【摘要】：在信息技術(shù)日新月異的互聯(lián)網(wǎng)時代，信息安全問題變得日益突出。作為信息安全的理論核心，密碼學為數(shù)據(jù)的安全傳送提供基本保障�，F(xiàn)代密碼學的密碼體制通常分為兩類：對稱密碼體制和非對稱密碼體制，其中對稱密碼是密碼學研究的核心內(nèi)容之一。對稱密碼主要包括分組密碼、Hash函數(shù)和流密碼，并且對稱密碼算法具有運行速度快，存儲量小以及易于軟硬件實現(xiàn)等優(yōu)點。分組密碼作為對稱密碼的重要分支，廣泛地應用于許多領(lǐng)域，，如文件傳輸、網(wǎng)絡通信和數(shù)據(jù)庫系統(tǒng)安全等。Hash函數(shù)作為對稱密碼的另一個重要組成部分，在數(shù)字簽名、文件完整性和身份認證等領(lǐng)域有著廣泛的應用。 隨著智能硬件和嵌入式技術(shù)的飛速發(fā)展，以及密碼設備的大規(guī)模應用，從密碼算法的數(shù)學結(jié)構(gòu)上研究算法的安全性已經(jīng)遠遠不夠，而需從密碼算法的具體實現(xiàn)分析算法的安全性。在這種背景下側(cè)信道攻擊應運而生，它利用密碼設備計算過程中出現(xiàn)的軟、硬件故障信息及相關(guān)輸出可快速地恢復出密鑰或者明文。差分故障攻擊作為一種有效的側(cè)信道攻擊，是指通過對密碼設備誘導故障并結(jié)合差分分析技術(shù)的密碼分析方法。差分故障攻擊憑借其攻擊能力強，速度快且易實現(xiàn)等特點，已引起國內(nèi)外研究學者的廣泛關(guān)注。 本文主要針對Serpent算法、GOST算法和MD5算法壓縮函數(shù)提出了有效的差分故障攻擊方法，并進行了軟件模擬。同時，本文也針對MD4算法提出了有效的故障檢測方法。本文的創(chuàng)新性研究成果有： 首先，在面向單字節(jié)的隨機故障模型和差分技術(shù)的基礎(chǔ)上，提出了針對Serpent密碼的有效差分故障攻擊方法。數(shù)學分析和實驗結(jié)果表明僅需要48個故障密文即可恢復Serpent密碼的128位原始密鑰。該方法也為同類型的其他迭代密碼的差分故障攻擊提供了一種較通用的分析手段。 其次，依據(jù)面向單字節(jié)的隨機故障模型和差分技術(shù)，提出了對GOST密碼的差分故障攻擊方法。實驗結(jié)果表明僅需要32個故障密文即可恢復GOST密碼的256比特原始密鑰。本文提出的方法不僅擴大了故障攻擊的范圍，而且還提高了故障導入效率，降低了所需的故障密文數(shù)。 然后，根據(jù)面向字的隨機故障模型和差分技術(shù)，提出了對MD5算法壓縮函數(shù)的差分故障攻擊方法。實驗結(jié)果表明僅需要導入144個故障即可恢復出MD5算法的當前輸入消息塊。該方法也為其它類似MD5結(jié)構(gòu)的Hash函數(shù)的安全性分析提供了新的分析手段。 最后，依據(jù)差分故障攻擊原理，提出了MD4算法抵御差分故障攻擊的檢測方法。通過該檢測方法可以判斷當前的MD4算法是否受到差分故障攻擊，并確定故障導入位置，以及分辨導入的故障是否為有效故障。該檢測方法對于其他的密碼算法抵御差分故障攻擊的研究具有重要的參考價值。
[Abstract]:In the Internet era with the rapid development of information technology, the problem of information security has become increasingly prominent. As the theoretical core of information security, cryptography provides the basic guarantee for the secure transmission of data. The cryptography of modern cryptography is usually divided into two categories: symmetric cryptography and asymmetric cryptography, in which symmetric cryptography is one of the core contents of cryptography research. Symmetric ciphers mainly include block ciphers, Hash functions and stream ciphers, and symmetric cryptography algorithms have the advantages of fast running speed, small storage and easy implementation of software and hardware. Block cipher, as an important branch of symmetric cipher, is widely used in many fields, such as file transfer, network communication and database system security. Hash function, as another important part of symmetric cipher, is used in digital signature. File integrity and identity authentication have a wide range of applications. With the rapid development of intelligent hardware and embedded technology, as well as the large-scale application of cryptography devices, it is far from enough to study the security of the algorithm from the mathematical structure of the cryptography algorithm. It is necessary to analyze the security of the algorithm from the specific implementation of the cryptography algorithm. In this context, the side channel attack emerges as the times require, which can quickly recover the key or clear text by using the software and hardware fault information and related output in the process of cryptography computing. As an effective side channel attack, differential fault attack refers to the cryptanalysis method which leads to the fault of cryptography equipment and combines the differential analysis technology. Differential fault attack has attracted extensive attention of scholars at home and abroad because of its strong attack ability, fast speed and easy implementation. In this paper, an effective differential fault attack method is proposed for Serpent algorithm, GOST algorithm and MD5 algorithm compression function, and the software simulation is carried out. At the same time, an effective fault detection method for MD4 algorithm is proposed in this paper. The innovative research results of this paper are as follows: firstly, based on the single byte-oriented stochastic fault model and differential technique, an effective differential fault attack method for Serpent cryptography is proposed. The mathematical analysis and experimental results show that only 48 fault ciphers are needed to recover the 128bit original key of Serpent password. This method also provides a general analysis method for differential fault attacks of other iterative ciphers of the same type. Secondly, based on the single byte-oriented stochastic fault model and differential technique, a differential fault attack method for GOST cryptography is proposed. The experimental results show that only 32 fault ciphertext is needed to recover the 256bit original key of the GOST password. The method proposed in this paper not only expands the scope of fault attack, but also improves the efficiency of fault import and reduces the number of fault ciphertext required. Then, according to the word-oriented stochastic fault model and differential technique, a differential fault attack method for compression function of MD5 algorithm is proposed. The experimental results show that only 144 faults can be imported to recover the current input message block of MD5 algorithm. This method also provides a new method for the security analysis of other Hash functions similar to MD5 structure. Finally, according to the principle of differential fault attack, a detection method of MD4 algorithm against differential fault attack is proposed. The detection method can be used to determine whether the current MD4 algorithm is attacked by differential fault, and to determine the location of fault import, and to distinguish whether the imported fault is an effective fault or not. This detection method has important reference value for other cryptography algorithms to resist differential fault attacks.
【學位授予單位】：東華大學
【學位級別】：碩士
【學位授予年份】：2015
【分類號】：TP309

【參考文獻】

相關(guān)期刊論文 前3條

1 張蕾;吳文玲;;SMS4密碼算法的差分故障攻擊[J];計算機學報;2006年09期

2 李瑋;谷大武;;基于密鑰編排故障的SMS4算法的差分故障分析[J];通信學報;2008年10期

3 韓軍;曾曉洋;趙佳;;抗差分功耗分析和差分故障分析的AES算法VLSI設計與實現(xiàn)[J];通信學報;2010年01期

本文編號：2475460