摘要: |
人工智能与侧信道密码分析相结合,给密码分析学带来了新的研究方向。近十年来,遗传算法被引入侧信道分析,国际上出现了一系列相关研究成果。然而,现有基于遗传算法的相关能量分析存在局部最优问题,使整个分析过程的效率偏低。本文旨在建立局部最优与成功率之间的关系,选取科学的初始化与变异机制,以显著提升使用人工智能算法开展侧信道分析的效率。我们首先探究了遗传算法能量分析成功、以及陷入局部最优的本质原因,随后从初始化机制、变异机制两个角度尝试克服局部最优问题,引入随机初始化、相关能量分析初始化、随机字节变异、基于密钥适应度排名的启发式变异等四种机制进行组合对比。通过参数选取、成功率对比、计算代价对比等多次实验得到结论:相关能量分析初始化结合随机字节变异的方法具有最高的成功率,同时计算代价也最小。与此同时,本文总结了遗传算法相关能量分析方法不适用于软件实现、难以分析大位宽运算、攻击防护对策时复杂度高、信噪比低时复杂度高等局限性问题,建议密码硬件计算过程中尽量不要将以字节或比特为单位计算的值存入寄存器,以防护遗传算法类能量分析攻击,并对未来工作进行了展望。我们认为,新方法在分析无防护硬件实现的分组密码算法时具有较高的实用性,建议应用于实际的侧信道分析测评工作。 |
关键词: 密码学 能量分析攻击 遗传算法 变异机制 初始化机制 |
DOI:10.19363/J.cnki.cn10-1380/tn.2024.03.05 |
投稿时间:2022-06-05修订日期:2022-08-16 |
基金项目:本文受到国家重点研发计划项目(No.2022YFB3103800)、国家自然科学基金项目(No.62302036,No.62272047)的资助。 |
|
Initialization and Mutation Mechanism in Genetic-Algorithm-Based Power Analysis |
XU Yijun,LI Yuan,TANG Minghuan,DING Yaoling,WANG An |
Institute for Software, The China Industrial Control Systems Cyber Emergency Response Team(CIC), Beijing 100040, China;School of Computer Science and Technology, Beijing Institute of Technology, Beijing 100081, China;Security Research Institute, China Academy of Industrial Internet(CAII), Beijing 100102, China;School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing 100081, China |
Abstract: |
The combination of artificial intelligence and side-channel analysis brought new research direction to cryptanalysis. In recent ten years, genetic algorithm has been introduced into side channel analysis, and a series of related research results have emerged in the world. However, the existing power analysis based on genetic algorithm had the problem of local optimization and low efficiency. This paper aimed to make a connection between local optimization and success rate, choose better initialization and mutation mechanism, and increase the efficiency of artificial-intelligence-based side-channel analysis. In this paper, we first analyzed the success reason of genetic-algorithm-based power analysis, and then discussed why the existing power analysis method of genetic algorithm fell into the local optimum. Accordingly, we introduced correlation-power-analysis-based initialization, heuristic mutation mechanism, random byte mutation, and random initialization, and then combined and compared them. Through some experiments, such as parameter selection, success rate comparison and calculation cost comparison, it is concluded that the method of correlation-power-analysis-based initialization combined with random byte mutation has the highest success rate and the lowest calculation cost. At the same time, this paper summarizes the limitations of genetic algorithm-based correlation power analysis method: not suitable for software implementation, difficult to analyze large bit-width operation, high complexity in attack protection countermeasures, high complexity in low signal-to-noise ratio. It is suggested that the value calculated in bytes or bits should not be stored in the register directly during the hardware calculation of cryptographic algorithm, so as to protect against the power analysis attack based on genetic algorithm. At last, the future work is prospected, and we think that the new method has high practicability in analyzing the block cipher algorithm implemented by non-protected hardware, and it is recommended to be applied to the actual side channel analysis and evaluation. |
Key words: cryptography power analysis attack genetic algorithm mutation mechanism initialization mechanism |