CN117278195A - Verification method and device for attack model - Google Patents
Verification method and device for attack model Download PDFInfo
- Publication number
- CN117278195A CN117278195A CN202311147795.4A CN202311147795A CN117278195A CN 117278195 A CN117278195 A CN 117278195A CN 202311147795 A CN202311147795 A CN 202311147795A CN 117278195 A CN117278195 A CN 117278195A
- Authority
- CN
- China
- Prior art keywords
- power consumption
- key
- consumption curve
- simulation
- attacked
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 78
- 238000012795 verification Methods 0.000 title claims abstract description 27
- 238000004088 simulation Methods 0.000 claims abstract description 116
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 71
- 238000012545 processing Methods 0.000 claims abstract description 24
- 230000008569 process Effects 0.000 claims description 40
- 238000004458 analytical method Methods 0.000 claims description 17
- 238000004364 calculation method Methods 0.000 claims description 10
- 238000004891 communication Methods 0.000 claims description 4
- 230000000875 corresponding effect Effects 0.000 description 87
- 238000010586 diagram Methods 0.000 description 8
- 238000005516 engineering process Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 230000008859 change Effects 0.000 description 3
- 230000009466 transformation Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000006243 chemical reaction Methods 0.000 description 2
- OKTJSMMVPCPJKN-UHFFFAOYSA-N Carbon Chemical compound [C] OKTJSMMVPCPJKN-UHFFFAOYSA-N 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000002596 correlated effect Effects 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 125000004122 cyclic group Chemical group 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005265 energy consumption Methods 0.000 description 1
- 229910021389 graphene Inorganic materials 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
- H04L9/003—Countermeasures against attacks on cryptographic mechanisms for power analysis, e.g. differential power analysis [DPA] or simple power analysis [SPA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/145—Network analysis or design involving simulating, designing, planning or modelling of a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/26—Testing cryptographic entity, e.g. testing integrity of encryption key or encryption algorithm
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The specification discloses a verification method and device for an attack model. Firstly, obtaining equipment information of equipment to be attacked, wherein the equipment information comprises a cryptographic algorithm adopted by the equipment to be attacked. And secondly, selecting a simulation model corresponding to the password algorithm. And inputting the preset key and at least one sample data into a simulation model for simulation processing to obtain a simulation power consumption curve corresponding to the at least one sample data, and inputting each guess key and the at least one sample data corresponding to the preset key into an attack model to obtain each guess power consumption curve corresponding to the at least one sample data. And finally, verifying the effectiveness of restoring the attack model to the preset key according to the simulated power consumption curve and each guess power consumption curve. The method can simulate the power consumption curve of the equipment to be attacked through the simulation model, and can verify the effectiveness of the attack model in restoring the preset secret key before the equipment to be attacked is obtained.
Description
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a method and an apparatus for verifying an attack model.
Background
At present, with the development of information and analysis circuit technology, the cracking of hardware password electronic equipment is not simply stopped on protocols and algorithms, but starts from the information revealed in the process of processing data. The hardware cryptographic electronic equipment has the leakage of energy information in the information processing engineering, and attacks the cryptographic electronic equipment by utilizing the leaked energy information, namely, the side channel energy analysis attack.
The side channel energy analysis attack is an attack mode for analyzing and decoding key information by collecting energy consumption generated by hardware password electronic equipment such as an encryption chip and the like when encryption and decryption operations are carried out and utilizing the principles of cryptography, statistics and the like.
In order to ensure the data security of the encryption chip, a developer needs to attack the encryption chip through an attack model in the process of developing the encryption chip so as to judge the reliability of the encryption chip. Based on this, the developer also needs to develop an attack model for attacking the encryption chip.
However, in the process of developing an attack model, an attacked sample needs to be obtained to verify the validity of the attack model. In addition, in the process of verifying the validity of the attack model, if the condition of attack failure occurs, whether the attack failure is caused by the error of the attack logic in the attack model or the attack failure is caused by the interference means of the attacked sample can not be judged.
Therefore, how to verify the validity of the attack model is a urgent problem to be solved.
Disclosure of Invention
The specification provides a verification method, a verification device, an electronic device and a machine-readable storage medium for an attack model to verify the effectiveness of the attack model.
The technical scheme adopted in the specification is as follows:
the specification provides a verification method of an attack model, wherein the attack model is used for restoring a key of equipment to be attacked according to a power consumption curve of the equipment to be attacked; the power consumption curve is a curve formed by power consumption values generated when the device to be attacked executes a plurality of intermediate calculation processes related to the key in the process of encrypting or decrypting the data on the device to be attacked based on the key, and the curve comprises:
the attack model is used for restoring the key of the equipment to be attacked according to the power consumption curve of the equipment to be attacked; the power consumption curve is a curve formed by power consumption values generated when the device to be attacked executes a plurality of intermediate calculation processes related to the secret key in the process of encrypting or decrypting the data on the device to be attacked based on the secret key.
Optionally, the working mode of the simulation model includes an encryption mode, and the working mode of the attack model includes an encryption mode;
inputting a preset key and at least one sample data into the simulation model for simulation processing to obtain a simulation power consumption curve corresponding to the at least one sample data, and inputting each guess key corresponding to the preset key and the at least one sample data into an attack model to obtain each guess power consumption curve corresponding to the at least one sample data, wherein the simulation power consumption curve comprises the following steps:
if the equipment to be attacked is determined to encrypt data by adopting the cryptographic algorithm, inputting a preset secret key and at least one plaintext data into a simulation model with an encryption mode as a working mode to obtain a simulation power consumption curve corresponding to the at least one plaintext data, and inputting each guess secret key corresponding to the preset secret key and the at least one plaintext data into an attack model with the encryption mode as the working mode to obtain each guess power consumption curve corresponding to the at least one plaintext data;
according to the simulated power consumption curves and the guessed power consumption curves, verifying the validity of the attack model for restoring the preset secret key, wherein the verifying comprises the following steps:
And verifying the validity of the attack model for restoring the preset secret key according to the simulated power consumption curve corresponding to the at least one plaintext data and each guess power consumption curve corresponding to the at least one plaintext data.
