{"title":"屏蔽SM3-MAC硬件实现的漏电检测","authors":"Hang Yu, Zhenhao He, Liji Wu, Xiangmin Zhang","doi":"10.1109/ICASID.2019.8925299","DOIUrl":null,"url":null,"abstract":"The SM3-MAC algorithm is a Message Authentication Code (MAC) algorithm based on the SM3 hash algorithm proposed by Office of Security Commercial Code Administration in 2010. In this paper, a masking scheme for SM3-MAC algorithm using key mask is proposed. Then, 5,000 power traces are collected by software simulation with Hamming distance model. We can prove that the unmasked SM3-MAC hardware is vulnerable to first-order power analysis, while the masked SM3-MAC hardware does not have register leakage under the Hamming distance model. After that, the SAKURA-G FPGA board is used to collect two sets of power traces of the masked SM3-MAC hardware, each of which contains 3,000 traces. The Test Vector Leakage Assessment (TVLA) methodology proves that there is a 99.999% chance that no first-order power leakage is detected in the masked SM3-MAC hardware. Finally, the feasibility of second-order power analysis is discussed, and the effects of different pre-processing functions on correlation are investigated. A second-order test has been carried out to analyze the second-order security of the masked SM3-MAC hardware, which proves that there exists second-order leakage.","PeriodicalId":422125,"journal":{"name":"2019 IEEE 13th International Conference on Anti-counterfeiting, Security, and Identification (ASID)","volume":"62 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Power Leakage Detection for a Masked SM3-MAC Hardware Implementation\",\"authors\":\"Hang Yu, Zhenhao He, Liji Wu, Xiangmin Zhang\",\"doi\":\"10.1109/ICASID.2019.8925299\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The SM3-MAC algorithm is a Message Authentication Code (MAC) algorithm based on the SM3 hash algorithm proposed by Office of Security Commercial Code Administration in 2010. In this paper, a masking scheme for SM3-MAC algorithm using key mask is proposed. Then, 5,000 power traces are collected by software simulation with Hamming distance model. We can prove that the unmasked SM3-MAC hardware is vulnerable to first-order power analysis, while the masked SM3-MAC hardware does not have register leakage under the Hamming distance model. After that, the SAKURA-G FPGA board is used to collect two sets of power traces of the masked SM3-MAC hardware, each of which contains 3,000 traces. The Test Vector Leakage Assessment (TVLA) methodology proves that there is a 99.999% chance that no first-order power leakage is detected in the masked SM3-MAC hardware. Finally, the feasibility of second-order power analysis is discussed, and the effects of different pre-processing functions on correlation are investigated. A second-order test has been carried out to analyze the second-order security of the masked SM3-MAC hardware, which proves that there exists second-order leakage.\",\"PeriodicalId\":422125,\"journal\":{\"name\":\"2019 IEEE 13th International Conference on Anti-counterfeiting, Security, and Identification (ASID)\",\"volume\":\"62 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE 13th International Conference on Anti-counterfeiting, Security, and Identification (ASID)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICASID.2019.8925299\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE 13th International Conference on Anti-counterfeiting, Security, and Identification (ASID)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICASID.2019.8925299","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
摘要
SM3-MAC算法是美国安全商码管理局(Office of Security Commercial Code Administration)在2010年提出的基于SM3哈希算法的MAC (Message Authentication Code)算法。本文提出了一种基于密钥掩码的SM3-MAC算法掩码方案。然后,采用汉明距离模型对采集的5000条电源走线进行软件仿真。我们可以证明,在汉明距离模型下,未被屏蔽的SM3-MAC硬件容易受到一阶功率分析的影响,而被屏蔽的SM3-MAC硬件没有寄存器泄漏。然后,使用SAKURA-G FPGA板收集屏蔽SM3-MAC硬件的两组电源走线,每组包含3000条走线。测试向量泄漏评估(TVLA)方法证明在屏蔽SM3-MAC硬件中有99.999%的机会没有检测到一阶功率泄漏。最后,讨论了二阶幂分析的可行性,并研究了不同预处理函数对相关性的影响。通过二阶测试分析了屏蔽SM3-MAC硬件的二阶安全性,证明了SM3-MAC硬件存在二阶泄漏。
Power Leakage Detection for a Masked SM3-MAC Hardware Implementation
The SM3-MAC algorithm is a Message Authentication Code (MAC) algorithm based on the SM3 hash algorithm proposed by Office of Security Commercial Code Administration in 2010. In this paper, a masking scheme for SM3-MAC algorithm using key mask is proposed. Then, 5,000 power traces are collected by software simulation with Hamming distance model. We can prove that the unmasked SM3-MAC hardware is vulnerable to first-order power analysis, while the masked SM3-MAC hardware does not have register leakage under the Hamming distance model. After that, the SAKURA-G FPGA board is used to collect two sets of power traces of the masked SM3-MAC hardware, each of which contains 3,000 traces. The Test Vector Leakage Assessment (TVLA) methodology proves that there is a 99.999% chance that no first-order power leakage is detected in the masked SM3-MAC hardware. Finally, the feasibility of second-order power analysis is discussed, and the effects of different pre-processing functions on correlation are investigated. A second-order test has been carried out to analyze the second-order security of the masked SM3-MAC hardware, which proves that there exists second-order leakage.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
