以學習為本的方法於分組密碼分析及副通道攻擊

Jung-Wei Chou; 周融瑋

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/64686

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	林守德(Shou-De Lin)
dc.contributor.author	Jung-Wei Chou	en
dc.contributor.author	周融瑋	zh_TW
dc.date.accessioned	2021-06-16T22:57:25Z	-
dc.date.available	2012-08-15
dc.date.copyright	2012-08-15
dc.date.issued	2012
dc.date.submitted	2012-08-09
dc.identifier.citation	[1] Thanh-Ha Le, Cécile Canovas, and Jessy Clédière. 2008. An overview of side channel analysis attacks. In Proceedings of the 2008 ACM symposium on Information, computer and communications security (ASIACCS '08). [2] DPA contest, http://www.dpacontest.org/home/, 2008-2009. [3] J. Kelsey, B. Schneier, D. Wagner, and C. Hall, “Side-channel cryptanalysis of product ciphers,” in Proc. ESORICS, Sept. 1998, pp. 97–110, 1998. [4] D. Agrawal, B. Archambeault, J. R. Rao, and P. Rohatgi, 'The EM side-channel(s): Attacks and assessment methodologies,' In Proceedings of CHES 2002, B. S. Kaliski Jr., Ç. K. Koç, and C. Paar, Eds., 2002, vol. 2523 of LNCS, pp. 29-45, Springer-Verlag, 2002. [5] P. Kocher, J. Jaﬀe and B. Jun, ”Differential Power Analysis”, In proceedings of CRYPTO 1999, LNCS 1666, pp. 388-397, Springer-Verlag, 1999. [6] National Bureau of Standards, “Data Encryption Standard,” Federal Information Processing Standards Publication 46, January 1977. [7] National Institute of Standards and Technology, “Advanced Encryption Standard”, Federal Information Processing Standard 197, November 2001. [8] Paul C. Kocher, “Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems”. In Proceedings of CRYPTO, 1996. [9] S. Chari, J. R. Rao, P. Rohatgi, “Template Attacks”, CHES 2002, volume 2523 of LNCS, pages 13-28. Springer, 2002. [10] M. Backes., M. Durmuth, S. Gerling, M. Pinkal, C. Sporleder, 'Acoustic side-channel attacks on printers'. In USENIX, p. 20 USENIX Association, USA, 2010. [11] Y. Komano, H. Shimizu, S. Kawamura, “BS-CPA: Built-in Determined Sub-key Correlation Power Analysis”. In Proceedings of IEICE TRANSACTIONS, 2010. [12] T. Messerges, C. Koc, and P. Christof. Using Second-Order Power Analysis to Attack DPA Resistance Software, In Proceedings of CHES 2000, LNCS 1965, pp. 238-251, 2000. [13] J. Waddle and D. Wagner, ”Towards efficient second-order power analysis”, In Proceedings of CHES 2004, LNCS 3156, Springer-Verlag, pp. 1-15, Cambridge (Boston), USA, 2004. [14] M. Joye, P. Paillier and B. Schoenmarkers ”On Second-Order Differential Power Analysis”, In Proceedings of CHES 2005, LNCS 3659, Springer-Verlag, pp. 293-308, Edinburgh, Scotland, USA, 2005. [15] T. S. Messerges, E. A. Dabbish and R. H. Sloan, ”Examining Smart-Card Security under the Threat of Power Analysis Attacks”, IEEE Transactions on Computer, Vol. 51, N5, pp. 541-552, 2002. [16] T.H. Le, J. Cl´edi`ere, C. Canovas, C.Servi`ere, J.L. Lacoume and B. Robisson, ”A proposition for Correlation Power Analysis enhancement”, In Proceedings of CHES 2006, LNCS 4249, Springer-Verlag, Yokohama, Japan, 2006. [17] R. Bevan and E. Knudsen, ”Ways to Enhance Differential Power Analysis”, In proceedings of ICISC 2002, LNCS 2587, pp. 327-342, Springer-Verlag, 2003. [18] Gabriel Hospodar, Elke De Mulder, Benedikt Gierlichs, Ingrid Verbauwhede and Joos Vandewalle, “Least Squares Support Vector Machines for Side-Channel Analysis”. In Second International Workshop on Constructive SideChannel Analysis and Secure Design(COSAED2011), 2011. [19] E. Brier, C. Clavier and F. Olivier, ”Correlation Power Analysis with a Leakage Model”, In Proceedings of CHES 2004 , LNCS 3156, pp. 16-29, Springer-Verlag, 2004. [20] Liran Lerman, Gianluca Bontempi, and Olivier Markowitch, “Side-channel attack - an approach based on machine learning”. In Second International Workshop on Constructive