CN110299991A  The QUAD stream cipher generating means of preventing sidechannel attack  Google Patents
The QUAD stream cipher generating means of preventing sidechannel attack Download PDFInfo
 Publication number
 CN110299991A CN110299991A CN201910448838.XA CN201910448838A CN110299991A CN 110299991 A CN110299991 A CN 110299991A CN 201910448838 A CN201910448838 A CN 201910448838A CN 110299991 A CN110299991 A CN 110299991A
 Authority
 CN
 China
 Prior art keywords
 value
 monomial
 assigned
 subscript
 stream cipher
 Prior art date
 Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
 Pending
Links
 102100014040 FOXD3 Human genes 0.000 claims abstract description 8
 101700018827 FOXD3 Proteins 0.000 claims abstract description 8
 230000000875 corresponding Effects 0.000 claims description 7
 238000010586 diagram Methods 0.000 description 6
 238000000034 method Methods 0.000 description 6
 230000001186 cumulative Effects 0.000 description 3
 241001442055 Vipera berus Species 0.000 description 2
 238000004458 analytical method Methods 0.000 description 2
 238000004422 calculation algorithm Methods 0.000 description 2
 230000000694 effects Effects 0.000 description 2
 230000004048 modification Effects 0.000 description 2
 238000006011 modification reaction Methods 0.000 description 2
 238000004364 calculation method Methods 0.000 description 1
 238000004590 computer program Methods 0.000 description 1
 238000000151 deposition Methods 0.000 description 1
 230000005611 electricity Effects 0.000 description 1
 230000005670 electromagnetic radiation Effects 0.000 description 1
 238000005516 engineering process Methods 0.000 description 1
Classifications

 H—ELECTRICITY
 H04—ELECTRIC COMMUNICATION TECHNIQUE
 H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
 H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
 H04L9/002—Countermeasures against attacks on cryptographic mechanisms

 H—ELECTRICITY
 H04—ELECTRIC COMMUNICATION TECHNIQUE
 H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
 H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
 H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
 H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
 H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or onetime passwords

 H—ELECTRICITY
 H04—ELECTRIC COMMUNICATION TECHNIQUE
 H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
 H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
 H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
 H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
 H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Abstract
This application discloses a kind of QUAD stream cipher generating means of preventing sidechannel attack, including mark controller, monomial generator and multiple registers under random ordering.The lower mark controller of random ordering is used to generate multiple monomial subscript values in such a way that random ordering generates monomial subscript value；Monomial generator is used for the genesis sequence according to monomial subscript value, successively calculates multiple monomials；Each register is respectively used to, and is obtained the multiple monomials for belonging to the same multivariate quadratic equation and is successively added up, generates QUAD stream cipher.The application is by upsetting the computation sequence of each monomial, and it adds up to multiple monomials, generate QUAD stream cipher, the side channel information with same key information for generating the electronic equipment of the QUAD stream cipher generating means with the preventing sidechannel attack appears in different moments, to reduce the correlation of power consumption profile and key information that register storage operates, keep the safety of QUAD stream cipher higher, and then effectively resists sidechannel attack.
Description
Technical field
It generates and fills this application involves the QUAD stream cipher of field of information security technology more particularly to a kind of preventing sidechannel attack
It sets.
Background technique
QUAD is the stream cipher of one group of provable security constructed based on System of multivariate quadratic equations in finite field.Multivariable
Quadratic equation can be expressed as follows:
Q (x)=∑_{1≤i≤j≤n}α_{ij}x_{i}x_{j}+∑_{1≤i≤n}β_{ij}x_{i}+γ
Sidechannel attack (side channel attack abbreviation SCA), also known as bypass attack are a kind of for encryption electricity
The side channel information of time loss, power consumption or the electromagnetic radiation of sub equipment in the process of running etc is revealed and is set to encryption
The standby method attacked.This attack method brings serious threat to encryption device.
