跳到主要內容

臺灣博碩士論文加值系統

(3.229.137.68) 您好!臺灣時間:2021/07/25 16:23
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

: 
twitterline
研究生:楊士賢
研究生(外文):Shih Hsien Yang
論文名稱:能抵擋電力分析攻擊之密碼硬體設計與實作
論文名稱(外文):Design and Implementation of DPA-Resistant Cryptographic Hardware
指導教授:林寬仁林寬仁引用關係
指導教授(外文):Kuan Jen Lin
學位類別:碩士
校院名稱:輔仁大學
系所名稱:電子工程學系
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2007
畢業學年度:95
語文別:英文
論文頁數:46
中文關鍵詞:電力分析攻擊密碼硬體電路
外文關鍵詞:Differential Power AnalysisCryptographic Hardware
相關次數:
  • 被引用被引用:1
  • 點閱點閱:146
  • 評分評分:
  • 下載下載:19
  • 收藏至我的研究室書目清單書目收藏:0
具有加解密功能之嵌入式系統,在加解密演算的過程中,攻擊者可搜集側漏的電力資訊,透過差異電力分析 (Differential Power Analysis),快速地破解其密碼。在本篇論文中,我們提出一個 Pre-Charge Masked Reed-Muller Logic (PMRML) 的邏輯設計方法,克服系統因為Glitch和Dissipation Timing Skew (DTS) 的現象,造成密碼硬體電路降低抵抗DPA攻擊的能力。PMRML可以完全使用一般的CMOS標準元件資料庫來實現,且因為任何的布林函數 (Boolean Function) 皆可化簡成 Reed-Muller的形式,所以PMRML可用於實現所有的函數。我們已完成一個AES加密晶片之設計,它有兩種工作模式,一者係在未加防護DPA攻擊機制,另者係基於PMRML之防護機制下運作。完成佈局設計後的實驗結果顯示PMRML邏輯設計方法,係可行並能產出精簡之電路。
Cryptographic embedded systems are vulnerable to Differential Power Analysis (DPA) attacks. In this thesis, we propose a logic design style, called as Pre-charge Masked Reed-Muller Logic (PMRML) to overcome the glitch and Dissipation Timing Skew (DTS) problems in design of DPA-resistant cryptographic hardware. Both problems can significantly reduce the DPA-resistance. The PMRML design can be fully realized using common CMOS standard cell libraries. Furthermore, it can be used to implement universal functions since any Boolean function can be represented as the Reed-Muller form. Using PMRML, we implemented an AES encryption module that provides two operation modes: one works without countermeasure against DAP attacks and the other with the PMRML-based countermeasure. The post-layout experimental results show the efficiency and effectiveness of the PMRML design methodology.
Abstract (in Chinese)....................................i
Abstract ...............................................ii
Acknowledgement........................................iii
Contents ...............................................iv
List of Tables .........................................vi
List of Figures .......................................vii
1 Introduction ..........................................1
1.1 Differential Power Analysis Attack ..................1
1.2 Related Works .......................................2
1.3 Purpose of This Thesis ..............................3
1.4 Organization ........................................4
2 AES Algorithm and Hardware Implementation .............5
2.1 The Mathematics of GF(28) ...........................5
2.2 AES Algorithm .......................................8
2.3 AES Key Expansion...................................12
2.4 The AES Hardware Implementation.....................13
3 DPA-Resistance........................................16
3.1 DPA Attacks ........................................16
3.2 Masking.............................................18
3.3 Glitches and Dissipation timing skews...............20
3.4 DPA Resistance......................................23
4 Pre-charge Masked Reed-Muller Logic (PMRML)...........25
4.1 PMRML Structure.....................................25
4.2 Multi-Stage PMRML Design............................29
4.3 Optimal Stage Partition.............................31
5 Experimental Results..................................33
5.1 AES Hardware Implementation using PMRML.............33
5.1 Chip Implementation.................................37
5.2 Experimental Results................................38
6 Conclusions...........................................42
References..............................................43
[1]M. L. Akkar and C. Giraud, “An Implementation of DES and AES, Secure against Some Attacks,” CHES, LNCS, vol. 2162, pp. 309-318, 2001.