SideChannel Analysis and Secure Design(COSAED2011), 2011. [21] Antonio Almeida, “A Simple Improvement of Classical Correlation Power Analysis Attack on DES”, DPA contest 2008/2009. [22] Itsik Mantin and Adi Shamir, A Practical Attack on Broadcast RC4. FSE, pp152 – 164, 2001. [23] Martin R. Albrecht, Kenneth G. Paterson, and Gaven J. Watson, Plaintext Recovery Attacks against SSH. IEEE Symposium on Security and Privacy, pp. 16 – 26, 2009 [24] R. Spillman, M. Janssen, B. Nelson, and M. Kepner, “Use of a genetic algorithm in the cryptanalysis of simple substitution ciphers,”Cryptologia, vol. 17, no. 1, pp. 31–44, January 1993. [25] R. A. J. Matthews, “The use of genetic algorithms in the cryptanalysis,” Cryptologia, vol. 17, no. 4, pp. 187–201, April 1993. [26] R. Spillman, “Cryptanalysis of knapsack ciphers using genetic algorithms,”Cryptologia, vol. 17, no. 4, pp. 367–377, October 1993. [27] A. M. B. Albassal and A-M. A. Wahdan, “Genetic algorithm cryptanalysis of a Feistel type block cipher,” in proceedings of IEEE International Conference on Electrical, Electronic and Computer Engineering, ICEEC’04, pp. 217–221, September 2004. [28] Z. Ramzan, “On using neural networks to break cryptosystems,” Technical report, Laboratory of Computer Science, Massachusetts Institute of Technology, Cambridge, MA 02139, December 1998. [29] A. M. B. Albassal and A-M. A. Wahdan, “Neural network based cryptanalysis of a Feistel type block cipher,” in proceedings of IEEE International Conference on Electrical, Electronic and Computer Engineering, ICEEC’04, pp. 231–237, September 2004. [30] Pooja Maheswari “Classification of ciphers”, Department of Computer Science and Engineering, Indian Institute of Technology, Kanpur , 2001 [31] Girish Chandra, The classification of modern ciphers, M. Tech Thesis, Department of Computer Science and Engineering, Indian Institute of Technology, Kanpur, March 2001 [32] A. Dileep and C. Chandra Sekhar. “Identification of Block Ciphers using Support Vector Machines,” International Joint Conference on Neural Networks Vancouver, Canada, pp. 2696-2701, July 16-21, 2006 [33] G. Saxena. “Classification of Ciphers using Machine Learning,” Master’s thesis, Department of Computer Science and Engineering, Indian Institute of Technology, Kanpur, July 2008 [34] Suhaila O. Sharif, L.I. Kuncheva, S.P. Mansoor ,“Classifying Encryption Algorithms Using Pattern Recognition Techniques” IEEE Transactions pp. 1168-1172,2010 [35] R. Manjula and R. Anitha, “Identification of Encryption Algorithm Using Decision Tree,” Advanced Computing Communications in Computer and Information Science 2011 Volume 133, Part 3, 237-246, 2011 [36] Lewis, D. D., “Reuters-21578 Text Categorization Test Collection Distribution”, in AT&T Labs – Research, 1996. [37] L. Fei-Fei, R. Fergus and P. Perona. “Learning generative visual models from few training examples: an incremental Bayesian approach tested on 101 object categories.” IEEE. CVPR 2004, Workshop on Generative-Model Based Vision 2004. [38] M. I. Mandel and D. P. W. Ellis, “A web-based game for collecting music metadata,” Journal of New Music Research, vol. 37, no. 2, pp. 151–165, 2008. [39] R.-E. Fan, K.-W. Chang, C.-J. Hsieh, X.-R. Wang, and C.-J. Lin. LIBLINEAR: A library for large linear classification Journal of Machine Learning Research 9(2008), 1871-1874. [40] C.-C. Chang and C.-J. Lin. LIBSVM: a library for support vector machines. ACM Transactions on Intelligent Systems and Technology, 2:27:1--27:27, 2011. [41] M. Matsumoto, T. Nishimura,. 'Mersenne twister: a 623-dimensionally equidistributed uniform pseudo-random number generator'. ACM Transactions on Modeling and Computer Simulation 8 (1): 3–30 , 1998 [42] Soto J., Randomness testing of the AES candidate algorithms, NIST IR 6390, September 1999.
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/64686	-
dc.description.abstract	本論文旨在探討二件問題------副通道攻擊與分組密碼分析。對於前者，我們提出一種新型的非監督式學習(unsupervised learning)方法用於電力分析，其為副通道攻擊的一種形式。與現有利用監督式學習(supervised learning)框架的不同的是，我們的方法不需要已標記好之電力紀錄與所使用金鑰的資訊以供訓練，但仍然能以高準確率找出金鑰。我們提出一種基於回歸分析的方法用於此處。此外我們進一步利用不同回合之間金鑰的相依關係改進原有之方法。實驗結果表明，該方法可以超越目前最先進的非監督式學習方法。對於後者，我們將焦點置於密碼學中的區分攻擊(distinguishing attacks)，攻擊者可以從加密的訊息中提取足夠的資訊以分類其加密的方法，以便後續理論或實踐上的分析。在本文中，我們報告以最先進的機器學習技術應用的經驗，在一些公共數據集上的密碼區分攻擊。我們嘗試了幾種現有及全新的特徵(feature)在一些數據集(dataset)上，並發現加密時的操作模式(modes of operation)主導分類任務的效能。當採用CBC模式以及對每個明文給予隨機初始向量時，表現極為惡劣，但使用ECB模式時對於某些數據集的性能較佳。我們的實驗得到了與一些現有的文獻不同的結論:在採用較為安全的操作模式如CBC模式下，我們所採用的機器學習方法及特徵並無法在現代加密法所加密的密文中提取任何有用的資訊，因此也無法用於分類加密方法。	zh_TW
dc.description.abstract	This paper aims to two problems – side-channel attack and identification of block ciphers. For the first problem a novel unsupervised learning approach is proposed for the task of Power Analysis – a form of side channel attack in Cryptanalysis. Different from some existing works that exploit supervised learning framework to this problem, our method does not require the labeled pairs which contains {X,Y}={key, power-trace} information for training, though is still capable of deciphering the secret key with high accuracy. A regression-based, unsupervised approach is proposed for this purpose. Later we further propose an enhanced model through exploiting the dependency of key bits between different rounds. Our experiment shows that the proposed method can outperform the state-of-the-art non-learning based decipherment methods. For the second problem we focus on cryptographic distinguishing attacks, in which the attacker is able to extract enough “information” from an encrypted message to distinguish it from a piece of random data, allow for powerful cryptanalysis both in theory and in practice. In this chapter, we report our experience of applying state-of-the-art machine learning techniques to launch cryptographic distinguishing attacks on several public datasets. We try several kinds of existing and new features on these datasets and found the ciphers’ “modes of operation” dominate the performance of classification tasks. When CBC mode is used with random initial vectors for each plaintext, the performance is extremely bad, while the performance for certain datasets is relatively good when ECB mode is used. We conclude that, in contrary to the findings of several existing works, the state-of-the-art machine learning techniques and cannot extract useful information from ciphertexts produced by modern ciphers operating in a reasonably secure mode such as CBC, let alone distinguish them from random data.	en