The method of tradition reply sidechannel attack, it is usually directly secondary to multiple multivariables according to same sequence in encryption
Each of equation monomial is calculated, then is temporarily stored into register after the calculated result of each monomial is added up, and is generated
QUAD stream cipher, and then resist sidechannel attack.If but attacker is by depositing each multivariate quadratic equation corresponding registers
The power consumption of storage operation is analyzed, and can be obtained key information (information of xj), and then break through cryptographic algorithm.
To solve the above problems, in the prior art, using in encryption directly according to same sequence to multiple multivariables two
Each of equation of n th order n monomial is calculated, then the calculated result of each monomial it is cumulative after be temporarily stored into register to
The mode of QUAD stream cipher is constructed, to resist sidechannel attack.But hair when sidechannel attack is resisted is being carried out using the prior art
Existing, after the monomial number for having selected beginning, the calculating between each multinomial is still fixed and sequence, attacker
By exhaustive initially lower target mode, it is possible to alignment polynomial computation is to obtain key information, and then password is threatened to calculate
The safety of method.
Summary of the invention
The embodiment of the present application technical problem to be solved is that the QUAD stream cipher for providing a kind of preventing sidechannel attack is raw
At device, the higher QUAD stream cipher of safety is generated, to effectively resist sidechannel attack.
To solve the above problems, the embodiment of the present application provides a kind of QUAD stream cipher generating means of preventing sidechannel attack,
Include:
The lower mark controller of random ordering, for extracting the multivariate quadratic equation including r multivariate quadratic equation of n variable
Group, and according to the n variable, the sliding window that size is L is generated, is beated according to the circulation of the sliding window, random ordering is raw
At multiple monomial subscript values (i, j, k) and export；Wherein, 1≤i≤j≤n, 1≤k≤r, L=n or L=n+1, r are even number；
Monomial generator successively obtains institute for the genesis sequence according to each monomial subscript value (i, j, k)
State multiple monomials of System of multivariate quadratic equationsWherein,For plaintext, x_{i}For key, or,For key, x_{i}For
In plain text；
Multiple registers, each register are respectively used to, and acquisition belongs to the more of the same multivariate quadratic equation
A monomialAnd successively add up, generate QUAD stream cipher；Wherein, the multivariate quadratic equation and the register one
One is corresponding.
Further, the outoforder lower mark controller is used to be beated according to the circulation of the sliding window, and random ordering generates more
A monomial subscript value (i, j, k), specifically includes:
Step S11, according to the n variable, the sliding window size L is initialized, is based on the sliding window size,
Each monomial subscript is divided into multiple windows；Wherein, if n is even number, length L=n, each monomial subscript is divided into r × (n+
1)/2 window；If n is odd number, length L=n+1, each monomial subscript is divided into r × n/2 window；
Step S12, the window number of window is preset as w=1, the inner iterative number of window is preset as l=1, at random
Generate initial value L_{s}Afterwards, monomial subscript initial value i=i is generated at random_{s}, j=j_{s}, k=k_{s}, and j is assigned a value of j+L_{s} 1, it executes
Step S13；
Step S13, whether the j after judging assignment is greater than n；If so, thening follow the steps S14；Otherwise, step S17 is executed；
Step S14, i is assigned a value of i+1, whether the i after judging assignment is greater than n；If so, thening follow the steps S15；Otherwise,
Execute step S16；
Step S15, i is assigned a value of i%n, judges whether k is less than r；If so, k is assigned a value of k+1, step S16 is executed；It is no
Then, k is assigned a value of 1, executes step S16；
Step S16, j is assigned a value of j (ni+1), executes step S13；
Step S17, a monomial subscript value is generated, judges whether l is greater than L；If so, the multivariate quadratic equation
Middle monomial subscript value generation finishes；Otherwise, when w is less than window number, w is assigned a value of w+1, after j is assigned a value of j+L, is held
Row step S13；Wherein, 1≤L_{s}≤ L/2,1≤i_{s}≤j_{s}≤ n, 1≤k_{s}≤r。
Further, the outoforder lower mark controller is used to be beated according to the circulation of the sliding window, and random ordering generates more
A monomial subscript value (i, j, k), further includes:
When the w in the step S17 is more than or equal to window number, step S18 is executed；
Step S18, w is assigned a value of 1, l is assigned a value of l+1, whether the l after judging assignment is odd number；If so, executing step
Rapid S19；Otherwise, after j being assigned a value of j+L+L/2, step S13 is executed；
Step S19, judge L_{s}Whether L/2 is less than；If so, j is assigned a value of j+L/2+1, by L_{s}It is assigned a value of L_{s}After+1, hold
Row step S13；Otherwise, j is assigned a value of j+1, by L_{s}After being assigned a value of 1, step S13 is executed.
Further, multiple registers are respectively used to:
According to the genesis sequence of the monomial subscript value (i, j, k), obtains belong to the same quadratic equation in real time
Multiple monomialsAnd successively add up, generate QUAD stream cipher.
Further, each corresponding stream cipher of the multivariate quadratic equation are as follows:
Implement the embodiment of the present application, has the following beneficial effects:
A kind of QUAD stream cipher generating means of preventing sidechannel attack provided by the embodiments of the present application, including outoforder subscript control
Device, monomial generator and multiple registers processed.The lower mark controller of random ordering is used for through the outoforder side for generating monomial subscript value
Formula generates multiple monomial subscript values；Monomial generator is used for the genesis sequence according to monomial subscript value, successively calculates
Multiple monomials；Each register is respectively used to, obtain belong to the same multivariate quadratic equation multiple monomials and according to
It is secondary cumulative, generate QUAD stream cipher.The application carries out multiple monomials tired by upsetting the computation sequence of each monomial
Add, generates QUAD stream cipher, the tool for generating the electronic equipment of the QUAD stream cipher generating means with the preventing sidechannel attack
There is the side channel information of same key information to appear in different moments, thus reduce register storage operation power consumption profile with
The correlation of key information keeps the safety of QUAD stream cipher higher, and then effectively resists sidechannel attack.
Detailed description of the invention
Fig. 1 is that the structure of the QUAD stream cipher generating means for the preventing sidechannel attack that one embodiment of the application provides is shown
It is intended to；
Fig. 2 is the flow diagram that mark controller random ordering generates multiple monomial subscript values under random ordering；
Fig. 3 is another flow diagram that mark controller random ordering generates multiple monomial subscript values under random ordering；
Fig. 4 is the structure of the QUAD stream cipher generating means for the preventing sidechannel attack that the further embodiment of the application provides
Schematic diagram.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present application, technical solutions in the embodiments of the present application carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of embodiments of the present application, instead of all the embodiments.It is based on
Embodiment in the application, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall in the protection scope of this application.
It is the QUAD stream cipher generating means of the preventing sidechannel attack of one embodiment offer of the application referring to Fig. 1
Structural schematic diagram.Include:
The lower mark controller 1 of random ordering, for extracting the multivariate quadratic equation including r multivariate quadratic equation of n variable
Group, and according to n variable, the sliding window that size is L is generated, is beated according to the circulation of sliding window, random ordering generates multiple lists
Item formula subscript value (i, j, k) simultaneously exports.
Wherein, 1≤i≤j≤n, 1≤k≤r, L=n or L=n+1, r are even number.
Preferably, the number of the outoforder monomial subscript value (i, j, k) generated is set as rn (n+1)/2.
In the present embodiment, after outoforder lower mark controller 1 generates each monomial subscript value (i, j, k), according to generation
Subscript value output variable x_{i}、x_{i}And coefficientFor subsequent composition monomial.
