通过分析“Cache失效”踪迹信息和S盒在Cache中不对齐分布特性,提出了一种改进的AES和CLEHA踪迹驱动攻击方法.现有攻击大都假定S盒在Cache中对齐分布,针对AES和CLEFIA的第1轮踪迹驱动攻击均不能在有限搜索复杂度内获取第1轮扩展密钥.研究表明,在大多数情况下,S盒在Cache中的分布是不对齐的,通过采集加密中的“Cache失效”踪迹信息,200和50个样本分别经AES第1轮和最后1轮分析可将128bitAES主密钥搜索空间降低到216和1,80个样本经CLEFIA第1轮分析可将128bit CLEFIA第1轮扩展密钥搜索空间降低到216,220个样本经前3轮分析可将128bit CLEFIA主密钥搜索空间降低到216,耗时不超过1s.%An improved Cache trace attack on AES and CLEFIA was proposed by considering Cache miss trace information and S-box misalignment. Current trace driven attacks all assume that the S-box is perfectly aligned in Cache, and it's impossible to recover the whole first round key of AES and CLEFIA under limited key searching space. However, the research demonstrates that the S-box is misaligned in Cache at most cases, by utilizing the Cache miss trace information of the cipher encryption, 200 samples first round analysis and SO samples last round analysis can reduce 128bit AES master key searching space to 216 and 1 respectively, 80 samples first round analysis can reduce 128bit CLEFIA first round key searching space to 216, 220 samples first three rounds analysis can reduce 128bit CLEFIA master key searching space to 216, all of the attacks above can be finished within 1 second.
展开▼
