Çѱ¹Á¤º¸Åë½ÅÇÐȸ ³í¹®Áö (Journal of the Korea Institute of Information and Communication Engineering)
ÇѱÛÁ¦¸ñ(Korean Title) |
°æ·® ºí·Ï¾ÏÈ£ LEA¿¡ ´ëÇÑ »ó°ü°ü°è Àü·ÂºÐ¼® °ø°Ý ¹× ¸¶½ºÅ· ´ëÀÀ ±â¹ý |
¿µ¹®Á¦¸ñ(English Title) |
Correlation Power Analysis Attack on Lightweight Block Cipher LEA and Countermeasures by Masking |
ÀúÀÚ(Author) |
¾ÈÈ¿½Ä
½Å°æ¿í
Hyo-Sik An
Kyung-Wook Shin
|
¿ø¹®¼ö·Ïó(Citation) |
VOL 21 NO. 07 PP. 1276 ~ 1284 (2017. 07) |
Çѱ۳»¿ë (Korean Abstract) |
¿ì¸®³ª¶ó °æ·® ºí·Ï¾ÏÈ£ Ç¥ÁØÀÎ LEA ¾Ë°í¸®µëÀ» 8-ºñÆ® µ¥ÀÌÅÍ ÆнºÀÇ Çϵå¿þ¾î·Î ±¸ÇöÇÏ°í, ±¸ÇöµÈ LEA-128 ¾ÏÈ£ ÇÁ·Î¼¼¼¿¡ ´ëÇØ »ó°ü°ü°è Àü·ÂºÐ¼® °ø°ÝÀÇ Ãë¾à¼ºÀ» ºÐ¼®ÇÏ¿´´Ù. º» ³í¹®¿¡¼ Àû¿ëµÈ CPA´Â °ø°ÝÀ» À§ÇØ °¡Á¤µÈ ¶ó¿îµåÅ° °ªÀ¸·Î °è»êµÈ µ¥ÀÌÅÍÀÇ ÇØ¹Ö °Å¸®¿Í LEA ¾ÏÈ£ ÇÁ·Î¼¼¼ÀÇ Àü·Â ¼Ò¸ð·® »çÀÌÀÇ »ó°ü °è¼ö¸¦ ºÐ¼®ÇÔÀ¸·Î½á ¿Ã¹Ù¸¥ ¶ó¿îµåÅ° °ªÀ» °ËÃâÇÑ´Ù. CPA °ø°Ý °á°ú·Î, ÃÖ´ë »ó°ü°è¼ö°¡ 0.6937, 0.5507ÀÎ ¿Ã¹Ù¸¥ ¶ó¿îµåÅ° °ªÀÌ °ËÃâµÇ¾úÀ¸¸ç, ºí·Ï¾ÏÈ£ LEA°¡ Àü·ÂºÐ¼® °ø°Ý¿¡ Ãë¾àÇÔÀÌ È®ÀεǾú´Ù. CPA °ø°Ý¿¡ ´ëÇÑ ´ëÀÀ ¹æ¾ÈÀ¸·Î TRNG (True Random Number Generator) ±â¹ÝÀÇ ¸Å½ºÅ· ¹æ¹ýÀ» Á¦¾ÈÇÏ¿´´Ù. TRNG¿¡¼ »ý¼ºµÇ´Â ³¼ö¸¦ ¾ÏÈ£È ¿¬»ê Áß°£°ª¿¡ ´õÇÏ´Â ¸¶½ºÅ· ±â¹ýÀ» Àû¿ëÇÑ °á°ú, ÃÖ´ë »ó°ü°è¼ö°¡ 0.1293¿Í 0.1190·Î ¸Å¿ì ÀÛ¾Æ À߸øµÈ ¶ó¿îµåÅ° °ªÀÌ ºÐ¼®µÇ¾úÀ¸¸ç, µû¶ó¼ Á¦¾ÈµÈ ¸¶½ºÅ· ¹æ¹ýÀÌ CPA °ø°Ý¿¡ °ÀÎÇÔÀ» È®ÀÎÇÏ¿´´Ù.
|
¿µ¹®³»¿ë (English Abstract) |
Lightweight Encryption Algorithm (LEA) that was standardized as a lightweight block cipher was implemented with 8-bit data path, and the vulnerability of LEA encryption processor to correlation power analysis (CPA) attack was analyzed. The CPA used in this paper detects correct round keys by analyzing correlation coefficient between the Hamming distance of the computed data by applying hypothesized keys and the power dissipated in LEA crypto-processor. As a result of CPA attack, correct round keys were detected, which have maximum correlation coefficients of 0.6937, 0.5507, and this experimental result shows that block cipher LEA is vulnerable to power analysis attacks. A masking method based on TRNG was proposed as a countermeasure to CPA attack. By applying masking method that adds random values obtained from TRNG to the intermediate data of encryption, incorrect round keys having maximum correlation coefficients of 0.1293, 0.1190 were analyzed. It means that the proposed masking method is an effective countermeasure to CPA attack.
|
Å°¿öµå(Keyword) |
ºÎä³Î °ø°Ý
»ó°ü°ü°è Àü·ÂºÐ¼® °ø°Ý
ºí·Ï¾ÏÈ£ LEA
Âü ³¼ö ¹ß»ý±â
¸¶½ºÅ· ±â¹ý
Side channel attack
correlation power analysis attack
block cipher LEA
TRNG
masking technique
|
ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|