计算机工程与应用 ›› 2019, Vol. 55 ›› Issue (15): 141-146.DOI: 10.3778/j.issn.1002-8331.1807-0125

• 网络、通信与安全 • 上一篇    下一篇

基于支持向量机的RSA电磁旁路分析方法

胡晓阳,陈开颜,张阳,郭东昕,魏延海   

  1. 陆军工程大学石家庄校区 装备模拟训练中心,石家庄 453000
  • 出版日期:2019-08-01 发布日期:2019-07-26

RSA Electromagnetic Side-Channel Analysis Method Based on Support Vector Machine

HU Xiaoyang, CHEN Kaiyan, ZHANG Yang, GUO Dongxin, WEI Yanhai   

  1. Shijiazhuang Campus of Army Engineering University, Shijiazhuang 453000, China
  • Online:2019-08-01 Published:2019-07-26

摘要: 针对在旁路分析过程中由于噪声的影响,不能直接观察出RSA的加密过程这一问题,提出结合支持向量机的旁路分析方法,从分类的角度对RSA二进制模幂运算中的平方、乘法操作进行识别,根据密钥与操作的相关性,推断出RSA二进制密钥序列。基于此,对移动设备PCM-9589F凌动主板进行了RSA电磁旁路分析研究,使用串口通信技术实现了对目标设备CPU的旁路电磁信号的采集,并采用基于边界的单类支持向量机的方法,以分类的正确率为70%为阈值,实现了对RSA二进制模幂运算中平方、乘法操作的识别,提取了OpenSSL加密库中1?024位RSA加密算法的二进制密钥序列。相比于传统的简单分析方法,克服了因旁路信号质量低而无法破解密钥的难题。

关键词: 旁路分析, 支持向量机, 操作识别, 移动设备

Abstract: On account of the effect of noise in side-channel analysis, the encryption process of RSA can’t be observed directly, a side-channel analysis method based on support vector machine is proposed. The square and multiplication operations of RSA binary modular exponentiation are identified from the angle of classification, and the RSA binary keys sequence are deduced on the basis of the correlation between the keys and the encryption operations. Based on it, it carries out the electromagnetic side-channel analysis for RSA on the mobile device PCM-9589F multi-board, using serial communication technology to collect the electromagnetic signal of CPU on the target device, and using the method which known as single class support vector machine based on the boundary to recognize the square and multiplication operations of the RSA binary modular exponentiation, the threshold of the classification accuracy is set to 70%, then the 1,024 bits RSA binary keys sequence are extracted. Compared to traditional simple analysis method, this method overcomes the problem that the keys can’t be cracked due to the inferior signal quality.

Key words: side-channel analysis, support vector machine, operations recognition, mobile device