[2]ASIM J. AL-KHALILI, “A Controlled Probability Random Pulse Generator
Suitable for VLSI Implementation,” IEEE Transactions on Instrumentation and Measurement, vol. 39, no.1, Feb. 1990.
[3]Z. Cheng and Y. Zhou, “Dual-Rail Random Switching Logic: A Countermeasure Free of Output Transition Leakage,” CHES, LNCS, vol. 4249, pp. 242-254, 2006.
[4]M. Davio, J.P. Deschamps and A. Thayse, Discrete and Switching Functions, McGraw-Hill, 1978.
[5]W. Fischer and B. M. Gammel, “Masking at Gate Level in the Presence of Glitches,” CHES, LNCS 3659, pp. 187-200, 2005.
[6]J. D. Golić and R. Menicocci, “Universal Masking on Logic Gate Level,” Electronics Letters, vol. 40, pp. 526-527, 2004.
[7]J. D. Golic and C. Tymen, “Multiplicative Masking and Power Analysis of AES,” CHES, LNCS, vol. 2523, pp. 198-212, 2003.
[8]P. Kocher, J. Jaffe and B. Jun, “Differential Power Analysis,” Advances in Cryptology – CRYPTO, LNCS, vol. 1666, pp. 388-397, 1999.
[9]K. J. Kulikowski, M. Su, A. B. Smirnov, A. Taubin, M. G. Karpovsky and D. MacDonald, “Delay Insensitive Encoding and Power Analysis: A Balancing Act,” ASYNC, pp. 116-125, 2005.
[10]R. Lidl, H. Niederreiter, Introduction to Finite Fields and Their Application, Cambridge University Press, New York, 1994.
[11]K. J. Lin, S. C. Fang, S. H. Yang and C. C. Lo, “Overcoming Glitches and Dissipation Timing Skews in Design of DPA-Resistant Cryptographic Hardware,” IEEE/ACM DATE, Nice, 2007.
[12]S. Mangard, M. Aigner and S. Dominikus, “A Highly Regular and Scalable AES Hardware Architecture,” IEEE Transactions On Computer, vol. 52, pp. 483-491, Apr. 2003.
[13]S. Mangard, E. Oswald and T. Popp, Power Analysis Attacks – Revealing the Secrets of Smart Cards, Springer, 2007.
[14]S. Mangard, T. Popp, and B. Gammel, “Side-Channel Leakage of Masked CMOS Gates,” CT-RSA, LNCS 3376, pp. 351-365, 2005.
[15]T. S. Messerges, E. A. Dabbish and R. H. Sloan, “Examining smart-card security under the thread of power analysis attacks,” IEEE TC, vol. 51, No. 5, pp. 541-552, 2002.
[16]S. Morioka and A. Satoh, “An Optimized S-Box Circuit Architecture for Low Power AES Design,” CHES, LNCS, vol. 2523, pp. 172-186, 2003.
[17]NIST, “Advanced Encryption Standard (AES),” FIPS PUBS 197, Nov. 2001.
[18]T. Popp and S. Mangard, “Masked Dual-Rail Pre-charge Logic: DPA-Resistance Without Routing Constraints,” CHES, pp. 172-186, 2005.
[19]A. Rudra, P. K. Dubey, C. S. Jutla, V. Kumar, J. R. Rao and P. Rohatgi, “Efficient Rijndael Encryption Implementation with Composite Field Arithmetic,” CHES, LNCS, vol. 2162, pp. 171-184, 2001.
[20]H. Saputra, N. Vijaykrishnan, M. Kandemir, M. J. Irwin, R. Brooks, S. Kim and W. Zhang, “Masking the Energy Behavior of DES Encryption,” DATE, pp. 84-89, 2003.

[21]A. Satoh, S. Morioka, K. Takano and S. Munetoh, “A Compact Rijndael Hardware Architecture with S-Box Optimization,” ASIACRYPT, LNCS, vol. 2248, pp. 239-254, 2001.