Optionally, the working mode of the simulation model includes a decryption mode, and the working mode of the attack model includes a decryption mode;
inputting a preset key and at least one sample data into the simulation model for simulation processing to obtain a simulation power consumption curve corresponding to the at least one sample data, and inputting each guess key corresponding to the preset key and the at least one sample data into an attack model to obtain each guess power consumption curve corresponding to the at least one sample data, wherein the simulation power consumption curve comprises the following steps:
if the equipment to be attacked is determined to decrypt the data by adopting the cryptographic algorithm, inputting a preset secret key and at least one piece of encrypted data into a simulation model with a working mode being a decryption mode, obtaining a simulation power consumption curve corresponding to the at least one piece of encrypted data, and inputting each guess secret key corresponding to the preset secret key and the at least one piece of encrypted data into an attack model with the working mode being the decryption mode, obtaining each guess power consumption curve corresponding to the at least one piece of encrypted data;
According to the simulated power consumption curves and the guessed power consumption curves, verifying the validity of the attack model for restoring the preset secret key, wherein the verifying comprises the following steps:
and verifying the validity of the attack model for restoring the preset key according to the simulated power consumption curve corresponding to the at least one piece of encrypted data and each guess power consumption curve corresponding to the at least one piece of encrypted data.
Optionally, a horizontal axis in the power consumption curve is used to represent an intermediate result related to the key, and a vertical axis in the power consumption curve is used to represent hamming weight.
Optionally, inputting a preset key and at least one sample data into the simulation model for simulation processing to obtain a simulated power consumption curve corresponding to the at least one sample data, and inputting each guess key corresponding to the preset key and the at least one sample data into the attack model to obtain each guess power consumption curve corresponding to the at least one sample data, including:
determining an intermediate result related to the key from a plurality of intermediate calculation processes related to the key, which are executed by the equipment to be attacked by adopting the cryptographic algorithm;
Selecting at least one target intermediate result from intermediate results associated with the key corresponding to the cryptographic algorithm;
inputting a preset key and at least one sample data into the simulation model for simulation processing to obtain a simulation power consumption curve corresponding to the at least one sample data and containing at least one target intermediate result, and inputting each guess key corresponding to the preset key and the at least one sample data into the attack model to obtain each guess power consumption curve corresponding to the at least one sample data and containing at least one target intermediate result.
Optionally, verifying the validity of the attack model for restoring the preset key according to the simulated power consumption curve and each guess power consumption curve includes:
performing power consumption analysis on the simulation power consumption curves and the guess power consumption curves according to a side channel analysis algorithm corresponding to the simulation model to obtain a predictive key, and determining whether the predictive key is identical to the preset key; if yes, verifying that the attack model is valid; if not, verifying that the attack model is invalid.
Optionally, the cryptographic algorithm includes: SM1, SM2, SM3-HMAC, SM4, SM7, SM9, DES, AES, RSA, ECC, SHA-HMAC.
The specification provides a verification device of an attack model, wherein the attack model is used for restoring a key of equipment to be attacked according to a power consumption curve of the equipment to be attacked; the power consumption curve is a curve formed by power consumption values generated when the device to be attacked executes a plurality of intermediate calculation processes related to the key in the process of encrypting or decrypting the data on the device to be attacked based on the key, and the curve comprises:
the acquisition module is used for acquiring equipment information of the equipment to be attacked, wherein the equipment information comprises a cryptographic algorithm adopted by the equipment to be attacked;
the selecting module is used for selecting a simulation model corresponding to the cryptographic algorithm; the simulation model is used for simulating the power consumption curve generated in the process that the equipment to be attacked adopts the cryptographic algorithm to encrypt or decrypt the data on the equipment to be attacked;
the input module is used for inputting a preset secret key and at least one sample data into the simulation model for simulation processing to obtain a simulation power consumption curve corresponding to the at least one sample data, and inputting each guess secret key corresponding to the preset secret key and the at least one sample data into the attack model to obtain each guess power consumption curve corresponding to the at least one sample data;
And the verification module is used for verifying the attack model according to the simulated power consumption curve and the guessed power consumption curve.
The specification provides an electronic device, which comprises a communication interface, a processor, a memory and a bus, wherein the communication interface, the processor and the memory are connected with each other through the bus;
the memory stores machine readable instructions, and the processor executes the verification method of the attack model by calling the machine readable instructions.
The present specification provides a machine-readable storage medium storing machine-readable instructions that, when invoked and executed by a processor, implement a method of verifying an attack model as described above.
The above-mentioned at least one technical scheme that this specification adopted can reach following beneficial effect:
in the verification method of the attack model provided by the specification, a cryptographic algorithm of equipment to be attacked is obtained, and a simulation model corresponding to the cryptographic algorithm is selected. And then, inputting the preset key and at least one sample data into a simulation model for simulation processing to obtain a simulation power consumption curve corresponding to the at least one sample data, and inputting each guess key and the at least one sample data corresponding to the preset key into an attack model to obtain each guess power consumption curve corresponding to the at least one sample data. And finally, verifying the effectiveness of restoring the attack model to the preset key according to the simulated power consumption curve and each guess power consumption curve. The method can simulate the power consumption curve of the equipment to be attacked through the simulation model, and can verify the effectiveness of the attack model in restoring the preset secret key before the equipment to be attacked is obtained.
