| Traditionally, the security of cryptographic chips depends on the mathematic complexity of the cryptographic algorithms, the authentication mode and the secure protocol. However, as for a pratical cryptosystem (such as smartcard cryptosystem), the security is not only concerned with the cryptographic algorithm, but also related to the program implementation and hardware design. The latest researches have shown that even if the cryptographic algorithm is secure theoretically, it may still be insecure due to improper physical implementation. This phenomenon can be explained by 'short board effect', namely, the security of cryptosystem rests on the most frangible component in the system.Side-channel attack (SCA) is a new cryptanalysis, which breaks through the thinking mode of traditional cryptoanalysis and cracks the cryptosystem by using the run-time physical information (power consumption, electromagnetic radiation, acoustics, visible light, etc) leaked from cryptographic chips. Compared with traditional cryptanalysis, SCA has less key search space and better analytical performance.Taking cryptographic chip as research object and on the clue of SCA development and application, this dissertation carries out the research on SCA key technologies. Researches mainly focus on SCA-resistant methods of cryptographic chips and application technologies. The contents include four parts: SCA simulation technology, SCA-resistant methods of cryptographic algorithms (ECC, AES), SCA application and SCA security risk evaluation. Some contributions of the dissertation are enumerated as:Proposing a SCA simulation environment scheme. This scheme is inspired by the spirit of hardware/software co-design. By separating the leakage simulation mechanism from the SCA analytical stratigies, a SCA simulation environment is built through the component technology. The advantage of this scheme is that SCA vulnerabilities existed in cryptographic chips can be detected at the design time. Compared with current PINPAS simulation tool, this scheme is more flexible and effective.Proposing two SCA-resistant ECC fast algorithms. From the point of security and practicability, two ECC fast algorithms (RWNAF algorithm and FWNAF algorithm) are proposed to resist power attack. Both algorithms improve computation speed through optimizing the pre-computing table, and the two algorithms adopt random mask to counteract multiple attacks, including SPA, DPA, RPA and ZPA.Proposing a threshold leakage SCA-resistant scheme for AES algorithm. Firstly, a (t,n) threshold SCA-resistant model is given, and the security of this model is proven by using the entropy theory. Based on this model, a new two-phase masking method is applied for secure AES implementation. Compared with previous methods, this scheme can resist higher-order SCA and template attack simultaneously.Exploring a SCA study case based on biometric cryptosystem. Different from the previous SCA researches, this dissertation introduces SCA into a biometric cryptosystem, and points out that biometric template may be insecure due to SCA effect. Taking the biometric cryptsystem based on keystroke dynamics as example, this dissertation adopts differential power attack to analyze the keystroke features, and simulation result has shown that the descriptor of biometric template can be extracted with few power leakage samples (about 100 power curves).Establishing a qualitative SCA security risk evaluation model. A security risk evaluation model SCREM (Side-Channel Risk Evaluation Model) is presented. Taking mutual information as the security risk index, SCREM model adopts fuzzy analytical method to assess qualitativly security risk caused by multiple side-channel leakages. At the same time, from the view of reducing security risk, mutual information game is introduced into decision-making process between defender and attacker. Furthermore, the selection methods of optimal strategies between both sides are discussed, and the mutual information computation method under Nash equilibria is given.
|
PDF Full Text Request