Monomial generator 2 successively obtains changeable for the genesis sequence according to each monomial subscript value (i, j, k)
Measure multiple monomials of quadratic equation group
Wherein,For plaintext, x_{i}For key, or,For key, x_{i}For in plain text.
In the present embodiment, the variable x that monomial generator 2 exports mark controller 1 under random ordering_{i}、x_{i}And coefficient
It is exported after multiplication, to obtain monomial
Preferably, the monomial number of System of multivariate quadratic equations is set as r × n (n+1)/2.
Multiple registers 3, each register 3 are respectively used to, and obtain the multiple individual events for belonging to same multivariate quadratic equation
FormulaAnd successively add up, generate QUAD stream cipher.
Wherein, multivariate quadratic equation and register 3 correspond.
In the present embodiment, the corresponding stream cipher of each multivariate quadratic equation are as follows:
Wherein, multivariate quadratic equation generates different monomial subscript initial value (i at random_{s},j_{s},k_{s}), then according to upper
It states formula to be calculated, to obtain the corresponding stream cipher of each multivariate quadratic equation.
It should be noted that calculating the System of multivariate quadratic equations with r equation in finite fieldTo realize to key, encryption of plaintext.Wherein, ifFor in plain text, then x_{i}
For key；IfFor key, then x_{i}For in plain text.In the present embodiment, changeable in each of calculating System of multivariate quadratic equations
When measuring quadratic equation, upset each monomial in each multivariate quadratic equation at randomComputation sequence, make difference
Monomial in multivariate quadratic equationComputation sequence it is different.
When calculating System of multivariate quadratic equations, the lower mark controller 1 of random ordering is outoforder to be generated under r × n (n+1)/2 monomial
The monomial subscript value of multivariate quadratic equation is restarted sequence, makes each multivariate quadratic equation by scale value (i, j, k)
Monomial subscript value sequence it is different.Wherein, r × n (n+1)/2 monomial subscript value (i, j, k) covers multivariable
All monomial subscript values in quadratic equation group.It is generated according to the respective monomial subscript value of System of multivariate quadratic equations suitable
Sequence calculates each monomialIn one monomial of every calculating, which is added in register, cumulative
After complete all monomials, the corresponding stream cipher of the multivariate quadratic equation can be obtained.R side in System of multivariate quadratic equations
The calculated result difference respective stored of journey is into r register.
There is n × (n+1)/2 monomial in each multivariate quadratic equation, after monomial computation sequence is upset, attack
If person wants to obtain key or cleartext information by the power consumption analysis to r register, need to consider n/2 × A (n (n+1)/
2, n (n+1)/2)=n/2 × (n (n+1)/2)！Possibility is planted to be analyzed, to be difficult to realize the attack of opposite side channel.
It should be noted that the QUAD stream cipher generating means of preventing sidechannel attack provided in an embodiment of the present invention are generally answered
In ASIC integrated chip or smart card, ASIC collection is arrived in storage after key is encrypted by the algorithm of multivariate quadratic equation
At in the memory of chip or smart card.Wherein, each monomial computation sequence is all different in each multivariate quadratic equation,
The sequence being added in memory is not also identical, to prevent attacker from obtaining key and carrying out power consumption analysis to memory
Information.
It further, referring to fig. 2, is that the process that mark controller random ordering generates multiple monomial subscript values under random ordering is shown
It is intended to.In the present embodiment, the outoforder multiple monomial subscript values of generation of outoforder lower mark controller 1 specifically include:
Step S11, according to n variable, sliding window size L is initialized, is based on sliding window size, it will be under each monomial
Mark is divided into multiple windows.
Wherein, if n is even number, length L=n, each monomial subscript is divided into r × (n+1)/2 window；If n is odd number,
Then length L=n+1, each monomial subscript are divided into r × n/2 window.
Step S12, the window number of window is preset as w=1, the inner iterative number of window is preset as l=1, at random
Generate initial value L_{s}Afterwards, monomial subscript initial value i=i is generated at random_{s}, j=j_{s}, k=k_{s}, and j is assigned a value of j+L_{s} 1, it executes
Step S13.
