针对AES设备的第一轮和最后一轮功率分析攻击

2020 International Conference on Information Technology Systems and Innovation (ICITSI) Pub Date : 2020-10-19 DOI:10.1109/ICITSI50517.2020.9264976

S. D. Putra, A. D. Sumari, I. Asrowardi, E. Subyantoro, Luqman Muhammad Zagi

{"title":"针对AES设备的第一轮和最后一轮功率分析攻击","authors":"S. D. Putra, A. D. Sumari, I. Asrowardi, E. Subyantoro, Luqman Muhammad Zagi","doi":"10.1109/ICITSI50517.2020.9264976","DOIUrl":null,"url":null,"abstract":"Power analysis attacks are a known method of breaking cryptographic algorithms such as AES. The scenario is a first-round and last-round attack based on CPA and hamming distance, each of which provides candidates for 16 secret state key. This paper demonstrates a series of attacks on a secure AES microcontroller device, where the f rmware f les have been encrypted with AES128 EBC. A correlation power analysis (CPA) attack is performed on AES128 to recover the complete master key. The use of CPA attacks is carried out on the first-byte state at First- Round and Last-Round. The correlation coefficient for the entire state in AES in the first-round is 0.712 <<0.8455. Meanwhile, the coefficient value in the second test is 0.1724 <<0.2635. We can conclude the main vulnerability of the AES128 is in the power estimate value that is easy to guess after the SubBytes and INVSubbytes function in each round.","PeriodicalId":286828,"journal":{"name":"2020 International Conference on Information Technology Systems and Innovation (ICITSI)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-10-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"First-Round and Last-Round Power Analysis Attack Against AES Devices\",\"authors\":\"S. D. Putra, A. D. Sumari, I. Asrowardi, E. Subyantoro, Luqman Muhammad Zagi\",\"doi\":\"10.1109/ICITSI50517.2020.9264976\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Power analysis attacks are a known method of breaking cryptographic algorithms such as AES. The scenario is a first-round and last-round attack based on CPA and hamming distance, each of which provides candidates for 16 secret state key. This paper demonstrates a series of attacks on a secure AES microcontroller device, where the f rmware f les have been encrypted with AES128 EBC. A correlation power analysis (CPA) attack is performed on AES128 to recover the complete master key. The use of CPA attacks is carried out on the first-byte state at First- Round and Last-Round. The correlation coefficient for the entire state in AES in the first-round is 0.712 <<0.8455. Meanwhile, the coefficient value in the second test is 0.1724 <<0.2635. We can conclude the main vulnerability of the AES128 is in the power estimate value that is easy to guess after the SubBytes and INVSubbytes function in each round.\",\"PeriodicalId\":286828,\"journal\":{\"name\":\"2020 International Conference on Information Technology Systems and Innovation (ICITSI)\",\"volume\":\"18 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-10-19\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 International Conference on Information Technology Systems and Innovation (ICITSI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICITSI50517.2020.9264976\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 International Conference on Information Technology Systems and Innovation (ICITSI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICITSI50517.2020.9264976","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

功率分析攻击是一种已知的破解AES等加密算法的方法。该方案是基于CPA和汉明距离的第一轮和最后一轮攻击，每一轮攻击提供16个秘密状态密钥的候选。本文演示了对安全AES微控制器设备的一系列攻击，其中固件文件已使用AES128 EBC加密。对AES128进行相关功率分析(CPA)攻击，恢复完整的主密钥。CPA攻击是在第一轮和最后一轮的首字节状态上进行的。第一轮AES中整个州的相关系数为0.712 <<0.8455。同时，第二次检验的系数值为0.1724 <<0.2635。我们可以得出结论，AES128的主要漏洞是在每轮的SubBytes和INVSubbytes函数之后，很容易猜出的功率估计值。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

First-Round and Last-Round Power Analysis Attack Against AES Devices

Power analysis attacks are a known method of breaking cryptographic algorithms such as AES. The scenario is a first-round and last-round attack based on CPA and hamming distance, each of which provides candidates for 16 secret state key. This paper demonstrates a series of attacks on a secure AES microcontroller device, where the f rmware f les have been encrypted with AES128 EBC. A correlation power analysis (CPA) attack is performed on AES128 to recover the complete master key. The use of CPA attacks is carried out on the first-byte state at First- Round and Last-Round. The correlation coefficient for the entire state in AES in the first-round is 0.712 <<0.8455. Meanwhile, the coefficient value in the second test is 0.1724 <<0.2635. We can conclude the main vulnerability of the AES128 is in the power estimate value that is easy to guess after the SubBytes and INVSubbytes function in each round.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2020 International Conference on Information Technology Systems and Innovation (ICITSI)

自引率

0.00%

发文量