Drawings
The accompanying drawings, which are included to provide a further understanding of the specification, illustrate and explain the exemplary embodiments of the present specification and their description, are not intended to limit the specification unduly. In the drawings:
FIG. 1 is a flow chart illustrating a method of validating an attack model in accordance with an exemplary embodiment;
FIG. 2 is a schematic diagram of a power consumption profile shown in an exemplary embodiment;
FIG. 3 is a schematic diagram of a control interface of a simulation model, shown in an exemplary embodiment;
FIG. 4 is a block diagram of an electronic device in which a verification apparatus for an attack model is located, as shown in an exemplary embodiment;
FIG. 5 is a block diagram illustrating a verification device of an attack model in accordance with an exemplary embodiment.
Detailed Description
In order to make the technical solutions in the present specification better understood by those skilled in the art, the technical solutions in the embodiments of the present specification will be clearly and completely described below with reference to the drawings in the embodiments of the present specification, and it is obvious that the described embodiments are only some embodiments of the present specification, not all embodiments. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are intended to be within the scope of the present disclosure.
It should be noted that: in other embodiments, the steps of the corresponding method are not necessarily performed in the order shown and described in this specification. In some other embodiments, the method may include more or fewer steps than described in this specification. Furthermore, individual steps described in this specification, in other embodiments, may be described as being split into multiple steps; while various steps described in this specification may be combined into a single step in other embodiments.
In order to make the technical solution in the embodiments of the present specification better understood by those skilled in the art, the related art related to the embodiments of the present specification will be briefly described below.
Hamming weight is the number of non-zero symbols in a string of symbols. That is, how many 1 s are in 8 bits of one byte. For example, the hamming weight in "01010101" is 4. In the side channel analysis algorithm, the operation of data in the cryptographic chip is completed by means of the conversion of the circuit state, however, the conversion of the circuit state is physically represented by the change of current, and the generation of current inevitably generates power consumption. The cryptographic device will also have different states of change of the corresponding logic circuits inside the chip when processing digital logic 1 and digital logic 0, and the power consumed will naturally be different. In view of this, the power consumption generated during chip operation is generally expressed by using hamming weight, and the larger the hamming weight is, the larger the power consumption generated during chip operation is.
In the process of developing an attack model, an attacked sample needs to be obtained to verify the validity of the attack model. In addition, in the process of verifying the validity of the attack model, if the attack fails, whether the attack fails due to the error of the attack logic in the attack model or the attack model is failed due to the interference means of the attacked sample cannot be judged. Thus, the validity of the attack model cannot be verified.
Based on the above, the present disclosure proposes a technical solution for simulating a power consumption curve of a device to be attacked by a simulation model to verify the effectiveness of the attack model in restoring a preset key, thereby improving the efficiency of verifying the attack model.
The following describes in detail the technical solutions provided by the embodiments of the present specification with reference to the accompanying drawings.
FIG. 1 is a flow chart of a method of verifying an attack model, shown in an exemplary embodiment, specifically comprising the steps of:
s100: and acquiring the equipment information of the equipment to be attacked, wherein the equipment information comprises a cryptographic algorithm adopted by the equipment to be attacked.
In the embodiment of the present disclosure, the execution subject of the verification method of the attack model may be an electronic device such as a server or a server cluster, or may be a virtual machine mounted on the electronic device. The technician can select a proper programming language and platform according to the service requirement, such as JAVA, c#, etc. For convenience of description, a verification method of an attack model provided in the present specification will be described below with only a server as an execution subject.
In the embodiment of the present disclosure, the server may obtain device information of a device to be attacked, where the device information includes a cryptographic algorithm adopted by the device to be attacked. The attack model mentioned here can be used for restoring the key of the device to be attacked according to the power consumption curve of the device to be attacked. The power consumption curve is a curve formed by power consumption values generated when the device to be attacked executes a plurality of intermediate calculation processes related to the key in the process of encrypting or decrypting the data on the device to be attacked based on the key.
The key may refer to a key in a symmetric algorithm or a private key in an asymmetric algorithm.
S102: selecting a simulation model corresponding to the cryptographic algorithm; the simulation model is used for simulating the power consumption curve generated in the process that the equipment to be attacked adopts the cryptographic algorithm to encrypt or decrypt the data on the equipment to be attacked.
In the process of developing an attack model, the device to be attacked needs to be acquired to verify the validity of the attack model. However, in some cases, the device to be attacked is difficult to obtain, and cannot attack the device to be attacked in time, which wastes a lot of time.
Based on the method, the server can select a simulation model corresponding to the cryptographic algorithm of the device to be attacked, and simulate the power consumption curve generated by the device to be attacked in the encryption or decryption process so as to be used for restoring the preset secret key by the subsequent attack model.
In the embodiment of the present specification, the server may select a simulation model corresponding to the cryptographic algorithm. The simulation model is used for simulating a power consumption curve generated in the process that the equipment to be attacked encrypts or decrypts the data on the equipment to be attacked by adopting a cryptographic algorithm.
Wherein the horizontal axis in the power consumption curve is used to represent the intermediate result associated with the key and the vertical axis in the power consumption curve is used to represent the hamming weight. As particularly shown in fig. 2.
