| encryption chip is the core device for storing keys and cryptographic computation,as thecore of information security. It will threat to the security of the protection information directly,which the key is to be deciphered or obtained. The hostility or motivated by profit organizationor individuals will do everything possible to get the key or information protected by encryptionchip. The cryptographic algorithms in the encryption chip, with perfect mathematical security,have good defense capabilities in the face of traditional code-breaking methods such as violentattacks. However, to achieve security features of the encryption-chip, relying only on the securityof the encryption algorithm is not enough. All the system-related information during theencryption chips working period, will become the entry point for attackers. Bypass attack is aanalysis techniques, using the leak information this technique as the entry point. It does notattack the cryptographic algorithm directly, but to attack the weak links in the realization ofcryptographic algorithms in order to obtain the key information.For its simple implementation and low cost. In recent years, it has become a major threat tocryptographic device. But under the bypass power attacks, the risk quantification methods ofencryption chips have been little-researched.so we present the risk quantification method fortemplate power attacks and differential power attacks with the dimension of entropy, based onthe theory of entropy, relative entropy and mutual information and combined kernel functionprobability density estimation methods. Finally, we analyze the actual AES encryption chip. Themain contents are as follows:(1) Identify the weak points of the AES cipher chip during operation. Base on the workprocess of AES encryption chip, we Recognition the inherent vulnerable points that the powerattack can use and discusses the principle that the specific vulnerable point can be attacked.(2)The value at risk calculation model for power template attacks: encryption chip evaluatorevaluate the risk value through the relevant knowledge about the implementation details ofencryption chip get an accurate result. Then, the encryption chip evaluator based on theconstraints of the cryptographic device management guidelines to reduce their level ofknowledge, to imitate the behavior of the attacker, then to get a relatively practical result. Thefinal assessment of the evaluator is to use the information theory to quantify the degree ofdifference between these two attacks result.(3)the risk calculation model for differential power attacks: If the attacker guess the correctsub-key, the model and the power leakage amount of bits of the S-box will not be two separatedistribution. The greater the likelihood the greater the degree of correlation between the powerleakage amount of attack models and attack bit the attacker to identify the correct key. Therefore,the degree of association between the attack model and the amount of power consumption leakedis the powerful indicator of the VAR of the encryption chip which under DPA attack.At last, we use the FPGA board to verify the value of this risk quantification method toprove the validity of the assessment methods, and practical protection strategy. |
PDF Full Text Request