+

CN102983964A - method and device for improving digital encryption standard resisting differential power analysis - Google Patents

method and device for improving digital encryption standard resisting differential power analysis Download PDF

Info

Publication number
CN102983964A
CN102983964A CN201210586065XA CN201210586065A CN102983964A CN 102983964 A CN102983964 A CN 102983964A CN 201210586065X A CN201210586065X A CN 201210586065XA CN 201210586065 A CN201210586065 A CN 201210586065A CN 102983964 A CN102983964 A CN 102983964A
Authority
CN
China
Prior art keywords
box
take turns
function
computing
permutation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201210586065XA
Other languages
Chinese (zh)
Inventor
田圆
顾申
高洪福
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Datang Microelectronics Technology Co Ltd
Original Assignee
Datang Microelectronics Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Datang Microelectronics Technology Co Ltd filed Critical Datang Microelectronics Technology Co Ltd
Priority to CN201210586065XA priority Critical patent/CN102983964A/en
Publication of CN102983964A publication Critical patent/CN102983964A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention discloses a method and a device for improving a digital encryption standard resisting differential power analysis. In an S-box function processing step of standard 16-time operation for digital encrypting a 64-bit plaintext, a new S-box function represented by SM-Box is set in the following way. According to the invention, through the adoption of the S-box function transformed by different random numbers, relevance between real key information and a power curve is destroyed and great difficulty is caused in information obtaining of power analysis so as to achieve a purpose of resisting the power analysis. According to the invention, by using a covering technology, the plaintext is pre-covered before encryption operation and the random numbers are covered in each operation, so that attack caused by information leakage is effectively prevented, and the capacity of resisting differential power analysis attack is enhanced.

