基于随机故障注入的SM4差分故障攻击方法

doi:10.3969/j.issn.1000-3428.2016.07.022

计算机工程

基于随机故障注入的SM4差分故障攻击方法

荣雪芳,吴震,王敏,杜之波,饶金涛

(成都信息工程大学信息安全工程学院,成都 610225)

收稿日期:2015-07-24 出版日期:2016-07-15 发布日期:2016-07-15
作者简介:荣雪芳(1989-),女,硕士研究生,主研方向为信息安全、侧信道攻击与防御;吴震,副教授、硕士;王敏,讲师、博士研究生;杜之波,讲师、硕士;饶金涛,助教、硕士。
基金资助:
国家“863”计划基金资助项目(2012AA01A403);国家重大科技专项基金资助项目(2014ZX01032401-001);“十二五”国家密码发展基金资助项目(MMJJ201101022);四川省科技支撑计划基金资助项目(2014GZ0148);四川省教育厅重点科研基金资助项目(13ZA0091);成都信息工程大学科研基金资助项目(CRF201301)。

Differential Fault Attack Method on SM4 Based on Random Fault Injection

RONG Xuefang,WU Zhen,WANG Min,DU Zhibo,RAO Jintao

(School of Information Security Engineering,Chengdu University of Information Technology,Chengdu 610225,China)

Received:2015-07-24 Online:2016-07-15 Published:2016-07-15

摘要/Abstract

摘要： 现有研究往往要求将故障注入到固定位置的某一字节中,进而获取到特殊的错误密文以实施攻击,然而该假设在实际攻击中难以实现。为此,基于随机故障注入,提出一种SM4差分故障攻击方法。对SM4加密算法的后4轮进行随机故障注入,经简单筛选得到错误密文,并结合候选密钥筛选方法攻击出后4轮子密钥。通过对无防护SM4算法的智能卡实施该攻击的结果表明,与其他攻击方法相比,该方法可扩大故障注入的范围,提高故障攻击的实用性。

关键词: 随机故障注入, SM4算法, 错误密文筛选, 差分分析, 密钥筛选

Abstract: In the existing researches,a fault is often required to be injected into a byte of a fixed position,and then special wrong ciphertext is obtained to carry out attacks.This assumption is difficult to achieve in the actual attack,so a differential fault attack method on SM4 based on random fault injection is proposed.Random faults are injected into the last four rounds of the SM4 encryption algorithm,and wrong ciphertext is generated by these faults.The sub keys of the last four rounds are got by using the candidate key screening method.The attack is made to an unprotected SM4 smart card.Compared with other attack methods,this method expands the scope of fault injection and improves the practicability of the fault attack.

Key words: random fault injection, SM4 algorithm, wrong ciphertext screening, differential cryptanalysis, key screening

中图分类号:

TP301.6

荣雪芳,吴震,王敏,杜之波,饶金涛. 基于随机故障注入的SM4差分故障攻击方法[J]. 计算机工程, doi: 10.3969/j.issn.1000-3428.2016.07.022.

RONG Xuefang,WU Zhen,WANG Min,DU Zhibo,RAO Jintao. Differential Fault Attack Method on SM4 Based on Random Fault Injection[J]. Computer Engineering, doi: 10.3969/j.issn.1000-3428.2016.07.022.

