作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程

• 安全技术 • 上一篇    下一篇

针对LBlock 算法的踪迹驱动Cache 攻击

朱嘉良1,2,韦永壮1,3   

  1. (1. 桂林电子科技大学广西信息科学实验中心,广西桂林541004;2. 西安电子科技大学综合业务网理论及关键技术国家重点实验室,西安710071;3. 中国科学院信息工程研究所信息安全国家重点实验室,北京100190)
  • 收稿日期:2014-05-05 出版日期:2015-05-15 发布日期:2015-05-15
  • 作者简介:朱嘉良(1987 - ),男,硕士研究生,主研方向:信息安全;韦永壮,教授、博士。
  • 基金资助:
    国家自然科学基金资助项目(61100185)。

Trace Driven Cache Attack on LBlock Algorithm

ZHU Jialiang 1,2,WEI Yongzhuang 1,3   

  1. (1. Guangxi Experiment Center of Information Science,Guilin University of Electronic Technology,Guilin 541004,China;2. State Key Laboratory of Integrated Services Networks,Xidian University,Xi’an 710071,China;3. State Key Laboratory of Information Security,Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100190,China)
  • Received:2014-05-05 Online:2015-05-15 Published:2015-05-15

摘要: LBlock 是一种轻量级分组密码算法,其由于优秀的软硬件实现性能而备受关注。目前针对LBlock 的安 全性研究多侧重于抵御传统的数学攻击。缓存(Cache)攻击作为一种旁路攻击技术,已经被证实对密码算法的工 程实现具有实际威胁,其中踪迹驱动Cache 攻击分析所需样本少、分析效率高。为此,根据LBlock 的算法结构及密 钥输入特点,利用访问Cache 过程中密码泄露的旁路信息,给出针对LBlock 算法的踪迹驱动Cache 攻击。分析结 果表明,该攻击选择106 个明文,经过约27. 71次离线加密时间即可成功恢复LBlock 的全部密钥。与LBlock 侧信道立 方攻击和具有Feistel 结构的DES 算法踪迹驱动Cache 攻击相比,其攻击效果更明显。

关键词: 微处理器, 分组密码, LBlock 算法, 侧信道攻击, 踪迹驱动Cache 攻击, 时间复杂度, 数据复杂度

Abstract: As a new lightweight block cipher,LBlock cipher receives much attention since its excellent performance on hardware and software platforms. Currently, the secure evaluation on LBlock cipher heavy relies on the traditional mathematical attacks. The cache attack is a type of side channel attacks, and it has actual threat to the secure implementation of ciphers algorithm. In all kinds of Cache attacks,trace driven Cache attack has the advantage of using less samples and having higher efficiency. Based on the structure of the cipher algorithm and the property of its key schedule,this paper proposes a trace driven Cache attack on the LBlock algorithm. This attack recovers the secret key by capturing the leaked information in the process of accessing to the Cache. Analysis result shows that this attack requires a data complexity of about 106 chosen plaintexts,and a time complexity of about 27. 71 encryption operations. Compared with the proposed side channel cube attacks on LBlock and trace driven Cache attack on DES which also has the structure of Feistel,the attack is more favorable.

Key words: microprocessor, block cipher, LBlock algorithm, side channel attack, trace driven Cache attack, time complexity, data complexity

中图分类号: