本文關(guān)鍵詞：基于機(jī)器學(xué)習(xí)的密碼芯片電磁攻擊技術(shù)研究　出處：《北京郵電大學(xué)》2014年博士論文　論文類(lèi)型：學(xué)位論文

  更多相關(guān)文章： 模板攻擊 電磁分析 支撐向量機(jī) 線性回歸 標(biāo)準(zhǔn)化類(lèi)間方差

【摘要】：機(jī)器學(xué)習(xí)已經(jīng)成為整個(gè)計(jì)算機(jī)領(lǐng)域中最活躍、應(yīng)用潛力最明顯的技術(shù)之一,它在人臉檢測(cè)、語(yǔ)音識(shí)別等方面均獲得了成功應(yīng)用。近年來(lái),國(guó)內(nèi)外部分學(xué)者將機(jī)器學(xué)習(xí)的方法引入密碼設(shè)計(jì)與分析學(xué)的研究領(lǐng)域,在為該領(lǐng)域注入新的活力的同時(shí),也為密碼學(xué)與機(jī)器學(xué)習(xí)的綜合交叉發(fā)展,開(kāi)辟了新的方向——基于機(jī)器學(xué)習(xí)的側(cè)信道攻擊。 信息系統(tǒng)是否安全取決于系統(tǒng)中最弱的組成部件,這使得密碼算法即使在數(shù)學(xué)理論上安全,也可能由于其不恰當(dāng)?shù)奈锢韺?shí)現(xiàn)導(dǎo)致風(fēng)險(xiǎn)。側(cè)信道攻擊正是根據(jù)這一原理而實(shí)施的有效攻擊技術(shù),利用密碼算法的執(zhí)行載體——密碼芯片運(yùn)算過(guò)程中泄露的各種物理信息(如功耗、電磁輻射、聲音、可見(jiàn)光等)來(lái)破解密鑰。相比于傳統(tǒng)的密碼分析方法,側(cè)信道攻擊技術(shù)的優(yōu)點(diǎn)在于具有較小的密鑰搜索空間和較好的分析效率。而機(jī)器學(xué)習(xí)能像人一樣通過(guò)經(jīng)驗(yàn)不斷改善和提高自身性能。所以基于機(jī)器學(xué)習(xí)的側(cè)信道攻擊對(duì)于提高攻擊的可靠性和自動(dòng)化水平有重要意義。目前該領(lǐng)域的研究工作仍然處于探索階段,許多有意義的問(wèn)題有待深入探討。 相比于其它側(cè)信道攻擊方法,電磁攻擊在攻擊過(guò)程中無(wú)需與密碼系統(tǒng)直接進(jìn)行電氣連接,具有隱蔽性強(qiáng)和難以被察覺(jué)等優(yōu)點(diǎn)。本文以常用的密碼算法為攻擊對(duì)象,以電磁輻射探測(cè)為主要測(cè)試手段,將機(jī)器學(xué)習(xí)的方法應(yīng)用到側(cè)信道攻擊中來(lái),取得以下主要研究結(jié)果： (1)針對(duì)傳統(tǒng)模板攻擊方法必須已知明文或密文的缺點(diǎn),提出了一種直接以密鑰為目標(biāo)的單比特模板攻擊方法,該方法不僅可以減少需要構(gòu)建的模板數(shù)量,降低了計(jì)算復(fù)雜度,而且能夠利用更多的訓(xùn)練數(shù)據(jù),但是由于沒(méi)有考慮明文的影響,導(dǎo)致分類(lèi)準(zhǔn)確率偏低,為此進(jìn)一步提出將攻擊區(qū)域定位在密鑰擴(kuò)展階段。通過(guò)對(duì)單片機(jī)上實(shí)現(xiàn)的DES密碼算法的電磁模板攻擊實(shí)驗(yàn)表明,該方法在未知明文(密文)的情況下,只需要1條測(cè)試曲線,就可以完全正確的推斷出密鑰。 (2)為了避免模板攻擊運(yùn)算中出現(xiàn)協(xié)方差矩陣“病態(tài)”和數(shù)值超出浮點(diǎn)數(shù)表示范圍等問(wèn)題,本文在保證模板匹配概率前后順序不變的前提下,通過(guò)多項(xiàng)式簡(jiǎn)化和變換實(shí)現(xiàn)了一種快速的模板攻擊方法,該方法使用公共協(xié)方差矩陣代替協(xié)方差矩陣,不僅可以放松協(xié)方差矩陣可逆的限制條件,而且由于更接近真實(shí)協(xié)方差矩陣,在降低計(jì)算復(fù)雜度的同時(shí),提高了攻擊成功率。通過(guò)協(xié)方差矩陣、公共協(xié)方差矩陣、單位矩陣的對(duì)比實(shí)驗(yàn),證明了該方法的有效性。 (3)針對(duì)有監(jiān)督學(xué)習(xí)中常見(jiàn)的高維數(shù)、小樣本問(wèn)題,首先結(jié)合選擇和特征提取算法的優(yōu)點(diǎn),提出了一種新的降維方法SPP,然后利用漢明重量模型天然具有次序性的特點(diǎn),提出了一種新的SVM多分類(lèi)器,將需要訓(xùn)練的二分類(lèi)器數(shù)量從K(K-1)/2減少到K個(gè)。通過(guò)攻擊執(zhí)行DES軟件實(shí)現(xiàn)的8位單片機(jī),實(shí)驗(yàn)結(jié)果表明SPP方法優(yōu)于PCA方法,多分類(lèi)SVM攻擊優(yōu)于模板攻擊。 (4)有監(jiān)督學(xué)習(xí)需要大量具有標(biāo)記的訓(xùn)練數(shù)據(jù),而在實(shí)際情況下要得到這樣的完備數(shù)據(jù)集非常困難。為此本文提出了一種無(wú)監(jiān)督的攻擊方法。該方法首先建立密碼設(shè)備線性回歸模型,然后利用最小二乘法求出模型參數(shù),為了量化估計(jì)誤差,需要在每個(gè)抽樣點(diǎn)計(jì)算多重可決系數(shù)來(lái)評(píng)價(jià)模型的擬合優(yōu)度。最后為了消除“奇異尖峰”的干擾,提出了一種利用標(biāo)準(zhǔn)化類(lèi)間方差進(jìn)行修正的方法。實(shí)驗(yàn)結(jié)果證明了該方法的有效性。
[Abstract]:Machine learning has become one of the most active fields in the computer, one of the most obvious application potential of the technology, it in face detection, speech recognition and other aspects for the successful application. In recent years, some scholars at home and abroad research field of machine learning method is introduced into the design and analysis of cryptography, in the field of inject new vitality at the same time, a comprehensive cross development for cryptography and machine learning, open up a new direction: Based on side channel attacks of machine learning.
Part of the information system security depends on whether the system is in the weakest, which makes the encryption algorithm security even in mathematical theory, it may be due to the inappropriate physical risk. Side channel attack is based on the principle and the implementation of effective attack techniques, using the execution of various physical information leakage in the operation process of cryptographic chip the carrier of cryptographic algorithms (such as power consumption, electromagnetic radiation, visible light sound, etc.) to crack the key. Compared to the traditional password analysis method, the advantages of side channel attack technology is the key search space is smaller and better efficiency. Analysis and machine learning to like people through experience and constantly improve and enhance their performance so based on side channel attack attack machine learning to improve the reliability and automation level has important significance. The current research work in this field is still in At the exploratory stage, many meaningful questions need to be discussed.
Compared to the other side channel attack, electromagnetic attack in the attack process without direct electrical connection with the password system, with strong concealment and are difficult to detect. In this paper, the advantages of cryptographic algorithms commonly used for the object of attack, with electromagnetic radiation detection as the main means of testing, the machine learning method is applied to the side channel attack in the past, the main results are as following:
(1) the traditional template attack method must be known plaintext or ciphertext shortcomings, proposes a method for directly to key target monobit template attack, this method can not only reduce the number of template construction to reduce the computational complexity, but also can use the training data more, but due to not considering the plaintext in effect, the classification accuracy is low, therefore further proposed to attack regional positioning in the key expansion stage. Through the experiment of electromagnetic template attack of DES algorithm to achieve the show that the method in the case of Zhi Mingwen (ciphertext), only 1 test curve, can be completely correct to infer the key.
(2) in order to avoid the template attack operation covariance matrix is "sick" and the value is out of range of issues such as floating point representation, based on the template matching to ensure the order before and after the premise probability at the same time, through the polynomial simplification and transformation to achieve a fast template attack method, this method uses a common covariance matrix instead of the covariance matrix, not only can relax the restrictions of covariance matrix invertible, and the closer to the true covariance matrix, the computation complexity while reducing, improve the success rate of attacks. The public covariance matrix, covariance matrix, experimental unit matrix, proves the validity of the method.
(3) for supervised learning in high dimension, small sample problem, combined with the advantages of first selection and feature extraction algorithm, proposes a dimensionality reduction method of the new SPP, and then the natural order has the characteristics of Hamming weight model, this paper proposes a new SVM multi classifier, number two the classifier will need training from K (K-1) /2 reduced to K. Through the execution of the attack 8 bit microcontroller DES software, the experimental results show that SPP method is better than the PCA method, multi classification of SVM attacks is better than the template attack.
(4) supervised learning needs a large amount of training data is labeled, and in actual situation to get a complete set of such data is very difficult. This paper proposes an unsupervised method of attack. The method firstly builds a cryptographic device linear regression model, and then use the minimum two multiplication to calculate the parameters of the model, in order to quantitatively estimate error, need to calculate the fitting multiple coefficient of determination to evaluate the goodness of the model at each sampling point. Finally, in order to eliminate interference of singular peak ", put forward a correction method using standard variance. The experimental results demonstrate the effectiveness of the method.

【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級(jí)別】：博士
【學(xué)位授予年份】：2014
【分類(lèi)號(hào)】：TN918.1

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 柳琰;;直面新型網(wǎng)絡(luò)武器威脅 果斷采取保密防護(hù)措施[J];保密科學(xué)技術(shù);2012年08期

2 張鵬;鄧高明;陳開(kāi)顏;趙強(qiáng);;針對(duì)AES密碼芯片的遠(yuǎn)場(chǎng)相關(guān)性電磁分析攻擊[J];華中科技大學(xué)學(xué)報(bào)(自然科學(xué)版);2009年08期

3 張文濤 ,卿斯?jié)h ,吳文玲;對(duì)低輪SAFER++的差分-非線性密碼分析[J];計(jì)算機(jī)研究與發(fā)展;2003年06期

4 韓軍;曾曉洋;湯庭鰲;;基于時(shí)間隨機(jī)化的密碼芯片防攻擊方法[J];計(jì)算機(jī)工程;2007年02期

5 鄧高明;趙強(qiáng);張鵬;陳開(kāi)顏;劉曉芹;;針對(duì)密碼芯片的電磁頻域模板分析攻擊[J];計(jì)算機(jī)學(xué)報(bào);2009年04期

6 丁國(guó)良;李志祥;尹文龍;趙強(qiáng);;高級(jí)數(shù)據(jù)加密標(biāo)準(zhǔn)的差分電磁分析[J];計(jì)算機(jī)應(yīng)用;2009年08期

7 鄧高明;張鵬;趙強(qiáng);陳開(kāi)顏;;基于PCA和SVM的電磁模板分析攻擊[J];計(jì)算機(jī)測(cè)量與控制;2009年09期

8 周建欽;何凌云;;DES加密算法的密鑰擴(kuò)展[J];科技通報(bào);2011年02期

9 武傳坤;;棱鏡折射出了什么?[J];科學(xué)世界;2013年08期

10 賀也平,吳文玲,卿斯?jié)h;截?cái)嗖罘?線性密碼分析[J];軟件學(xué)報(bào);2000年10期

相關(guān)博士學(xué)位論文 前3條

1 樂(lè)大珩;抗功耗攻擊的密碼芯片電路級(jí)防護(hù)關(guān)鍵技術(shù)研究[D];國(guó)防科學(xué)技術(shù)大學(xué);2011年

2 張濤;面向密碼芯片的旁路攻擊關(guān)鍵技術(shù)研究[D];電子科技大學(xué);2008年

3 孫春輝;邊信道攻擊及防御的研究與實(shí)現(xiàn)[D];西安電子科技大學(xué);2012年

，

本文編號(hào)：1400478