http://www.ecice06.com/CN/Y2016/V42/I7/129

参考文献

参考文献［1］Boneh D,de Millo R A,Lipton R J.On the Importance of Checking Cryptographic Protocols for Faults［C］//Prcoceedings of International Conference on the Theory and Application of Cryptographic Techniques.Berlin,Germany:Springer,1997:37-51. ［2］Biham E,Shamir A.Differential Fault Analysis of Secret Key Cryptosystems［C］//Proceedings of the 17th Annual International Cryptology Conference.Berlin,Germany:Springer,1997:513-525. ［3］Piret G,Quisquater J J.A Differential Fault Attack Technique Against SPN Structures,with Application to the AES and KHAZAD［C］//Proceedings of the 5th International Workshop on Cryptographic Hardware and Embedded Systems.Berlin,Germany:Springer,2003:77-88. ［4］Giraud C.DFA on AES［C］//Proceedings of the 4th International Conference on Advanced Encryption Standard.Berlin,Germany:Springer,2005:27-41. ［5］Mukhopadhyay D.An Improved Fault Based Attack of the Advanced Encryption Standard［C］//Proceedings of the 2nd International Conference on Cryptology in Africa.Berlin,Germany:Springer,2009:421-434. ［6］王红胜,宋凯,张阳,等.针对高级加密标准算法的光故障注入攻击［J］.计算机工程,2011,37(21):97-99. ［7］NIST.Security Requirements for Cryptographic Modules［EB/OL］.(2001-05-25).http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf. ［8］国家商用密码管理办公室.无线局域网产品使用的SMS4密码算法［EB/OL］.(2006-01-19).http://www.oscca.gov.cn/upfile/200621016423197990.pdf. ［9］刘佳,韦宝典,戴宪华.SMS4算法S盒的密码学性质［J］.计算机工程,2008,34(5):158-160. ［10］张蕾,吴文玲.SMS4密码算法的差分错误攻击［J］.计算机学报,2006,29(9):2596-2602. ［11］Li Ruilin,Sun Bing,Li Chao,et al.Different Fault Analysis on SMS4 Using a Single Fault［J］.Information Processing Letters,2011,11(4):156-163. ［12］Li Wei,Gu Dawu.An Improved Method of Differential Fault Analysis on the SMS4 Cryptosystem［C］//Proceedings of the 1st International Symposium on Data,Privacy,and E-commerce.New York,USA:ACM Press,2007:175-180. ［13］李玮,谷大武.基于密钥编排错误的SMS4算法的差分错误分析［J］.通信学报,2008,29(10):135-142. ［14］Li Wei.An Improved Method of Differential Fault Analysis on SMS4 Key Schedule［C］//Proceedings of the 2nd International Conference on Future Computer and Communication.Washington D.C.,USA:IEEE Press,2010:95-99. ［15］Li Wei,Gu Dawu,Wang Yong,et al.An Extension of Differential Fault Analysis on SMS4［C］//Proceedings of the 2nd International Conference on E-business and Information System Security.Washington D.C.,USA:IEEE Press,2010:1-4. 编辑顾逸斐

[1]	黄保华, 郑慧颖, 屈锡, 陈宁江. 联盟链高效存储访问控制方案[J]. 计算机工程, 2023, 49(8): 37-45.
[2]	纪文桃, 李媛媛, 秦宝东. 基于决策树的SM4分组密码工作模式识别[J]. 计算机工程, 2021, 47(8): 157-161,169.
[3]	石淑英, 何骏. GRANULE算法的不可能差分分析[J]. 计算机工程, 2019, 45(10): 134-138.
[4]	李新超,钟卫东,刘明明,李栋. 基于秘密共享的SM4算法S盒实现方案[J]. 计算机工程, 2018, 44(11): 148-153.
[5]	陈彦琴,张文英. SIMECK32/64算法的不可能差分分析[J]. 计算机工程, 2017, 43(4): 141-144,153.
[6]	谭锐能，卢元元，田椒陵. 抗侧信道攻击的SM4多路径乘法掩码方法[J]. 计算机工程, 2014, 40(5): 103-108,114.
[7]	王晨光, 乔树山, 黑勇. 分组密码算法SM4的低复杂度实现[J]. 计算机工程, 2013, 39(7): 177-180.
[8]	毛熠, 陈娜. MD5算法的研究与改进[J]. 计算机工程, 2012, 38(24): 111-114.
[9]	李延延, 张文英, 吴刚奇. 差分分析方法在HAVAL中的应用[J]. 计算机工程, 2011, 37(3): 108-110,113.
[10]	杜宝萍, 张文英. 针对9轮DES的相关密钥Boomerang攻击[J]. 计算机工程, 2011, 37(12): 130-132.

选择文件类型/文献管理软件名称

选择包含的内容

基于随机故障注入的SM4差分故障攻击方法

Differential Fault Attack Method on SM4 Based on Random Fault Injection

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 10

编辑推荐

Metrics

本文评价

模态框（Modal）标题

选择文件类型/文献管理软件名称

选择包含的内容

基于随机故障注入的SM4差分故障攻击方法

Differential Fault Attack Method on SM4 Based on Random Fault Injection

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 10

编辑推荐

Metrics

本文评价