附加通道密碼安全分析方法的研究

Abstract

傳統的密碼分析安全方法都是著重在於將加解密函式視為數學函數， 然後用純數學理論角度來分析， 而近來一種非傳統的密碼安全分析--附加通道密碼安全分析則受到 人們的注意。所謂附加通道指的就是所有不是 加解密函數本身目的卻產生出來的任何結果， 如執行時間、能量損耗、計算錯誤等，都被研究出來可能 會洩露金鑰的資訊。 我們研究了三種附加通道密碼安全分析方法-- 時間差密碼安全分析、錯誤密碼安全分析、能量密碼安全分析。 並且將能量差分密碼安全分析應用到WEP上面。 最後對時間差密碼安全分析做實驗， 證實Kocher所提的攻擊方法的確可行。

In this thesis, we have surveyed three types of Side Channel Cryptanalysis, Timing Analysis, Fault Analysis, and Power Analysis. Besides, we apply the Differential Power Analysis to WEP, and implement the practical Timing Attack method proposed by Kocher. Side Channel Cryptanalysis, unlike the traditional model which analyzes the security of cryptographic primitives as mathematical functions, has drawn people's attention. A Side Channel is a source of information that is inherent from a physical implementation of a cryptographic method; recent reasearch has shown that information coming out from side channels, such as execution time, computational faults, and power consumption, may leak the information of secret keys.