簡易檢索 / 詳目顯示
| 研究生: |
黃思翰 Huang, Szu-Han |
|---|---|
| 論文名稱: |
適用於橢圓曲線密碼系統之低計算複雜度暨抵抗功率攻擊演算法 Low-Complexity Countermeasure Algorithms against Power Attacks for ECC |
| 指導教授: |
謝明得
Shieh, Ming-Der |
| 學位類別: |
碩士 Master |
| 系所名稱: |
電機資訊學院 - 電機工程學系 Department of Electrical Engineering |
| 論文出版年: | 2013 |
| 畢業學年度: | 101 |
| 語文別: | 英文 |
| 論文頁數: | 56 |
| 中文關鍵詞: | 橢圓曲線密碼學 、功率分析攻擊 、防禦方法 |
| 外文關鍵詞: | elliptic curve cryptography, power analysis attacks, countermeasure |
| 相關次數: | 點閱:94 下載:1 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
在電子金融日漸發達的今日,密碼系統的安全需求與日俱增,在相同安全性前提下,公開金鑰密碼系統所需的密鑰長度遠大於密鑰密碼系統,現今主流的公開金鑰密碼系統為1024位元的RSA加密演算法,但估計在不久的將來該演算法的密鑰長度將會倍增,而橢圓曲線密碼系統可以用較短的密鑰長度達到相同的安全性。
近年來興起的旁道資訊攻擊已成為密碼系統安全防護的重要課題,其中又以功率攻擊為最常見的攻擊方式,其利用的資訊並非來自演算法本身的漏洞,而是基於設計密碼系統之硬體實現所產生的旁道資訊來破解金鑰。對此我們針對橢圓曲線密碼系統提出了兩種不同目的的防禦演算法,第一種利用隨機的方式分解密鑰,第二種則在演算法中加入隨機的延遲以達到防禦的效果,兩者皆可以達到防止簡單功率攻擊、差分功率攻擊、零值點攻擊的效果,並且和其他文獻相比在160-bit GF(p)及GF(2163)完成一次純量乘法所需的計算時間比較短。
The requirement for security communications are increasing significantly due to the frequently use of electronic business. The elliptic curve cryptography (ECC) gains benefit on key length in contrast to that in Rivest-Shamir-Adleman (RSA) cryptography, the most popular used public key cryptosystem. And the difference between key lengths grows while the security level increases.
In recent years, side channel attack becomes a major threat for cryptography. It uses information leaked while the cryptographic device is performing encryption or decryption to crack the system. And power analysis attack is the most common used. We proposed two countermeasures against several kinds of power attack. The first one is random key splitting method while the second countermeasure is random delay method. Those two countermeasures are able to prevent SPA, DPA and ZPA. And the timing overheads for scalar multiplication in both 160-bit GF(p)及GF(2163)are lower thanrelated works.
[1] N. Koblitz, “Elliptic curve cryptosystems,” Math. Computation, vol. 48, pp. 203–209, 1987.
[2] V.S. Miller, “Use of elliptic curve in cryptography,” inProc. Adv. Cryptology (Crypto), 1986, pp. 417–426.
[3] Standard Specifications or Public-key Cryptography, IEEE Standard 1363, Jan. 2000.
[4] Digital Signature Standard, FIPS Standard P186-3, Jun. 2009.
[5] R. Rivest, A. Shamir, and L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,” Commun. ACM, vol. 21, pp. 120-126, Feb. 1978.
[6] P. Kocher, J. Jaffe, and B. Jun, “Introduction to Differential Power Analysis and Related Attacks,” 1998, Available at http://www.cryptography.com/dpa/technical.
[7] P. Kocher, J. Jaffe, and B. Jun, “Differential power analysis,” in Proc. Int. Conf. Adv. Crypto., 1999, pp. 388-397.
[8] J.S. Coron, "Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems," inProc. Cryptography Hardware Embedded Syst., 1999, pp. 292-302.
[9] M. Joye and C. Tymen, "Protections against Differential Analysis for Elliptic Curve Cryptography," inProc. Cryptographic Hardware and Embedded Syst., 2001, pp. 377-390.
[10] M. Ciet and M. Joye, “(Virtually) Free RandomizationTechniques for Elliptic Curve Cryptography,” in Inf. and Comm. Security, 2003, pp. 348–359.
[11] D. Hankerson, A. Menezes, and S. Vanstone, Guide to Elliptic Curve Cryptography, Springer-Verlag, 2004.
[12] U. S. Department of Commerce, Washington, DC, “National EncryptionStandard,” 1988.
[13] Federal Information Processing Standards Publication 197, AdvancedEncryption Standard,National Institute of Standards and Technology, Nov. 2001.
[14] J. Lόpez and R. Dahab, “Improved algorithms for elliptic curve arithmetic inGF(2m),” in Proc. Selected Areas in Cryptography, 1999, pp.201-212.
[15] M. Joye and S.M. Yen, “The Montgomery powering ladder,” inProc.Cryptographic Hardware Embedded Syst.,2003, pp.291-302.
[16] J. Lόpez and R. Dahab, “Fast multiplication on elliptic curves over GF(2m)without precomputation,” inProc. Cryptographic Hardware and Embedded Syst,1999, pp. 316-327.
[17] T. Akishita and T. Takagi, "Zero-Value Point Attacks on Elliptic Curve Cryptosystem," in Inf. Security, 2003, pp. 218-233.
[18] L. Goubin, “A Refined Power-Analysis Attack on EllipticCurve Cryptosystems,” in Proc. of the 6th Int’l. Workshop on Theory and Practice in Public KeyCryptography, 2003, pp. 199–210.
[19] P. Kocher, “Timing Attacks on Implementations ofDiffie-Hellman, RSA, DSS, and Other Systems,” in Proc. Adv. Cryptology, 1996, pp. 104-113.
[20] S. Mangard, “Hardware Countermeasures against DPA - A StatisticalAnalysis of Their Effectiveness,” in Proc. Ofthe RSA Conf. 2004 Cryptographers’ Track, CT-RSA2004, 2004, pp.222-235.
[21] K. Okeya and K. Sakurai, “Power analysis breaks elliptic curve cryptosystems even secure against the timing attack,” in Progress in Cryptology—INDOCRYPT 2000, 2000, pp. 178–190.
[22] E. Brier and M. Joye,“Weierstrasselliptic curves and sidechannel attacks,”in Proc.of the 5th Int’lWorkshop on Practice and Theory in Public Key Cryptosystems, 2002, pp. 335–345.
[23] W. Stallings,Cryptography and Network Security: Principles and Practice, 5th, Prentice Hall, 2010.
[24] A.J. Menezes, Elliptic curve public key cryptosystems1st, Springer, 1993.
校內:2018-09-09公開校外:2018-09-09公開