dc.description.provenance	Made available in DSpace on 2021-06-16T22:57:25Z (GMT). No. of bitstreams: 1 ntu-101-R99922018-1.pdf: 3234575 bytes, checksum: 1509907d631132ffbfb99d5ba1b39973 (MD5) Previous issue date: 2012	en
dc.description.tableofcontents	Acknowledgements i 摘要 ii Abstract iii Table of Contents v List of Figures vii List of Tables viii Chapter 1 Introduction 1 1.1 Motivation 1 1.2 Thesis Overview 1 Chapter 2 An Unsupervised Approach to Side-channel Analysis 3 2.1 Introduction 3 2.2 Related Works 5 2.2.1 Simple Power Analysis 6 2.2.2 Differential Power Analysis 7 2.2.3 Correlation Power Analysis 8 2.2.4 Built-in Determined Sub-key Correlation Power Analysis 8 2.2.5 Machine Learning in Cryptanalysis 8 2.3 Methodology 10 2.3.1 Sub-key Breaker 15 2.3.2 A Dual-round approach to Multi-round Ciphers 16 2.4 Experiments 21 2.4.1 Feature Generation 22 2.4.2 Experiment of Single-round Approach 24 2.4.3 Experiment of Dual-round Approach 26 2.4.3.1 Key Dependency 28 2.4.3.2 Results of Dual-round Approach 29 2.5 Conclusion 30 Chapter 3 Learning Approaches to Analysis of Block Ciphers 31 3.1 Introduction 31 3.2 Related Works 33 3.2.1 Classification of Classical Cipher 33 3.2.2 Classification of Modern Cipher 35 3.3 Experiments 36 3.3.1 Environment and Setup 37 3.3.2 Features 39 3.3.3 Experiment Results 41 3.4 Discussion 44 Chapter 4 Conclusion and Future Work 47 Bibliography 49
dc.language.iso	en
dc.subject	非監督式學習	zh_TW
dc.subject	機器學習	zh_TW
dc.subject	加密演算法偵測	zh_TW
dc.subject	副通道攻擊	zh_TW
dc.subject	電力分析	zh_TW
dc.subject	區別攻擊	zh_TW
dc.subject	Cryptographic Distinguishing Attacks	en
dc.subject	Side Channel Attack	en
dc.subject	Machine Learning	en
dc.subject	Unsupervised Learning	en
dc.subject	Identification of Encryption Algorithm	en
dc.subject	Power Analysis	en
dc.title	以學習為本的方法於分組密碼分析及副通道攻擊	zh_TW
dc.title	Learning-based Approach to Analysis of Block Ciphers and Side-channel Attack	en
dc.type	Thesis
dc.date.schoolyear	100-2
dc.description.degree	碩士
dc.contributor.oralexamcommittee	李育杰(Yuh-Jye Lee),鄭振牟(Chen-Mou Cheng),鮑興國(Hsing-Kuo Pao),林軒田(Hsuan-Tien Lin)
dc.subject.keyword	電力分析,副通道攻擊,機器學習,非監督式學習,加密演算法偵測,區別攻擊,	zh_TW
dc.subject.keyword	Power Analysis,Side Channel Attack,Machine Learning,Unsupervised Learning,Identification of Encryption Algorithm,Cryptographic Distinguishing Attacks,	en
dc.relation.page	55
dc.rights.note	有償授權
dc.date.accepted	2012-08-09
dc.contributor.author-college	電機資訊學院	zh_TW
dc.contributor.author-dept	資訊工程學研究所	zh_TW
顯示於系所單位：	資訊工程學系

文件中的檔案：

檔案	大小	格式
ntu-101-1.pdf 未授權公開取用	3.16 MB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。