FIG. 2 is a schematic diagram of a power consumption profile shown in an exemplary embodiment.
In fig. 2, the horizontal axis in the power consumption curve is used to represent intermediate results related to the key, where, for convenience of calculation and simulation of practical situations, each intermediate result may take N points, where N may be determined by a technician according to requirements. The vertical axis in the power consumption curve is used to represent the hamming weight, and the larger the hamming weight is, the larger the power consumption generated in the process of encrypting or decrypting the device to be attacked is.
S104: inputting a preset key and at least one sample data into the simulation model for simulation processing to obtain a simulation power consumption curve corresponding to the at least one sample data, and inputting each guess key corresponding to the preset key and the at least one sample data into the attack model to obtain each guess power consumption curve corresponding to the at least one sample data.
S106: and verifying the effectiveness of restoring the preset key by the attack model according to the simulated power consumption curve and each guessed power consumption curve.
In this embodiment of the present disclosure, the server may input the preset key and at least one sample data into the simulation model to perform simulation processing, to obtain a simulated power consumption curve corresponding to the at least one sample data, and input each guess key and at least one sample data corresponding to the preset key into the attack model, to obtain each guess power consumption curve corresponding to the at least one sample data.
Then, the server can verify the effectiveness of the attack model in restoring the preset key according to the simulated power consumption curve and each guess power consumption curve.
The file format for storing the generated power consumption profile is a trs file.
In practical applications, the power consumption curve generated by encrypting the data by the device to be attacked is different from the power consumption curve generated by decrypting the encrypted data. Based on the above, the simulation model needs to set an encryption mode and a decryption mode, the encryption mode of the simulation model is used for simulating a power consumption curve generated by encrypting the data by the device to be attacked, and the decryption mode of the simulation model is used for simulating the power consumption curve generated by decrypting the encrypted data.
The attack model may then set the same mode of operation as the simulation model to recover the key.
In the embodiment of the present specification, the operation mode of the simulation model includes an encryption mode, and the operation mode of the attack model includes an encryption mode.
If it is determined that the device to be attacked encrypts the data by using the cryptographic algorithm, the server may input the preset key and at least one plaintext data into a simulation model with an encryption mode as a working mode to obtain a simulated power consumption curve corresponding to the at least one plaintext data, and input each guess key corresponding to the preset key and the at least one plaintext data into an attack model with the encryption mode as the working mode to obtain each guess power consumption curve corresponding to the at least one plaintext data.
Then, the server may verify the validity of the attack model to restore the preset key according to the simulated power consumption curve corresponding to the at least one plaintext data and each guess power consumption curve corresponding to the at least one plaintext data.
Likewise, the operational modes of the simulation model include a decryption mode, and the operational modes of the attack model include a decryption mode.
If it is determined that the device to be attacked decrypts the data by using the cryptographic algorithm, the server may input the preset key and at least one piece of encrypted data into a simulation model with a working mode being a decryption mode, to obtain a simulated power consumption curve corresponding to at least one piece of encrypted data, and input each guess key corresponding to the preset key and at least one piece of encrypted data into an attack model with a working mode being a decryption mode, to obtain each guess power consumption curve corresponding to at least one piece of encrypted data.
The server may then verify the validity of the attack model to recover the preset key based on the simulated power consumption curve corresponding to the at least one encrypted data and the respective guessed power consumption curves corresponding to the at least one encrypted data.
Since a cryptographic algorithm has a plurality of intermediate results associated with the key in the process of encrypting or decrypting the data. However, the security protection means of the device to be attacked may cause that the attack model cannot obtain a part of the intermediate result related to the key or a part of the intermediate result related to the key is disturbed, and then the effect of the part of the intermediate result related to the key for verifying the validity of the attack model is poor.
Based on this, the server may select an intermediate result that can be used to verify the validity of the attack model from among a plurality of intermediate results related to the key.
In the embodiment of the present specification, the server may determine the intermediate result related to the key from among several intermediate calculation processes related to the key performed by the device to be attacked using the cryptographic algorithm.
The server may then select at least one target intermediate result from the key-dependent intermediate results corresponding to the cryptographic algorithm.
Then, the server may input the preset key and at least one sample data into the simulation model to perform simulation processing, to obtain a simulated power consumption curve corresponding to the at least one sample data and including at least one target intermediate result, and input each guess key corresponding to the preset key and at least one sample data into the attack model, to obtain each guess power consumption curve corresponding to the at least one sample data and including at least one target intermediate result.
In the embodiment of the present disclosure, the simulation model includes a plurality of service options to generate power consumption curves for simulating different devices to be attacked. As particularly shown in fig. 3.
FIG. 3 is a schematic diagram illustrating a control interface of a simulation model in accordance with an exemplary embodiment.
In fig. 3, the operation modes of the simulation model include an encryption mode and a decryption mode. Model types of simulation models include hamming weight models, single bit models, multi-bit models, and the like. The intermediate results of the simulation model include N intermediate results. The technician can determine the working model, model type and intermediate result of the simulation model according to the equipment information and business requirements of the equipment to be attacked. Wherein a single bit model may be used to determine if one bit of the intermediate result is a 1, thereby generating a power consumption curve. The multi-bit model may be used to determine whether the multiple bits of the intermediate result are 1, thereby generating a power consumption curve.
Further, the server may receive the input preset key and the number of sample data, and obtain a simulated power consumption curve corresponding to the number of sample data.