Step S13, whether the j after judging assignment is greater than n；If so, thening follow the steps S14；Otherwise, step S17 is executed.
Step S14, i is assigned a value of i+1, whether the i after judging assignment is greater than n；If so, thening follow the steps S15；Otherwise,
Execute step S16.
Step S15, i is assigned a value of i%n, judges whether k is less than r；If so, k is assigned a value of k+1, step S16 is executed；It is no
Then, k is assigned a value of 1, executes step S16.
Step S16, j is assigned a value of j (ni+1), executes step S13.
Step S17, a monomial subscript value is generated, judges whether l is greater than L；If so, the multivariate quadratic equation
Middle monomial subscript value generation finishes；Otherwise, when w is less than window number, w is assigned a value of w+1, after j is assigned a value of j+L, is held
Row step S13.
Wherein, 1≤L_{s}≤ L/2,1≤i_{s}≤j_{s}≤ n, 1≤k_{s}≤r。
It further, is another process that mark controller random ordering generates multiple monomial subscript values under random ordering referring to Fig. 3
Schematic diagram.In the present embodiment, shown in Fig. 2 in addition to step, further includes:
Step S17, when w is more than or equal to window number, step S18 is executed.
Step S18, w is assigned a value of 1, l is assigned a value of l+1, whether the l after judging assignment is odd number；If so, executing step
Rapid S19；Otherwise, after j being assigned a value of j+L+L/2, step S13 is executed.
Step S19, judge L_{s}Whether L/2 is less than；If so, j is assigned a value of j+L/2+1, by L_{s}It is assigned a value of L_{s}After+1, hold
Row step S13；Otherwise, j is assigned a value of j+1, by L_{s}After being assigned a value of 1, step S13 is executed.
Carry out preventing sidechannel attack it should be noted that all monomials in System of multivariate quadratic equations are upset completely
Effect is best.Meanwhile time and storage overhead are calculated in order to reduce, and it avoids expending a large amount of resource, it is each more using only upsetting
Initial calculation in variable quadratic equation sequentially and according to sliding window recycles bounce, makes each multivariate quadratic equation never
Same initial monomial starts to calculate, and circulation bounce later calculates.For example, r Polynomial equations, monomial need to be calculated
Subscript generator 2 generates the initial subscript value of monomial (5,5,1) to random, random to generate initial value L_{s}=2, then from more than first
The a of variable quadratic equation^{2} _{11}x_{1}x_{1}Start all monomials etc. that r multivariate quadratic equation is calculated by step.This antiside letter
The QUAD stream cipher generating means of road attack hide the same operation in different multivariate quadratic equations of key, plaintext
Within the different clock cycle, it can not observe to obtain by the power consumption profile feature of memory, and be simple and efficient, be conducive to
Software and hardware is efficiently realized.
Further, referring to fig. 4, be the application further embodiment provide preventing sidechannel attack QUAD stream cipher
The flow diagram of generating means.
Including mark controller 31 under random ordering, variable of a polynomial register 32, multiplier 33, multiplier 34, adder 35, post
Storage 36 and determining device 37.Wherein, the value stored in variable of a polynomial register 32 can be key, or in plain text.This
The QUAD stream cipher generating means for the preventing sidechannel attack that inventive embodiments provide add for realizing System of multivariate quadratic equations
It is close, wherein System of multivariate quadratic equations has r multivariate quadratic equation.When calculating multivariate quadratic equation, outoforder subscript
Controller 31 generates monomial subscript value i, j and k at random, wherein the initial monomial subscript value generated at random is i_{s}、j_{s}With
k_{s}.The monomial subscript value that variable of a polynomial register 32 is generated according to mark controller 31 under random ordering, output variable x_{i}And x_{j}.Multiply
Musical instruments used in a Buddhist or Taoist mass 33 receives variable x_{i}And x_{j}And it is exported after being multiplied, the value and factor alpha that multiplier 34 exports multiplier 33_{ij}After multiplication
Output obtains monomial, then monomial is added in register 36 by adder 35.Determining device 37 tires out in register 36
Judge whether window interior iteration number is greater than sliding window size after being designated as the monomial of (i, j, k) under having added, if it is not, then sentencing
It is set to 0, storage is into register 36 after the value in register 36 is added up with next monomial；If so, it is determined as 1, it is defeated
Value in register 36, as ciphertext out.
