计算机工程与应用 ›› 2017, Vol. 53 ›› Issue (5): 103-106.DOI: 10.3778/j.issn.1002-8331.1507-0255

• 网络、通信与安全 • 上一篇    下一篇

基于硬件木马的AES差分故障分析

王晓晗,李雄伟,张  阳,徐  璐   

  1. 军械工程学院 信息工程系,石家庄 050003
  • 出版日期:2017-03-01 发布日期:2017-03-03

 AES differential fault analysis based on hardware Trojan

WANG Xiaohan, LI Xiongwei, ZHANG Yang, XU Lu   

  1. Department of Information Engineering, Ordnance Engineering College, Shijiazhuang 050003, China
  • Online:2017-03-01 Published:2017-03-03

摘要: 针对一般差分故障分析注入的故障不确定、可控性差等特点,提出一种新的规模小、触发率低的木马设计,利用线性反馈移位寄存器生成的最大周期序列作为激活条件,以单个异或门实施可控的故障注入,并提出相应的差分故障分析方法。以FPGA芯片上实现的AES加密电路为目标,植入木马并在第八轮行移位后的中间状态的第一位注入故障,进行差分故障攻击,实验结果表明,仅需两组正确密文与错误密文即可恢复AES的全部密钥,耗时仅5?s。

关键词: 硬件木马, 差分故障分析, 高级加密标准

Abstract: Aiming at the characteristics of uncertainty and poor controllability in general differential fault analysis fault injection, a new small-scale and low trigger Trojan design is proposed. Using the maximum period sequence generated by a linear feedback shift register as an activation conditions and implementing controllable fault injection by individual XOR door, the corresponding differential fault analysis is proposed. The Trojan is implanted in the AES encryption circuit which is implanted in the FPGA chip, the fault is injected in the first line of intermediate state behind the eighth round shiftrows, and the differential fault attack is run. Experimental results show that, all the key of AES can be restored only by two right ciphertexts and wrong ciphertexts, and it takes only 5 s.

Key words: hardware Trojan, differential fault analysis, advanced encryption standard