For example, the working mode of the simulation model is an encryption mode, the model type is a hamming weight model, the intermediate result is intermediate result 1 and intermediate result 2, the received input preset key is AAAA, the number of sample data is 100, and the simulation model can generate 100 simulated power consumption curves generated in the process of encrypting plaintext data by adopting AAAA. The horizontal axis of the simulated power consumption curve is the intermediate result 1 and the intermediate result 2, and the vertical axis of the simulated power consumption curve is the hamming weight. Wherein the sample data may be randomly generated plaintext data.
In embodiments of the present description, the cryptographic algorithm may include: SM1, SM2, SM3-HMAC, SM4, SM7, SM9, DES, AES, RSA, ECC, SHA-HMAC. Next, a verification method of an attack model provided in the present specification will be described by taking an SM4 algorithm as an example.
The SM4 algorithm is a block cipher algorithm, the block length is 128 bits, the key length is 128 bits, and the encryption algorithm and the key expansion algorithm both adopt a 32-round nonlinear iteration structure. The encryption algorithm is the same as the decryption algorithm except that the round keys are used in reverse order.
First, the packet length of the SM4 algorithm is 4 words, and it is assumed that the input plaintext data is (X 0 ,X 1 ,X 2 ,X 3 ). Wherein X is i May be used to represent a 32-bit word. The SM4 algorithm performs 32 rounds of iterations on this 4-word plaintext data. Each round of round iteration requires a 1-word round key, a total of 32 round keys, denoted (rk 0 ,rk 1 ,…,rk 31 ). The round function is F (X) i ,X i+1 ,X i+2 ,X i+3 ,rk i )。
The first round of iteration is then performed using the first 4-word plaintext (X 0 ,X 1 ,X 2 ,X 3 ) And the round key of the first round (rk 0 ) Calculate the 5 th word X 4 =F(X 0 ,X 1 ,X 2 ,X 3 ,rk 0 ). The second iteration is to calculate the 6 th word X 5 =F(X 1 ,X 2 ,X 3 ,X 4 ,rk 1 ) Similarly, X 4+i =F(X i ,X i+1 ,X i+2 ,X i+3 ,rk i ). Obtain 36 words (X) 0 ,X 1 ,X 2 ,X 3 ,…,X 33 ,X 34 ,X 35 )。
Finally, the four words (X) 32 ,X 33 ,X 34 ,X 35 ) The reverse order is performed to obtain encrypted data (Y 0 ,Y 1 ,Y 2 ,Y 3 )=(X 35 ,X 34 ,X 33 ,X 32 )。
Wherein the operation to be executed in the round function is F (X i ,X i+1 ,X i+2 ,X i+3 ,rk i )=X i ⊕T(X i+1 ⊕X i+2 ⊕X i+3 ⊕rk i ). T may be used to represent a synthetic permutation, including nonlinear transforms and linear transforms. The nonlinear transformation may be referred to as an S-box transformation. Linear transformation may refer to cyclic left shift. Further, since one 1-word round key is required for each round in 32 rounds of iterations, a total of 32 1-word round keys are required. The server can expand the 4-word key through a key expansion algorithm to obtain 32 1-word round keys.
It can be seen that the intermediate results related to the key in the SM4 algorithm may include: s-box output results, wheel output results, shift output results, etc.
In practical application, in order to improve security, the device to be attacked performs exclusive-or on a random number and plaintext data, and encrypts the exclusive-or plaintext data, which results in a different power consumption curve from the power consumption curve obtained by encrypting the plaintext data by the device to be attacked, so that the attack model cannot restore the preset secret key. And the input result and the output result are exclusive-or, so that the interference of random numbers can be removed.
Thus, the intermediate results related to the key in the SM4 algorithm may also include: the S box input result is exclusive-or with the S box output result, the S box output result is exclusive-or with the round input result, the round output result is exclusive-or with the S box input result, etc.
It should be noted that, due to the different encryption or decryption processes of the different cryptographic algorithms, the different cryptographic algorithms have different intermediate results related to the key, that is, the intermediate results related to the key that may be selected in the simulation model corresponding to the different cryptographic algorithms are also different.
Further, plaintext data and encrypted data are recorded in the simulated power consumption curve, and after the simulated power consumption curve and each guessed power consumption curve are obtained, the server can perform power consumption analysis on the simulated power consumption curve and each guessed power consumption curve according to a side channel analysis algorithm corresponding to the simulation model, so as to obtain a prediction key. It is determined whether the predictive key is the same as the preset key. If so, the attack model is validated. If not, the verification attack model is invalid. The side channel analysis algorithm may include: correlated energy attacks (Connectional Power Analysis, CPA), differential energy attacks (Differential Power Analysis, DPA), etc.
For example, the server may perform power consumption analysis on the simulated power consumption curve and each guess power consumption curve that is identical to the plaintext data of the simulated power consumption curve but randomly generated by the guess key according to the CPA algorithm to obtain the predicted key.
The method can be used for obtaining the cryptographic algorithm of the equipment to be attacked and selecting the simulation model corresponding to the cryptographic algorithm. And then, inputting the preset key and at least one sample data into a simulation model for simulation processing to obtain a simulation power consumption curve corresponding to the at least one sample data, and inputting each guess key and the at least one sample data corresponding to the preset key into an attack model to obtain each guess power consumption curve corresponding to the at least one sample data. And finally, verifying the effectiveness of restoring the attack model to the preset key according to the simulated power consumption curve and each guess power consumption curve. The method can simulate the power consumption curve of the equipment to be attacked through the simulation model, and can verify the effectiveness of the attack model in restoring the preset secret key before the equipment to be attacked is obtained.