The embodiment of the present application provides a kind of QUAD stream cipher generating means of preventing sidechannel attack, including the control of outoforder subscript
Device, monomial generator and multiple registers.The lower mark controller of random ordering is used in such a way that random ordering generates monomial subscript value
To generate r × n (n+1)/2 monomial subscript value (i, j, k)；Monomial generator be used for according to monomial subscript value (i, j,
K) genesis sequence successively calculates r × n (n+1)/2 monomial a^{k} _{ij}x_{i}x_{j}, make monomial in different multivariate quadratic equations
Computation sequence is different；Each register is respectively used to, and obtains the multiple individual events for belonging to the same multivariate quadratic equation
FormulaAnd successively add up, generate QUAD stream cipher.The application is by upsetting the computation sequence of each monomial, and to multiple
Monomial adds up, and generates QUAD stream cipher, makes the electronics of the QUAD stream cipher generating means with the preventing sidechannel attack
The side channel information with same key information that equipment generates appears in different moments, to reduce register storage operation
Power consumption profile and key information correlation, keep the safety of QUAD stream cipher higher, and then effectively resist sidechannel attack.
The above is the preferred embodiment of the application, it is noted that for those skilled in the art
For, under the premise of not departing from the application principle, several improvements and modifications can also be made, these improvements and modifications are also considered as
The protection scope of the application.
Those of ordinary skill in the art will appreciate that realizing all or part of the process in abovedescribed embodiment method, being can be with
Relevant hardware is instructed to complete by computer program, the program can be stored in a computerreadable storage medium
In, the program is when being executed, it may include such as the process of the embodiment of abovementioned each method.Wherein, the storage medium can be magnetic
Dish, CD, readonly memory (ReadOnly Memory, ROM) or random access memory (Random Access
Memory, RAM) etc..
Claims (5)
1. a kind of QUAD stream cipher generating means of preventing sidechannel attack characterized by comprising
The lower mark controller of random ordering, for extracting the System of multivariate quadratic equations including r multivariate quadratic equation of n variable, and
According to the n variable, the sliding window that size is L is generated, is beated according to the circulation of the sliding window, random ordering generates multiple
Monomial subscript value (i, j, k) simultaneously exports；Wherein, 1≤i≤j≤n, 1≤k≤r, L=n or L=n+1, r are even number；
Monomial generator successively obtains described more for the genesis sequence according to each monomial subscript value (i, j, k)
Multiple monomials of variable quadratic equation groupWherein,For plaintext, x_{i}For key, or,For key, x_{i}For in plain text；
Multiple registers, each register are respectively used to, and obtain the multiple lists for belonging to the same multivariate quadratic equation
Item formulaAnd successively add up, generate QUAD stream cipher；Wherein, the multivariate quadratic equation and the register one are a pair of
It answers.
