With the development of the quantum computer, the traditional digital signature schemes are challenged by the quantum attack, analysis and design of digital signature algorithms that can resist quantum computers are current research hotspots. In the actual execution of the cryptographic algorithms, it often faces the risk of side channel attacks. So, many factors need to be taken into consideration in designing a secure and effective cryptography algorithm. Lattice cryptography is a typical representative of post quantum algorithm, the digital signature algorithm based on lattice can posses security in the quantum environment, but it also face the thread of timing attack and first-order power attack and other side channel attacks in the real execution environment. In order to ensure the lattice cryptography having the ability to resist the side channel attacks, we propose an implementation scheme of SIS lattice signature against side channel attack. Through setting the parameters of Gauss sampling, and random segmentation of sampling samples, enlarging the range of sampling, it can have effective resistance against the Cache attack. We split the secret key in the signing process, this can obtain masking operation of the secret, and it can be effective in resisting the first-order differential power attack. The difficult problem which the SIS implementation scheme proposed in this paper is based on its provable security under the Random Oracle model, and this scheme can resist the Cache attack and first-order differential power attack, it can ensure the security of the key.%随着量子计算机的出现,传统的数字签名方案面临量子攻击,研究与设计能够抵抗量子计算机的数字签名算法是目前的研究热点.在密码算法的实际运行过程中,也时常面临侧信道攻击的风险.在设计安全高效的密码算法时,需要综合考虑多方面安全因素.格密码理论是后量子算法中的典型代表,基于格密码理论的数字签名算法能够在量子环境下安全运行,但在实际运行过程中,仍面临一阶能量攻击、计时攻击等侧信道攻击的威胁.为保证基于格密码理论的数字签名算法具备抵抗侧信道攻击的能力,本文提出一种能够抵抗侧信道攻击的 SIS 格签名实现方案.通过设置高斯取样参数,并对取样样本进行随机分割,扩大了取样范围,能够有效的抵抗Cache攻击;对签名过程中的私钥进行随机分割,实现对密钥的掩码操作,能够有效的抵抗一阶差分能量攻击.本文所提SIS签名实现方案所基于的困难问题是随机预言模型下可证明安全的,能够同时防御Cache攻击和一阶差分能量攻击,保证了密钥的安全性.
展开▼