Corresponding to the embodiment of the verification method of the attack model, the specification also provides an embodiment of a verification device of the attack model.
Referring to fig. 4, fig. 4 is a block diagram of an electronic device where an attack model verification apparatus is shown in an exemplary embodiment. At the hardware level, the device includes a processor 402, an internal bus 404, a network interface 406, a memory 408, and a non-volatile storage 410, although other hardware requirements are possible. One or more embodiments of the present description may be implemented in a software-based manner, such as by the processor 402 reading a corresponding computer program from the non-volatile memory 410 into the memory 408 and then running. Of course, in addition to software implementation, one or more embodiments of the present disclosure do not exclude other implementation manners, such as a logic device or a combination of software and hardware, etc., that is, the execution subject of the following processing flow is not limited to each logic unit, but may also be hardware or a logic device.
Referring to fig. 5, fig. 5 is a block diagram illustrating a verification apparatus of an attack model according to an exemplary embodiment. The verification device of the attack model can be applied to the electronic equipment shown in fig. 4 to realize the technical scheme of the specification. The verification device of the attack model may include:
the obtaining module 500 is configured to obtain device information of the device to be attacked, where the device information includes a cryptographic algorithm adopted by the device to be attacked;
a selecting module 502, configured to select a simulation model corresponding to the cryptographic algorithm; the simulation model is used for simulating the power consumption curve generated in the process that the equipment to be attacked adopts the cryptographic algorithm to encrypt or decrypt the data on the equipment to be attacked;
the input module 504 is configured to input a preset key and at least one sample data into the simulation model for simulation processing, obtain a simulated power consumption curve corresponding to the at least one sample data, and input each guess key corresponding to the preset key and the at least one sample data into the attack model, obtain each guess power consumption curve corresponding to the at least one sample data;
And the verification module 506 is configured to verify the attack model according to the simulated power consumption curve and the guessed power consumption curve.
Optionally, the working mode of the simulation model includes an encryption mode, the working mode of the attack model includes an encryption mode, and the input module 504 is specifically configured to, if it is determined that the device to be attacked encrypts data by using the cryptographic algorithm, input a preset key and at least one plaintext data into the simulation model whose working mode is the encryption mode, obtain a simulated power consumption curve corresponding to the at least one plaintext data, input each guess key corresponding to the preset key and the at least one plaintext data into the attack model whose working mode is the encryption mode, obtain each guess power consumption curve corresponding to the at least one plaintext data, and verify the validity of the attack model for recovering the preset key according to the simulated power consumption curve corresponding to the at least one plaintext data and each guess power consumption curve corresponding to the at least one plaintext data.
Optionally, the working mode of the simulation model includes a decryption mode, the working mode of the attack model includes a decryption mode, and the input module 504 is specifically configured to, if it is determined that the device to be attacked decrypts data by using the cryptographic algorithm, input a preset key and at least one piece of encrypted data into the simulation model whose working mode is the decryption mode, obtain a simulated power consumption curve corresponding to the at least one piece of encrypted data, input each guess key and the at least one piece of encrypted data corresponding to the preset key into the attack model whose working mode is the decryption mode, obtain each guess power consumption curve corresponding to the at least one piece of encrypted data, and verify the validity of the attack model for recovering the preset key according to the simulated power consumption curve corresponding to the at least one piece of encrypted data and each guess power consumption curve corresponding to the at least one piece of encrypted data.
Optionally, a horizontal axis in the power consumption curve is used to represent an intermediate result related to the key, and a vertical axis in the power consumption curve is used to represent hamming weight.
Optionally, the input module 504 is specifically configured to determine an intermediate result related to the key from among a plurality of intermediate computing processes performed by the device to be attacked and related to the key by using the cryptographic algorithm, select at least one target intermediate result from among the intermediate results related to the key and corresponding to the cryptographic algorithm, input a preset key and at least one sample data into the simulation model for simulation processing, obtain a simulated power consumption curve corresponding to the at least one sample data and including the at least one target intermediate result, and input each guess key corresponding to the preset key and the at least one sample data into the attack model, and obtain each guess power consumption curve corresponding to the at least one sample data and including the at least one target intermediate result.
Optionally, the verification module 506 is specifically configured to perform power consumption analysis on the simulated power consumption curve and each guessed power consumption curve according to a side channel analysis algorithm corresponding to the simulation model, to obtain a predicted key, and determine whether the predicted key is the same as the preset key; if yes, verifying that the attack model is valid; if not, verifying that the attack model is invalid.
Optionally, the cryptographic algorithm includes: SM1, SM2, SM3-HMAC, SM4, SM7, SM9, DES, AES, RSA, ECC, SHA-HMAC.
The implementation process of the functions and roles of each unit in the above device is specifically shown in the implementation process of the corresponding steps in the above method, and will not be described herein again.
For the device embodiments, reference is made to the description of the method embodiments for the relevant points, since they essentially correspond to the method embodiments. The apparatus embodiments described above are illustrative only, in that the elements illustrated as separate elements may or may not be physically separate, and the elements shown as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purposes of the present description. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
The system, apparatus, module or unit set forth in the above embodiments may be implemented in particular by a computer chip or entity, or by a product having a certain function. A typical implementation device is a computer, which may be in the form of a personal computer, laptop computer, cellular telephone, camera phone, smart phone, personal digital assistant, media player, navigation device, email device, game console, tablet computer, wearable device, or a combination of any of these devices.
In a typical configuration, a computer includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, read only compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic disk storage, quantum memory, graphene-based storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by the computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.
