计算机工程与应用 ›› 2022, Vol. 58 ›› Issue (2): 110-115.DOI: 10.3778/j.issn.1002-8331.2104-0066

• 网络、通信与安全 • 上一篇    下一篇

基于欧式距离的AES算法模板攻击

李志明,唐永中   

  1. 河西学院 信息技术中心,甘肃 张掖 734000
  • 出版日期:2022-01-15 发布日期:2022-01-18

Template Attack of AES Algorithm Based on Euclidean Distance

LI Zhiming, TANG Yongzhong   

  1. Center for Information Technology, Hexi University, Zhangye, Gansu 734000, China
  • Online:2022-01-15 Published:2022-01-18

摘要: 针对AES算法Cache计时模板攻击时会触发大量的Cache失效,容易被硬件计数器检测出来的问题,基于Flush+Flush攻击模型,提出一种基于欧氏距离的AES算法模板攻击方法,以减少触发Cache失效的次数,使攻击更加隐蔽。使用Flush+Flush攻击模型获取AES算法在内存中映射的位置;利用已知明文攻击不断地触发密码进程,通过该模型建立每一个密钥的模板;利用Flush+Flush攻击模型获取真实情况下的Cache计时信息,通过计算计时信息与每一个密钥模板之间的欧式距离推算密钥。通过实验验证,以OpenSSL库中的AES算法快速实现为攻击对象,攻击模型能准确地获取AES算法密钥,并与Flush+Reload攻击模型相比较,触发的Cache失效次数仅为Flush+Reload攻击模型的17%。

关键词: Flush+Flush攻击模型, 模板攻击, AES算法, Cache, 欧氏距离

Abstract: Aiming at the problem that the Flush+Reload attack model will trigger a large number of cache failures when attacking the AES algorithm and is easily detected by the hardware counter, a template attack method of utilizing the Flush+Flush attack model based on Euclidean distance is proposed to reduce the number of cache failures. This model can make the attack more covert. Firstly, it exploits Flush+Flush attack model to obtain mapped location of AES algorithm in memory. Then the template for each key is established by using the known clear-text attack which will trigger password process continuously. Finally, it utilizes the Flush+Flush attack model to obtain the Cache timing information under real conditions and predict the key by calculating the Euclidean distance between the timing information and each key template. Through experimental verification, with taking the AES algorithm fast implementation in openSSL algorithm library as the object of attack, the attack model can accurately obtain the AES algorithm key. Compared with the Flush+Reload attack model, the number of Cache failures triggered by the Flush+Flush attack model is only 17% of the Flush+Reload attack model.

Key words: Flush+Flush attack model, template attack, AES algorithm, Cache, Euclidean distance