DC Field | Value | Language |
---|---|---|
dc.contributor.advisor | Yoon, Hyun-Soo | - |
dc.contributor.advisor | 윤현수 | - |
dc.contributor.author | Kim, Tae-Sung | - |
dc.contributor.author | 김태성 | - |
dc.date.accessioned | 2018-05-23T19:38:20Z | - |
dc.date.available | 2018-05-23T19:38:20Z | - |
dc.date.issued | 2017 | - |
dc.identifier.uri | http://library.kaist.ac.kr/search/detail/view.do?bibCtrlNo=675851&flag=dissertation | en_US |
dc.identifier.uri | http://hdl.handle.net/10203/242076 | - |
dc.description | 학위논문(박사) - 한국과학기술원 : 전산학부, 2017.2,[v, 59 p :] | - |
dc.description.abstract | Side channel attack exploits the fact that the implementations of cryptographic algorithms leak information about the secret key. Power analysis attack makes use of power consumption of the target device for leakage information with respect to secret data. Power analysis attack falls into two types: simple power analysis (SPA) and differential power analysis (DPA). In SPA, an attacker observes patterns of power consumption to find secret data or to locate a target operation. DPA attack hypothesizes the intermediate values of all key candidates and recovers the secret key with statistical process to the power consumption. One of the strong points of DPA is that it does not require any detailed information about the implementation to reveal the secret data. Masking is a widely used countermeasure to thwart the powerful DPA attacks. It makes the attacker fail to reveal secret data via randomizing intermediate values which are related to secret data in crypto implementation. A first-order masking which uses only one mask is vulnerable to a second-order DPA which exploits two intermediate values to cancel out the mask using arithmetic operations. To circumvent this second order DPA, a second-order masking is necessary, but it is sometimes hundreds of times slower than a straightforward implementation. This is the main reason this cannot be adopted in practical applications. In this thesis, we propose a new countermeasure scheme to resist power analysis attack. Our scheme randomizes all the intermediate values of a block cipher by encoding primitives of a cryptographic algorithm to lookup tables and makes the transformed implementation resistant to power analysis attack. We apply our scheme to well-known block cipher, HIGHT and AES. Our protected implementation of HIGHT takes only 1.79 times compared to the straightforward implementation, and it needs 25 Kbytes memory space to store lookup tables. | - |
dc.language | eng | - |
dc.publisher | 한국과학기술원 | - |
dc.subject | Cryptography | - |
dc.subject | Symmetric cryptographic algorithm | - |
dc.subject | Side channel attack | - |
dc.subject | Differential power analysis | - |
dc.subject | Side channel attack countermeasure | - |
dc.subject | Table encoding | - |
dc.subject | 암호 | - |
dc.subject | 대칭 암호 알고리즘 | - |
dc.subject | 부채널 공격 | - |
dc.subject | 차분 전력 분석 | - |
dc.subject | 부채널 공격 대응 | - |
dc.subject | 테이블 인코딩 | - |
dc.title | Protecting secret keys with table encoding against power analysis attacks | - |
dc.title.alternative | 부채널 전력 분석 공격에 안전한 테이블 인코딩을 기반으로 하는 비밀키 보호 기법에 관한 연구 | - |
dc.type | Thesis(Ph.D) | - |
dc.identifier.CNRN | 325007 | - |
dc.description.department | 한국과학기술원 :전산학부, | - |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.