User information (including but not limited to user equipment information, user personal information, etc.) and data (including but not limited to data for analysis, stored data, presented data, etc.) referred to herein are both user-authorized or fully authorized information and data by parties, and the collection, use and processing of relevant data requires compliance with relevant laws and regulations and standards of the relevant country and region, and is provided with corresponding operation portals for user selection of authorization or denial.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.
The foregoing describes specific embodiments of the present disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims can be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
The terminology used in the one or more embodiments of the specification is for the purpose of describing particular embodiments only and is not intended to be limiting of the one or more embodiments of the specification. As used in this specification, one or more embodiments and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any or all possible combinations of one or more of the associated listed items.
It should be understood that although the terms first, second, third, etc. may be used in one or more embodiments of the present description to describe various information, these information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of one or more embodiments of the present description. The word "if" as used herein may be interpreted as "at … …" or "at … …" or "responsive to a determination", depending on the context.
The foregoing description of the preferred embodiment(s) is (are) merely intended to illustrate the embodiment(s) of the present invention, and it is not intended to limit the embodiment(s) of the present invention to the particular embodiment(s) described.
Claims (10)
1. The verification method of the attack model is used for restoring the key of the equipment to be attacked according to the power consumption curve of the equipment to be attacked; the power consumption curve is a curve formed by power consumption values generated when the device to be attacked executes a plurality of intermediate calculation processes related to the key in the process of encrypting or decrypting the data on the device to be attacked based on the key, and the curve comprises:
acquiring equipment information of the equipment to be attacked, wherein the equipment information comprises a cryptographic algorithm adopted by the equipment to be attacked;
selecting a simulation model corresponding to the cryptographic algorithm; the simulation model is used for simulating the power consumption curve generated in the process that the equipment to be attacked adopts the cryptographic algorithm to encrypt or decrypt the data on the equipment to be attacked;
Inputting a preset key and at least one sample data into the simulation model for simulation processing to obtain a simulation power consumption curve corresponding to the at least one sample data, and inputting each guess key corresponding to the preset key and the at least one sample data into an attack model to obtain each guess power consumption curve corresponding to the at least one sample data;
and verifying the effectiveness of restoring the preset key by the attack model according to the simulated power consumption curve and each guessed power consumption curve.
2. The method of claim 1, the operational mode of the simulation model comprising an encryption mode, the operational mode of the attack model comprising an encryption mode;
inputting a preset key and at least one sample data into the simulation model for simulation processing to obtain a simulation power consumption curve corresponding to the at least one sample data, and inputting each guess key corresponding to the preset key and the at least one sample data into an attack model to obtain each guess power consumption curve corresponding to the at least one sample data, wherein the simulation power consumption curve comprises the following steps:
if the equipment to be attacked is determined to encrypt data by adopting the cryptographic algorithm, inputting a preset secret key and at least one plaintext data into a simulation model with an encryption mode as a working mode to obtain a simulation power consumption curve corresponding to the at least one plaintext data, and inputting each guess secret key corresponding to the preset secret key and the at least one plaintext data into an attack model with the encryption mode as the working mode to obtain each guess power consumption curve corresponding to the at least one plaintext data;
According to the simulated power consumption curves and the guessed power consumption curves, verifying the validity of the attack model for restoring the preset secret key, wherein the verifying comprises the following steps:
and verifying the validity of the attack model for restoring the preset secret key according to the simulated power consumption curve corresponding to the at least one plaintext data and each guess power consumption curve corresponding to the at least one plaintext data.
3. The method of claim 1, the operational mode of the simulation model comprising a decryption mode, the operational mode of the attack model comprising a decryption mode;
inputting a preset key and at least one sample data into the simulation model for simulation processing to obtain a simulation power consumption curve corresponding to the at least one sample data, and inputting each guess key corresponding to the preset key and the at least one sample data into an attack model to obtain each guess power consumption curve corresponding to the at least one sample data, wherein the simulation power consumption curve comprises the following steps:
if the equipment to be attacked is determined to decrypt the data by adopting the cryptographic algorithm, inputting a preset secret key and at least one piece of encrypted data into a simulation model with a working mode being a decryption mode, obtaining a simulation power consumption curve corresponding to the at least one piece of encrypted data, and inputting each guess secret key corresponding to the preset secret key and the at least one piece of encrypted data into an attack model with the working mode being the decryption mode, obtaining each guess power consumption curve corresponding to the at least one piece of encrypted data;
According to the simulated power consumption curves and the guessed power consumption curves, verifying the validity of the attack model for restoring the preset secret key, wherein the verifying comprises the following steps:
and verifying the validity of the attack model for restoring the preset key according to the simulated power consumption curve corresponding to the at least one piece of encrypted data and each guess power consumption curve corresponding to the at least one piece of encrypted data.
4. The method of claim 1, wherein a horizontal axis in the power consumption curve is used to represent intermediate results related to the key, and wherein a vertical axis in the power consumption curve is used to represent hamming weight.
5. The method of claim 1, inputting a preset key and at least one sample data into the simulation model for simulation processing to obtain a simulated power consumption curve corresponding to the at least one sample data, and inputting each guess key corresponding to the preset key and the at least one sample data into an attack model to obtain each guess power consumption curve corresponding to the at least one sample data, comprising:
determining an intermediate result related to the key from a plurality of intermediate calculation processes related to the key, which are executed by the equipment to be attacked by adopting the cryptographic algorithm;
Selecting at least one target intermediate result from intermediate results associated with the key corresponding to the cryptographic algorithm;
inputting a preset key and at least one sample data into the simulation model for simulation processing to obtain a simulation power consumption curve corresponding to the at least one sample data and containing at least one target intermediate result, and inputting each guess key corresponding to the preset key and the at least one sample data into the attack model to obtain each guess power consumption curve corresponding to the at least one sample data and containing at least one target intermediate result.
