Research And Implementation With Mask Technology On AES Encryption Module Of Smartcard Against Side Channel Attack

With the development of encryption technology and integrated circuit technology, encryption devices or terminals that contain cryptographic module have largely come into people’s lives. Cryptographic devices are well used in the traffic, payment, identification in people’s life now. High security smart card with embedded CPU is gradually replacing the magnetic card and has been widely used in financial and related industries; the security of smart card will directly affect the safety of people’s privacy and property. All cryptographic devices will leak some side channel information such as power, electromagnetic radios, sound and so on. Side channel attack is such kind of attack that collects the side channel information and analyzes it to recover the secret information of the cryptographic devices, and as one of the most efficient side channel attack methods, the correlation power analysis(CPA) can easily reveal the secret key information of smart card encryption algorithms, such as AES algorithm, which would cause a serious threat to the security of smart card. Therefore, the safety of the smart card has gradually become a research hotspot, however, limited to the small chip storage space of smart card, related protection scheme are often required to compromise on safety or efficiency of encryption algorithms, with a variety of complex attack technologies continue to emerge, many kinds of loopholes in the design and implementation of the existing protection scheme have been found, safer protection schemes are still in the exploring stage, some theoretically secure schemes are also lack of related experimental demonstration.This thesis mainly discusses the realization schemes of mask technology in smart card, deeply analyzes three common mask schemes so far, including the fixed value mask scheme, RSM scheme and high-order mask scheme, introduces their protection principle and implementation process, then analyzes the their safety level. The conclusion is the fixed mask scheme could not resist second-order CPA attack, RSM scheme could not resist first-order CPA based on the offset, and although the high-order mask scheme has relatively higher safety level than the former two, the efficiency is very low, which could not be applied in practice.For the deficiency of the existing mask schemes in terms of safety, this thesis proposes a protection scheme of AES encryption module in smart card using random mask technology which could resist side channel attack. Optimize the design of random mask and the whole process of masking protection; repair the power leakage point of intermediate values, theoretically prove the proposed scheme can resist first-order CPA attack, second-order CPA attack and first-order CPA attack based on the offset, and by building a side channel attack experimental platform of power acquisition and analysis, making multi group comparison experiments of power attack between existing schemes and the proposed scheme, which verifies the validity and security of the scheme.