[22]K. Schramm, “Advanced Methods in Side Channel Cryptanalysis,” Ph.D. Thesis, Department for Electrical Engineering and Information Technology, University of Bochum, Germany, 2006.
[23]C. P. Su, T. F. Lin, C. T. Huang and C. W. Wu, “A High-Throughput Low-Cost AES Processor,” IEEE Communications Magazine, vol. 41, Issue 12, pp. 86-91, Dec. 2003.
[24]B. Sunar, W. J. Martin and D. R. Stinson, “A Provably Secure True Random Number generator with Built-In Tolerance to Active Attacks,” pp. 109-119, 2007.
[25]D. Suzuki and M. Saeki, “Security Evaluation of DPA Countermeasures Using Dual-Rail Pre-charge Logics,” CHES, LNCS, vol. 4249, pp. 255-269, 2006.
[26]D. Suzuki, M. Saeki and T. Ichikaw, “Random Switching Logic: A Countermeasure against DPA based on Transition Probability,” Cryptology ePrint Archive, Report 2004-346, http://eprint.iacr.org/, 2004.
[27]K. Tiri, D. Hwang, A. Hodjat, B. Lai, S. Yang, P. Schaumont and I. Verbauwhede, “A Side-Channel Leakage Free Coprocessor IC in 0.18μm CMOS for Embedded AES-based Cryptographic and Biometric Processing,” DAC, Jun. 2005.
[28]E. Trichina and T. Korkishko, “Secure AES Hardware Module for Resource Constrained Devices,” ESAS, LNCS, vol. 3313, pp. 215-229, 2005.
[29]E. Trichina, D. D. Seta and L. Germani, “Simplified Adaptive Multiplicative Masking for AES,” CHES, LNCS, vol. 2523, pp. 187-197, 2003.
[30]Neal R. Wagner, “The Laws of Cryptography: The Finite Field GF (28),” http://www.cs.utsa.edu/~wagner/laws/FFM.html, 2001.
[31]J. Wolkerstorfer, E. Oswald and M. Lamberger, “An ASIC implementation of the AES SBoxes,” CT-RSA, LNCS, vol. 2271, pp. 67-78, 2002.
[32]X. Zhang and K. K. Parhi, “High-Speed VLSI Architectures for the AES Algorithm,” IEEE Transactions on VLSI Systems, vol. 12, Issue 9, pp. 957-967, Sep. 2004.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
1. 朱惠芳(1998)。多元化的國小自然科資源。研習資訊,15(13),1-34。
2. 張廣義(2003)。讀杜威「經驗與教育」一書、思我國九年一貫。教育資料與研究,50,78-73。
3. 施冠慨(1991)。系統化教學設計初探。國教園地,35/36,25-29。
4. 施冠慨(1990)。如何有效運用教學資源。視聽教育雙月刊,1-5。
5. 林勝義(1995)。運用社會資源之策略。社教雙月刊,70,8-10。
6. 林秀珍(2001)。「教育即生活」抑「生活即教育」?-杜威觀點的詮釋。教育研究集刊,47,1-16。
7. 陳文典(2000)。由國民中小學課程目標看--「自然與生活科技」學習領域之教學與教材。科學教育,231,40-41。
8. 陳琬琬(1997)。社區資源與國小社會科教學。國教世紀,176,39-43。
9. 曾筱雯(2003a)。社會領域教學資源運用之探討。國教輔導,42(4),11816-11819。
10. 游家政(1997)。社區資源在教學上的運用。國教園地,59/60,63-69。
11. 程健教(1992)。社會科社區資源教學研究。國教輔導,288,17-26。
12. 黃嘉勝(1995)。影響教師使用教學媒體的限制因素之研究。臺中師院學報,9,1-17。
13. 楊榮祥(1979a)。戴爾「經驗塔」-教學資源的運用原則(上)。科學教育,25,9-13。
14. 楊榮祥(1979b)。戴爾「經驗塔」-教學資源的運用原則(上)。科學教育,26,8-13。
15. 董志峰(2000)。從杜威實用主義的教育思想看未來九年一貫自然與生活科技領域中自然課程的教學與評量。國教輔導,40(1),15-19。