Research On New Power Analysis Methods Of Block Ciphers

As a mainstream encryption method,block cipher has the advantages of easy commercial standardization,strong applicability,no need for synchronization of key information,good diffusion and so on,and it has been widely used in various security devices.Unprotected cryptographic algorithms are vulnerable to side channel attacks when running in cryptographic devices,thus threatening the security of cryptographic devices.How to improve the efficiency of the existing side channel attack and make corresponding protection against the attack is a hot and difficult research at home and abroad at present.In this thesis,based on the international mainstream cryptographic algorithm AES and national secret algorithm SM4 algorithm,the author intends to make a research on the method of the correlation power analysis optimization,the mask protection scheme and the security evaluation of the second round NIST shortlisted cryptography algorithm KNOT.The main work is as follows:1.A new method of correlation power analysis for AES cryptographic algorithm is proposed.Based on the characteristics of power traces of AES algorithm in the serial implementation condition,the intermediate Hamming weight of S-box output is classified by taking advantage of the non-uniform distribution of the intermediate Hamming weight during the power attack process.The candidate keys are distinguished by a group of hamming weights and their corresponding plaintext power traces,and then the power traces are preprocessed by the method of separate guessing to recover the key information.The experimental results on AT89S52 chip show that using the above method only requires 9plaintexts and corresponding power traces,which can correctly recover the single byte key of AES 90% of the time,and the computational complexity is only 4.1% of the classical correlation power analysis,which improves the efficiency of correlation power analysis.2.A second choice plaintext power analysis method for SM4 algorithm is proposed.In order to solve the problem that the cryptographic algorithm is prone to the noise interference when conducting the correlation power analysis under the condition of parallel implementation,the author fixes a number of bits of plaintexts to select the plaintext in a singer way to reduce the influence of other bytes on the attacked key bytes.Moreover,a method of second choice plaintext power analysis is used to distinguish a large group of plaintexts in the correlation power analysis of candidate keys.The experimental results on Sakura-G development board show that using classical correlation analysis to analyze SM4 single byte key information requires 1260 power traces,while using a single selective plaintext attack requires 780 power traces.However,the second selective plaintext power analysis in this paper only needs 536 power traces to recover the correct key.3.A first-order threshold mask scheme for the Knot algorithm is proposed.Based on the structure of the Knot algorithm and the algebraic number properties of the S-box,the Sbox decomposition technology is used to reduce the algebraic number of the S-box of the Knot algorithm,and then the mask protection is performed for the S-box.T test results show that the mask scheme can reduce the leakage of power information,and effectively resist the side channel attack.