestherelevanceofthecorrelationfactor.ThemodelbasedcorrelationattackisdescribedinSection4withtheimpactonthemodelerrors.Section5addressestheestimationproblemandtheexperimentalresultswhichvalidatethemodelareexposedinSection6.Section7containsthecomparativestudywithDPAandaddressesmorespecificallytheso-called“ghostpeaks”problemencounteredbythosewhohavetodealwitherroneousconclusionswhenimplementingclassicalDPAonthesubstitutionboxesoftheDESfirstround:

itisshowntherehowtheproposedmodelexplainsmanydefectsoftheDPAandhowthecorrelationpoweranalysiscanhelpinconductingsoundattacksinoptimalconditions.OurconclusionsummarizestheadvantagesanddrawbacksofCPAversusDPAandremindsthatcountermeasuresworkagainstbothmethodsaswell.

2TheHammingDistanceConsumptionModel

Classically,mostpoweranalysesfoundinliteraturearebasedupontheHammingweightmodel[13,16],thatisthenumberofbitssetinadataword.Inam-bitmicroprocessor,binarydataiscoded

withthebitvaluesdj=0or1.ItsHammingweightissimplythenumberofbitssetto1,

Itsintegervaluesstandbetween0andm.IfDcontainsmindependentanduniformlydistributedbits,thewholewordhasanaverageHammingweight

andavariance

.

Itisgenerallyassumedthatthedataleakagethroughthepowerside-channeldependsonthenumberofbitsswitchingfromonestatetotheother[6,8]atagiventime.Amicroprocessorismodeledasastatewheretransitionsfromstatetostatearetriggeredbyeventssuchastheedgesofaclocksignal.ThisseemsrelevantwhenlookingatalogicalelementarygateasimplementedinCMOStechnology.Thecurrentconsumedisrelatedtotheenergyrequiredtoflipthebitsfromonestatetothenext.Itiscomposedoftwomaincontributions:

thecapacitor’schargeandtheshortcircuitinducedbythegatetransition.Curiously,thiselementarybehavioriscommonlyadmittedbuthasnevergivenrisetoanysatisfactorymodelthatiswidelyapplicable.Onlyhardwaredesignersarefamiliarwithsimulationtoolstoforeseethecurrentconsumptionofmicroelectronicdevices.

Ifthetransitionmodelisadopted,abasicquestionisposed:

whatisthereferencestatefromwhichthebitsareswitched?

Weassumeherethatthisreferencestateisaconstantmachineword,R,whichisunknown,butnotnecessarilyzero.Itwillalwaysbethesameifthesamedatamanipulationalwaysoccursatthesametime,althoughthisassumestheabsenceofanydesynchronizingeffect.Moreover,itisassumedthatswitchingabitfrom0to1orfrom1to0requiresthesameamountofenergyandthatallthemachinebitshandledatagiventimeareperfectlybalancedandconsumethesame.

Theserestrictiveassumptionsarequiterealisticandaffordablewithoutanythoroughknowledgeofmicroelectronicdevices.Theyleadtoaconvenientexpressionfortheleakagemodel.IndeedthenumberofflippingbitstogofromRtoDisdescribedbyH（D⊕R）alsocalledtheHammingdistancebetweenDandR.ThisstatementenclosestheHammingweightmodelwhichassumesthatR=0.IfDisauniformrandomvariable,soisD⊕R,andH（D⊕R）hasthesamemeanm/2andvariancem/4asH（D）.

WealsoassumealinearrelationshipbetweenthecurrentconsumptionandH（D⊕R）.Thiscanbeseenasalimitationbutconsideringachipasalargesetofelementaryelectricalcomponents,thislinearmodelfitsrealityquitewell.Itdoesnotrepresenttheentireconsumptionofachipbutonlythedatadependentpart.Thisdoesnotseemunrealisticbecausethebuslinesareusuallyconsideredasthemostconsumingelementswithinamicro-controller.Alltheremainingthingsinthepowerconsumptionofachipareassignedtoatermdenotedbwhichisassumedindependentfromtheothervariables:

enclosesofsets,timedependentcomponentsandnoise.Thereforethebasicmodelforthedatadependencycanbewritten:

whereaisascalargainbetweentheHammingdistanceandWthepowerconsumed.

