作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程

• 安全技术 • 上一篇    下一篇

针对BLS短签名的故障攻击

包斯刚1,2,顾海华1,2   

  1. (1.上海交通大学计算机科学与工程系,上海 200240;2.上海华虹集成电路有限责任公司,上海 201203)
  • 收稿日期:2013-07-11 出版日期:2014-08-15 发布日期:2014-08-15
  • 作者简介:包斯刚(1977-),男,硕士研究生,主研方向:密码学,芯片安全;顾海华,高级工程师、博士后。
  • 基金资助:
    国家自然科学基金资助项目(61202372);2011年上海市科委科研计划基金资助项目“芯片安全防护技术研究及卡SoC芯片开发”(11511504600)。

Fault Attack on BLS Short Signature

BAO Si-gang1,2,GU Hai-hua1,2   

  1. (1.Department of Computer Science and Engineering,Shanghai Jiaotong University,Shanghai 200240,China; 2.Shanghai Huahong Integrated Circuit Co.〖KG-*3〗,Ltd.〖KG-*3〗,Shanghai 201203,China)
  • Received:2013-07-11 Online:2014-08-15 Published:2014-08-15

摘要: BLS短签名是基于双线性对构造的数字签名方案,与传统ECDSA签名方案相比具有签名长度短的优势。目前,椭圆曲线密码的故障攻击已经得到深入研究,而基于双线性对构造的密码故障攻击研究则较少。针对BLS短签名的安全问题,从故障攻击的角度进行分析,通过将现有的适用于二元扩域椭圆曲线的无效曲线故障攻击方法推广到三元扩域,从而对BLS短签名方案实施攻击。仿真实验结果表明,在具备单比特故障注入的条件下,该方法只需导入1次单比特的故障即可以较大的概率破解BLS短签名的密钥。

关键词: 故障攻击, 双线性对, BLS短签名, 旁路攻击, 椭圆曲线, 无效曲线攻击

Abstract: BLS short signature is a digital signature scheme based on bilinear pairings,compared with the traditional ECDSA signature,BLS scheme has the advantage of its short signature length.Recently,a lot of researches are made in the field of fault attack on elliptic curve cryptography.However,fault attack on the bilinear pairings-based cryptography is rarely researched.This paper studies the security of BLS short signature scheme through analyzing in fault attack scenario.The main idea is to create the invalid curve attack method suitable for GF(3l) by applying the current invalid curve attack method suitable for GF(2m).This attack method can be used to attack the BLS short signature scheme.Simulation experimental result shows that the key of the BLS short signature can be broken with high probability by this method and only one time with single bit fault injection is required.

Key words: fault attack, bilinear pairings, BLS short signature, side channel attack, elliptic curve;invalid curve attack

中图分类号: