【作者】 崔晓彤； 张洪欣； 孙绍飞； 董亮； 方兴；

【Author】 CUI Xiao-tong;ZHANG Hong-xin;SUN Shao-fei;Dong Liang;Fang Xing;School of Electronic Engineering,Beijing University of Posts and Telecommunications;School of Communication and Electronic Engineering,Qiqihar University;

【机构】 北京邮电大学电子工程学院； 齐齐哈尔大学通信与电子工程学院；

【摘要】 本文利用硬件密码电子产品在运行时产生的电磁泄露信号,根据汉明距离模型与电磁信息泄露的线性关系,利用算法的可逆性和输出值信息逆向得到中间值信息,通过密钥枚举方法对密钥进行求解,解决了相关能量分析对侧信息利用率较低,一旦密钥恢复失败便无能为力的问题,提高密钥恢复的成功率。结合分而治之思想,对AES的第10轮轮密钥进行逐字节恢复,将各候选字节的相关度值转化为正确密钥的概率,有效降低找到密钥所需的搜索空间。通过实验成功恢复了AES的完整轮密钥,验证了方法的可靠性和有效性。更多还原

【Abstract】 This paper is presented to use the electromagnetic leakage signal generated by the hardware cryptographic electronic product during operation,and according to the linear relationship between the Hamming distance model and the electromagnetic information leakage,the reversibility of the algorithm and the reverse of the output value information are used to obtain the intermediate value information,and the key enumeration method is used to obtain the intermediate value information.The key is solved,which solves the problem of low utilization of information on the opposite side of the relevant energy analysis,and can do nothing once the key recovery fails,and improves the success rate of key recovery.Combining the idea of divide and conquer,the10 th round of AES keys are recovered byte by byte,and the correlation value of each candidate byte is converted into the probability of the correct key,which effectively reduces the search space required to find the key.The complete round key of AES was successfully recovered through experiments,which verified the reliability and effectiveness of the method.更多还原