3TheLinearCorrelationFactor

Alinearmodelimpliessomerelationshipsbetweenthevariancesofthedifferenttermsconsideredasrandomvariables:

ClassicalstatisticsintroducethecorrelationfactorρWHbetweentheHammingdistanceandthemeasuredpowertoassessthelinearmodelfittingrate.Itisthecovariancebetween

b

bothrandomvariablesnormalizedbytheproductoftheirstandarddeviations.Undertheuncorrelatednoiseassumption,thisdefinitionleadsto:

Thisequationcomplieswiththewellknownproperty:

−1≤ρWH≤+1:

foraperfectmodelthecorrelationfactortendsto±

1ifthevarianceofnoisetendsto0,thesigndependingonthesignofthelineargaina.Ifthemodelappliesonlytolindependentbitsamongstm,apartialcorrelationstillexists:

4SecretInferenceBasedonCorrelationPowerAnalysis

Therelationshipswrittenaboveshowthatifthemodelisvalidthecorrelationfactorismaximizedwhenthenoisevarianceisminimum.ThismeansthatρWHcanhelptodeterminethereferencestateR.Assume,justlikeinDPA,thatasetofknownbutrandomlyvaryingdataDandasetofrelatedpowerconsumptionWareavailable.Ifthe2mpossiblevaluesofRarescannedexhaustivelytheycanberankedbythecorrelationfactortheyproducewhencombinedwiththeobservationW.Thisisnotthatexpensivewhenconsideringan8-bitmicro-controller,thecasewithmanyoftoday’ssmartcards,asonly256valuesaretobetested.On32-bitarchitecturesthisexhaustivesearchcannotbeappliedassuch.Butitisstillpossibletoworkwithpartialcorrelationortointroducepriorknowledge.

LetRbethetruereferenceandH=H（D⊕R）therightpredictionontheHammingdistance.LetRrepresentacandidatevalueandHtherelatedmodelH=H（D⊕R）.AssumeavalueofRthathaskbitsthatdifferfromthoseofR,then:

H（R⊕R）=k.Sincebisindependentfromothervariables,thecorrelationtestleadsto（see[5]）:

ThisformulashowshowthecorrelationfactoriscapableofrejectingwrongcandidatesforR.Forinstance,ifasinglebitiswrongamongstan8-bitword,thecorrelationisreducedby1/4.Ifallthebitsarewrong,i-eR=¬

R,thenananti-correlationshouldbeobservedwithρWH=−ρWH.Inabsolutevalueorifthelineargainisassumedpositive（a>

0）,therecannotbeanyRleadingtoahighercorrelationratethanR.Thisprovestheuniquenessofthesolutionandthereforehowthereferencestatecanbedetermined.

Thisanalysiscanbeperformedonthepowertraceassignedtoapieceofcodewhilemanipulatingknownandvaryingdata.IfweassumethatthehandleddataistheresultofaXORoperationbetweenasecretkeywordKandaknownmessagewordM,D=K⊕M,theproceduredescribedabove,i-eexhaustivesearchonRandcorrelationtest,shouldleadtoK⊕Rassociatedwithmax（ρWH）.IndeedifacorrelationoccurswhenMishandledwithrespecttoR1,anotherhastooccurlateron,whenM⊕Kismanipulatedinturn,possiblywithadifferentreferencestateR2（infactwithK⊕R2sinceonlyMisknown）.

Forinstance,whenconsideringthefirstAddRoundKeyfunctionatthebeginningoftheAESalgorithmembeddedonan8-bitprocessor,itisobviousthatsuchamethodleadstothewholekeymaskedbytheconstantreferencebyteR2.IfR2isthesameforallthekeybytes,whichishighlyplausible,only28possibilitiesremaintobetestedbyexhaustivesearchtoinfertheentirekeymaterial.Thiscompleme