一种分组密码S盒抗Glitch攻击的方案

伴随着网络信息时代的飞速发展,各种电子产品应运而生,人们的生活变得越来越智能,越来越便捷,然而在便捷的背后却隐藏着重大的安全隐患。密码芯片是保障信息安全的重要手段之一,所以提高密码芯片的安全性迫在眉睫。以Stefan等人的针对分组密码芯片S盒的Glitch攻击为模型背景,通过加入一组同步寄存器提出基于FPGA的一种针对分组密码S盒抗Glitch攻击的方案,并通过CMOS器件的属性和Altera公司在QuatusⅡ软件中嵌入的Signal Tap功能,从理论和仿真两方面分别验证了该方案不但能够大幅度减少Glitch的个数,还能够减少各级电路产生Glitch的相关性,从而降低了攻击的成功率,提高了分组密码S盒实现的安全性,为后续FPGA密码芯片的防护提供了依据。

A scheme of anti-glitch attacks on S-box in block cipher

With the advance of network information age, various electronic products emerge, making people’s life much intelligent and convenient. However, the great convenience also introduce major potential safety hazard. Crypto chips are one of the important means to guarantee information safety, so it is urgent to promote their safety. Taking the glitch attacks on the block cipher chip S-box proposed by Stefan et al as the model background, based on FPGA, we put forward a glitch attack resistance scheme for block cipher chip S-box by adding synchronization registers. The properties of CMOS devices and the Signal Tap function embedded in the QuatusⅡ software of Altera company demonstrate from the perspectives of theory and simulation that the proposed scheme can remarkably reduce the number of glitches, lower the glitch correlation of circuits of all levels , decrease success rate of attacks, improve the security of block cipher S-box and provide subsequent security protection for FPGA crypto chips.