2. the QUAD stream cipher generating means of preventing sidechannel attack according to claim 1, which is characterized in that the random ordering
Lower mark controller is used to be beated according to the circulation of the sliding window, and random ordering generates multiple monomial subscript values (i, j, k), specifically
Include:
Step S11, according to the n variable, the sliding window size L is initialized, is based on the sliding window size, it will be each
Monomial subscript is divided into multiple windows；Wherein, if n is even number, length L=n, each monomial subscript is divided into r × (n+1)/2
Window；If n is odd number, length L=n+1, each monomial subscript is divided into r × n/2 window；
Step S12, the window number of window is preset as w=1, the inner iterative number of window is preset as l=1, random to generate
Initial value L_{s}Afterwards, monomial subscript initial value i=i is generated at random_{s}, j=j_{s}, k=k_{s}, and j is assigned a value of j+L_{s} 1, execute step
S13；
Step S13, whether the j after judging assignment is greater than n；If so, thening follow the steps S14；Otherwise, step S17 is executed；
Step S14, i is assigned a value of i+1, whether the i after judging assignment is greater than n；If so, thening follow the steps S15；Otherwise, it executes
Step S16；
Step S15, i is assigned a value of i%n, judges whether k is less than r；If so, k is assigned a value of k+1, step S16 is executed；Otherwise,
K is assigned a value of 1, executes step S16；
Step S16, j is assigned a value of j (ni+1), executes step S13；
Step S17, a monomial subscript value is generated, judges whether l is greater than L；If so, single in the multivariate quadratic equation
Item formula subscript value generation finishes；Otherwise, when w is less than window number, w is assigned a value of w+1, after j is assigned a value of j+L, executes step
Rapid S13；Wherein, 1≤L_{s}≤ L/2,1≤i_{s}≤j_{s}≤ n, 1≤k_{s}≤r。
3. the QUAD stream cipher generating means of preventing sidechannel attack according to claim 2, which is characterized in that the random ordering
Lower mark controller is used to be beated according to the circulation of the sliding window, and random ordering generates multiple monomial subscript values (i, j, k), also wraps
It includes:
When the w in the step S17 is more than or equal to window number, step S18 is executed；
Step S18, w is assigned a value of 1, l is assigned a value of l+1, whether the l after judging assignment is odd number；If so, thening follow the steps
S19；Otherwise, after j being assigned a value of j+L+L/2, step S13 is executed；
Step S19, judge L_{s}Whether L/2 is less than；If so, j is assigned a value of j+L/2+1, by L_{s}It is assigned a value of L_{s}After+1, step is executed
Rapid S13；Otherwise, j is assigned a value of j+1, by L_{s}After being assigned a value of 1, step S13 is executed.
4. the QUAD stream cipher generating means of preventing sidechannel attack according to claim 1, which is characterized in that multiple described
Register is respectively used to:
According to the genesis sequence of the monomial subscript value (i, j, k), obtains belong to the multiple of the same quadratic equation in real time
MonomialAnd successively add up, generate QUAD stream cipher.
5. the QUAD stream cipher generating means of preventing sidechannel attack according to claim 1, which is characterized in that each described
The corresponding stream cipher of multivariate quadratic equation are as follows:
Priority Applications (1)
Application Number  Priority Date  Filing Date  Title 

CN201910448838.XA CN110299991A (en)  20190527  20190527  The QUAD stream cipher generating means of preventing sidechannel attack 
Applications Claiming Priority (1)
Application Number  Priority Date  Filing Date  Title 

CN201910448838.XA CN110299991A (en)  20190527  20190527  The QUAD stream cipher generating means of preventing sidechannel attack 
Publications (1)
Publication Number  Publication Date 

CN110299991A true CN110299991A (en)  20191001 
Family
ID=68027324
Family Applications (1)
Application Number  Title  Priority Date  Filing Date 

CN201910448838.XA Pending CN110299991A (en)  20190527  20190527  The QUAD stream cipher generating means of preventing sidechannel attack 
Country Status (1)
Country  Link 

CN (1)  CN110299991A (en) 
Citations (4)
Publication number  Priority date  Publication date  Assignee  Title 

US6862354B1 (en) *  20000929  20050301  Cisco Technology, Inc.  Stream cipher encryption method and apparatus that can efficiently seek to arbitrary locations in a key stream 
US20150082434A1 (en) *  20120307  20150319  The Trustees Of Columbia University In The City Of New York  Systems and methods to counter side channels attacks 
CN105681033A (en) *  20160126  20160615  广东技术师范学院  Outoforder encryption device for multivariable quadratic equation 
US20190042799A1 (en) *  20180629  20190207  Intel Corporation  Memory tagging for sidechannel defense, memory safety, and sandboxing 

2019
 20190527 CN CN201910448838.XA patent/CN110299991A/en active Pending
Patent Citations (4)
Publication number  Priority date  Publication date  Assignee  Title 

US6862354B1 (en) *  20000929  20050301  Cisco Technology, Inc.  Stream cipher encryption method and apparatus that can efficiently seek to arbitrary locations in a key stream 
US20150082434A1 (en) *  20120307  20150319  The Trustees Of Columbia University In The City Of New York  Systems and methods to counter side channels attacks 
CN105681033A (en) *  20160126  20160615  广东技术师范学院  Outoforder encryption device for multivariable quadratic equation 
US20190042799A1 (en) *  20180629  20190207  Intel Corporation  Memory tagging for sidechannel defense, memory safety, and sandboxing 
NonPatent Citations (3)
Title 

J. LONGO: ""SoC it to EM: electromagnetic sidechannel attacks on a complex systemonchip"", 《INTERNATIONAL WORKSHOP ON CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS》 * 
朱霞: ""线程级并行的硬件技术研究"", 《中国博士学位论文全文数据库》 * 
李伟键: ""KLEIN和QUAD的侧信道攻击与防护研究"", 《中国博士学位论文全文数据库》 * 
Similar Documents
Publication  Publication Date  Title 

Ors et al.  Poweranalysis attack on an ASIC AES implementation  
Lerman et al.  A machine learning approach against a masked AES  
Nikova et al.  Threshold implementations against sidechannel attacks and glitches  
EP1873671B1 (en)  A method for protecting IC Cards against power analysis attacks  
Kaliski et al.  Is the Data Encryption Standard a group?(Results of cycling experiments on DES)  
EP1891512B1 (en)  Determination of a modular inverse  
Hanley et al.  Unknown plaintext template attacks  
CN105681033B (en)  A kind of outoforder encryption device of multivariate quadratic equation  
LemkeRust et al.  Analyzing side channel leakage of masked implementations with stochastic methods  
Komano et al.  BSCPA: Builtin determined subkey correlation power analysis  
Duan et al.  Differential power analysis attack and efficient countermeasures on PRESENT  
Kamoun et al.  Experimental Implementation of 2ODPA attacks on AES design with flashbased FPGA Technology  
Tang et al.  Sidechannel attacks in a real scenario  
CN104811295A (en)  Side channel energy analysis method for ZUC cryptographic algorithm with mask protection  
CN110299991A (en)  The QUAD stream cipher generating means of preventing sidechannel attack  
CN104717060A (en)  Method for attacking elliptical curve encryption algorithm and attacking device  
CN105743644B (en)  A kind of mask encryption device of multivariate quadratic equation  
CN110299990A (en)  In conjunction with outoforder and mask QUAD stream cipher generating means  
Zhang  On the exact relationship between the success rate of template attack and different parameters  
CN105610571B (en)  A kind of Encryption of multivariate quadratic equation  
CN110299992A (en)  The Encryption and device of multivariate quadratic equation based on sliding window  
CN110299986A (en)  Multivariate quadratic equation encryption method and device based on RSA random ordering  
CN108737073A (en)  The method and apparatus that power analysis is resisted in block encryption operation  
CN105721150B (en)  A kind of mask encryption method of multivariate quadratic equation  
Zhang et al.  Template attack vs. stochastic model: An empirical study on the performances of profiling attacks in real scenarios 
Legal Events
Date  Code  Title  Description 

PB01  Publication  
PB01  Publication  
SE01  Entry into force of request for substantive examination  
SE01  Entry into force of request for substantive examination 