| Block cipher belongs to symmetric cipher algorithm,which plays an important role in network and information security because of its fast encryption and decryption speed and easy standardization.When the block cipher algorithm is implemented on the real cipher device(such as the cipher chip),it will be vulnerable to the threat of side channel attack if it is not protected.How to improve the efficiency of the existing attacks and how to resist the side-channel attacks has always been the focus and difficulty of international research.Currently,the most common,simple and effective scheme against side channel attack is masking.Masking is used to secure cryptographic algorithms at the algorithm level.How to construct an efficient and safe mask protection scheme becmes a research hotspot.Based on AES(Advanced Encryption Standards),SM4 and lightweight block cipher LED,some improved attacks and new mask schemes are proposed in this thesis.The main research contents are as follows:1.Correlation power analysis of SM4 with accuracy model is given.The concept of accuracy model of correlation power analysis is introduced.Based on the structure of SM4,correlation power analysis with accuracy model is proposed.It is shown that the success rate of correlation power analysis based on the accuracy model is higher than that of the classic correlation power analysis under the premise of the same number of power traces.Especially,the computation cost is basically the same as that of the classic correlation power analysis if we only check the cipher algorithm with fewer S-boxes.2.Stepwise correlation power analysis and mask schemes of AES are presented.The reasons for the low efficiency of correlation power analysis under parallel implementation is investigated,and a specific stepwise scheme is also presented.Based on the structure of AES,the stepwise correlation power analysis is constructed with the accuracy model of correlation power analysis.Simulation results show that the new stepwise correlation power analysis reduces the number of power traces by about 60% compared with the classic correlation power analysis on the premise of success rate up to 90%.Experiments on SAKURA-G show that the number of power traces needed to recover the correct key is very close to the case when the search space is expanded to the maximum.Moreover,two mask protection schemes with fewer extra random variables are also presented.3.A second order threshold implementation of LED cipher is proposed.Based on the structure of LED,an S-box decomposition method is used to reduce the computation cost.The decomposed schemes are filtered with the resources needed for the specific operation implementation.And a second-order threshold implementation of LED is proposed.Experimental results show that the second-order threshold implementation can effectively reduce the side information leakage and resist the side channel attack. |