6. The method of claim 1, wherein verifying the validity of the attack model to recover the preset key based on the simulated power consumption curves and the guessed power consumption curves comprises:
performing power consumption analysis on the simulation power consumption curves and the guess power consumption curves according to a side channel analysis algorithm corresponding to the simulation model to obtain a predictive key, and determining whether the predictive key is identical to the preset key; if yes, verifying that the attack model is valid; if not, verifying that the attack model is invalid.
7. The method of claim 1, the cryptographic algorithm comprising: SM1, SM2, SM3-HMAC, SM4, SM7, SM9, DES, AES, RSA, ECC, SHA-HMAC.
8. The verification device of the attack model is used for restoring the key of the equipment to be attacked according to the power consumption curve of the equipment to be attacked; the power consumption curve is a curve formed by power consumption values generated when the device to be attacked executes a plurality of intermediate calculation processes related to the key in the process of encrypting or decrypting the data on the device to be attacked based on the key, and the curve comprises:
the acquisition module is used for acquiring equipment information of the equipment to be attacked, wherein the equipment information comprises a cryptographic algorithm adopted by the equipment to be attacked;
the selecting module is used for selecting a simulation model corresponding to the cryptographic algorithm; the simulation model is used for simulating the power consumption curve generated in the process that the equipment to be attacked adopts the cryptographic algorithm to encrypt or decrypt the data on the equipment to be attacked;
the input module is used for inputting a preset secret key and at least one sample data into the simulation model for simulation processing to obtain a simulation power consumption curve corresponding to the at least one sample data, and inputting each guess secret key corresponding to the preset secret key and the at least one sample data into the attack model to obtain each guess power consumption curve corresponding to the at least one sample data;
And the verification module is used for verifying the attack model according to the simulated power consumption curve and the guessed power consumption curve.
9. An electronic device comprises a communication interface, a processor, a memory and a bus, wherein the communication interface, the processor and the memory are connected with each other through the bus;
the memory stores machine readable instructions, the processor executing the method of any of claims 1 to 7 by invoking the machine readable instructions.
10. A machine-readable storage medium storing machine-readable instructions which, when invoked and executed by a processor, implement the method of any one of claims 1 to 7.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311147795.4A CN117278195A (en) | 2023-09-06 | 2023-09-06 | Verification method and device for attack model |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311147795.4A CN117278195A (en) | 2023-09-06 | 2023-09-06 | Verification method and device for attack model |
Publications (1)
Publication Number | Publication Date |
---|---|
CN117278195A true CN117278195A (en) | 2023-12-22 |
Family
ID=89205356
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202311147795.4A Pending CN117278195A (en) | 2023-09-06 | 2023-09-06 | Verification method and device for attack model |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN117278195A (en) |
-
2023
- 2023-09-06 CN CN202311147795.4A patent/CN117278195A/en active Pending
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Guo et al. | A key-recovery timing attack on post-quantum primitives using the Fujisaki-Okamoto transformation and its application on FrodoKEM | |
EP2526505B1 (en) | Device and method for obtaining a cryptographic key | |
JP5306465B2 (en) | Pre-calculation of message authentication code applied to secure memory | |
US8804954B2 (en) | Secure method for reconstructing a reference measurement of a confidential datum on the basis of a noisy measurement of this datum, notably for the generation of cryptographic keys | |
Backlund et al. | Secret key recovery attack on masked and shuffled implementations of CRYSTALS-Kyber and Saber | |
KR101942030B1 (en) | Electronic device for performing code-based encryption supporting integrity verification of a message and operating method thereof | |
US20220085999A1 (en) | System and method to optimize decryption operations in cryptographic applications | |
US20220085998A1 (en) | System and method to generate prime numbers in cryptographic applications | |
CN110190951B (en) | Power consumption attack method and system for DES algorithm L register turning | |
CN108111622A (en) | A kind of method, apparatus and system for downloading whitepack library file | |
CN108134673A (en) | A kind of method and device for generating whitepack library file | |
CN110855667A (en) | Block chain encryption method, device and system | |
US20200026583A1 (en) | Automatic correction of cryptographic application program interfaces | |
US12052348B2 (en) | Computation device using shared shares | |
Fahr | The Effects of Side-Channel Attacks on Post-Quantum Cryptography: Influencing FrodoKEM Key Generation Using the Rowhammer Exploit | |
CN110263547B (en) | Method and device for realizing dynamic encryption based on contract state modification sequence | |
JP5945525B2 (en) | KEY EXCHANGE SYSTEM, KEY EXCHANGE DEVICE, ITS METHOD, AND PROGRAM | |
Zhang et al. | Side‐Channel Attacks and Countermeasures for Identity‐Based Cryptographic Algorithm SM9 | |
CN117278195A (en) | Verification method and device for attack model | |
Oder | Efficient and side-channel resistant implementation of lattice-based cryptography | |
CN112906059B (en) | Proxy signature and verification method, device, system and storage medium | |
CN116170185A (en) | Data encryption method and device, processor and electronic equipment | |
CN113475034B (en) | Circuit compiling apparatus and circuit evaluating apparatus | |
CN108574566A (en) | A kind of whitepack encipher-decipher method, device and storage medium | |
KR20140028233A (en) | Homomorphic encryption and decryption method using chinese remainder theorem and apparatus using the same |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |