%0 Journal Article %T 改进的SM4算法的选择明文DPA攻击<br>Improved chosen-plaintext DPA on block cipher SM4 %A 陈佳哲 %A 李贺鑫 %A 王蓓蓓 %J 清华大学学报(自然科学版) %D 2017 %R 10.16511/j.cnki.qhdxxb.2017.26.056 %X 侧信道攻击,特别是差分功耗分析(differential power analysis,DPA)是对芯片中运行的分组密码算法进行安全性分析的主要手段之一。该文主要研究针对硬件实现的SM4算法的DPA攻击。合理地对明文进行选择,可以使SM4线性变换层有变化的输入比特尽可能少地影响输出比特,从而对硬件实现的SM4算法进行有效的侧信道攻击。通过分析线性变换层的比特关系,该文发现了选择明文模型下8个比特依赖关系。在此基础上,将这些比特依赖关系结合已有的比特关系,建立分析模型、更充分地利用轮输出的比特信息,对现有的SM4选择明文DPA攻击进行了改进。实验结果表明:该方法能有效提高SM4算法选择明文DPA攻击的成功率。<br>Abstract:Since differential power analysis (DPA) is one of most important side-channel attacks on block ciphers implemented in chips, this paper revisits the DPA attack on hardware-implemented SM4. Reasonably choosing the plaintexts minimizes the affection of the variable input bits on the output bits, of the linear transformation of SM4, which leads to effective side-channel attacks on SM4. This paper deduces 8 bit-relationship in the chosen-plaintext setting by going into the linear transformation of SM4. Incorporating the bit-relationship with the known ones, this paper improves the previous chosen-plaintext DPA attacks on SM4, by proposing an analyzing module that makes better use of the side-channel information of the round-output bits. Experimental results show that the proposed manner improves the success rate of the chosen-plaintext DPA attacks on SM4. %K 分组密码算法 %K 侧信道分析 %K SM4算法 %K 选择明文 %K 差分功耗分析(DPA) %K < %K br> %K Block ciphers %K side-channel analysis %K SM4 cipher %K chosen-plaintext %K differential power analysis(DPA) %U http://jst.tsinghuajournals.com/CN/Y2017/V57/I11/1134