Jasper van Woudenberg, Cees-Bart Breunesse, Rajesh Velegalati, P. Yalla, Sergio Gonzalez
{"title":"使用符号执行的微分故障分析","authors":"Jasper van Woudenberg, Cees-Bart Breunesse, Rajesh Velegalati, P. Yalla, Sergio Gonzalez","doi":"10.1145/3151137.3151141","DOIUrl":null,"url":null,"abstract":"Differential fault analysis (DFA) is a cryptanalytic attack that uses corrupted cipher executions to extract secret/private keys. Traditionally applied in hardware-based systems, it is now being actively used in extracting keys from (whiteboxed) software cipher implementations. Extensive research is published which aims at increasing the efficiency of DFA on symmetric ciphers using fewer number of faulty cipher texts. However, such DFA attacks require manual analysis as a pre-processing step, a fixed guess at the fault model, and can be non-trivial to implement. Algebraic Fault Analysis (AFA) is a class of DFA which overcomes these difficulties by using a combination of algebraic cryptanalysis and DFA to retrieve the secret key. In this paper, we present a methodology which decreases the complexity of performing AFA, by using a symbolic execution engine on a software implementation of the cipher to create constraints which are then fed into a SAT solver. We test our proposed methodology against the AES and DES ciphers using different fault models, and show that under a given fault model, the keys can be extracted with as little as ~2 and ~5 faults respectively.","PeriodicalId":68286,"journal":{"name":"中国安防产品信息","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2017-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Differential Fault Analysis Using Symbolic Execution\",\"authors\":\"Jasper van Woudenberg, Cees-Bart Breunesse, Rajesh Velegalati, P. Yalla, Sergio Gonzalez\",\"doi\":\"10.1145/3151137.3151141\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Differential fault analysis (DFA) is a cryptanalytic attack that uses corrupted cipher executions to extract secret/private keys. Traditionally applied in hardware-based systems, it is now being actively used in extracting keys from (whiteboxed) software cipher implementations. Extensive research is published which aims at increasing the efficiency of DFA on symmetric ciphers using fewer number of faulty cipher texts. However, such DFA attacks require manual analysis as a pre-processing step, a fixed guess at the fault model, and can be non-trivial to implement. Algebraic Fault Analysis (AFA) is a class of DFA which overcomes these difficulties by using a combination of algebraic cryptanalysis and DFA to retrieve the secret key. In this paper, we present a methodology which decreases the complexity of performing AFA, by using a symbolic execution engine on a software implementation of the cipher to create constraints which are then fed into a SAT solver. We test our proposed methodology against the AES and DES ciphers using different fault models, and show that under a given fault model, the keys can be extracted with as little as ~2 and ~5 faults respectively.\",\"PeriodicalId\":68286,\"journal\":{\"name\":\"中国安防产品信息\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-12-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"中国安防产品信息\",\"FirstCategoryId\":\"96\",\"ListUrlMain\":\"https://doi.org/10.1145/3151137.3151141\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"中国安防产品信息","FirstCategoryId":"96","ListUrlMain":"https://doi.org/10.1145/3151137.3151141","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Differential Fault Analysis Using Symbolic Execution
Differential fault analysis (DFA) is a cryptanalytic attack that uses corrupted cipher executions to extract secret/private keys. Traditionally applied in hardware-based systems, it is now being actively used in extracting keys from (whiteboxed) software cipher implementations. Extensive research is published which aims at increasing the efficiency of DFA on symmetric ciphers using fewer number of faulty cipher texts. However, such DFA attacks require manual analysis as a pre-processing step, a fixed guess at the fault model, and can be non-trivial to implement. Algebraic Fault Analysis (AFA) is a class of DFA which overcomes these difficulties by using a combination of algebraic cryptanalysis and DFA to retrieve the secret key. In this paper, we present a methodology which decreases the complexity of performing AFA, by using a symbolic execution engine on a software implementation of the cipher to create constraints which are then fed into a SAT solver. We test our proposed methodology against the AES and DES ciphers using different fault models, and show that under a given fault model, the keys can be extracted with as little as ~2 and ~5 faults respectively.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