Description

A kind of digital encryption standard of resisting differential power consumption analysis is improved one's methods and is installed
Technical field
The present invention relates to symmetrical enciphering and deciphering algorithm technical field, the digital encryption standard (Data Encryption Standard, vehicle economy S) that relates in particular to a kind of resisting differential power consumption analysis is improved one's methods and is installed.
Background technology
Along with the development of smart card techniques, the fail safe of intelligent card chip also faces increasing challenge.In numerous cryptographic algorithm, the DES algorithm is the wider symmetrical encryption/decryption algorithm of a kind of application.
Cryptographic system in actual use, its hardware is in operation and unavoidably will reveals some information, such as power consumption, running time, electromagnetic wave etc. utilize above-mentioned information cryptographic system to be attacked the grave danger that becomes the information security chip product.In numerous bypass attack means, simple power consumption analysis (SPA) and differential power consumption analysis (DPA) are widely used, SPA is that the experience according to the feature of power consumption curve and assailant analyzes instruction or the operation of carrying out in the encryption hardware intuitively, often is used to crack instruction and carries out the algorithm relevant with some data.DPA analyzes then can analyze required key message from the small differential signal of power consumption curve, but needs to collect a large amount of information, and gathers many group power consumption curves and every plaintext, ciphertext record that curve is corresponding.DPA has and uses resource considerably less, is easy to the characteristics of carrying out, and very large to the harm of encryption hardware equipment, DPA is more much better than than SPA, and more is difficult to prevention, so encryption system is faced with serious threat.
In order to resist various attack, the technical staff has correspondingly proposed some solutions, the technology of main flow has at present: introduce random number the intermediate operations result in the cryptographic algorithm implementation is carried out randomization, make the intermediate operations result after the power consumption of crypto module depends on randomization, and be independent of actual intermediate operations result, thereby DPA was lost efficacy; Add random noise and cover the power consumption of processing middle data; Use operation and the incoherent specific logical of power consumption unit (as the logical circuit of requiring to report his or her problems within a prescribed time and in a prescribed place, precharge logical circuit etc.), eliminate the correlation between power consumption and the intermediate object program.
The main flow chart of primary standard DES algorithm as shown in Figure 1, the DES algorithm becomes 64 plaintext input block 64 ciphertext IOB, its function is that 64 bit data block step-by-steps of input are reconfigured, and output is divided into L0, R0 two parts, each long 32 of every parts are carried out initial permutation, then through obtaining L16, R16 behind 16 interative computations, this as input, is carried out inverse permutation, namely obtain ciphertext output.Wherein each f function of taking turns the DES algorithm comprises expansion displacement, the XOR with key, the replacement of S box and P box replacement operator, as shown in Figure 2.In 64 the input key the 8th, 16 ..., 64 have comprised 8 odd even effect positions, and compressed transform has been removed odd even effect position, and carries out the position to remaining 56 and change, and effective 56 keys are divided into two parts through behind the compressed transform.From first cycle, one or two of each clock ring shift left latchs afterwards as next round input, and two parts also produce 48 sub-key K1 by compressed transform after merging simultaneously, K2, and K3 ... K16 inputs as the f function.
Original DES implementation is without any defense technique, so that the assailant can align and process the power consumption curve of collecting at an easy rate.
Resist in the scheme numerous, wherein research is to eliminate true key and power consumption correlation by introducing random number in algorithm the most widely.Calendar year 2001, Akkar and Giraud are used for mask technology the protection of DES algorithm for the first time in the document " An Implementation of DES and AES Secure against some Attacks " of Springer Verlag (Springer-Verlag) technical journal, algorithm is by introducing mask random number x, and the structure that changes the S box reaches the purpose of covering True Data.2005, Jiqiang Lv introduces three 32 random number V1, V2 and V3 in the document " Enhanced DES Implementation Secure against High-Order Differential Power Analys is in Smartcards " of ACISP 2005:195-206, and has defined six kinds of different new S box function SM-Box on the basis of original S box function the intermediate object program of algorithm is covered.
In the prior art, the interpolation random noise is covered the method for the power consumption of processing middle data can only defend simple power consumption analysis in actual applications, can reduce noise if the energy consumption of same plaintext measured just then to be averaging, development along with Digital Signal Processing, conventional noise can by technological means filterings such as pattern recognition, adaptive-filtering, wavelet analysises, increase noise and only can increase the sample number that power consumption analysis needs; And the mode that adopts data and the incoherent specific logical of power consumption unit to realize does not also gear to actual circumstances, the logical block that wants to design the power consumption complete equipilibrium is very complicated, and namely allowing to design the logical circuit of perfect power-consumption balance, its area also is that chip is unaffordable; The most feasible method is to introduce random mask in algorithmic procedure, eliminates the correlation of intermediate data and power consumption information, but does not almost have in the present scheme and algorithm can be covered completely.
Summary of the invention
The technical problem to be solved in the present invention provides a kind of digital encryption standard and improves one's methods and install, and solves the problem that can't effectively eliminate true key and power consumption correlation in the prior art.
In order to solve the problems of the technologies described above, the digital encryption standard that the invention provides a kind of resisting differential power consumption analysis is improved one's methods, and comprising:
64 plaintexts are carried out 16 of digital encryption standard takes turns and makes the following new S box function that is represented by SM-Box in the S box function treatment step of computing;
In the 1st, 6,11,12 take turns: SM-Box (A)=S-Box (A) ⊕ P -1(V1)
In the 2nd, 5,10,13 take turns: SM-Box (A)=S-Box (A ⊕ E (V1)) ⊕ P -1(V2)
In the 3rd, 4 take turns: SM-Box (A)=S-Box (A ⊕ E (V2)) ⊕ P -1(V1 ⊕ V2)
In the 7th, 16 take turns: SM-Box (A)=S-Box (A) ⊕ P -1(V3)
In the 8th, 15 take turns: SM-Box (A)=S-Box (A ⊕ E (V3)) ⊕ P -1(V2)
In the 9th, 14 take turns: SM-Box (A)=S-Box (A ⊕ E (V2)) ⊕ P -1(V1 ⊕ V3)
Wherein, S-Box represents to use in the benchmark digital encryption standard algorithm S box function of permutation table, and A represents the input data of new S box function, and V1, V2, V3 are 32 random numbers, and E represents to expand permutation function, P -1The inverse permutation function of expression permutation function P.
Further, said method can also have following characteristics:
Described method also comprises: carry out initial permutation with behind described plaintext and 64 the random number X XORs; Take turns R value and the X1 that in each computing of computing previous round is obtained described 16 0-31⊕ X1 32-63The XOR result as the L value that calculates when front-wheel; Carry out contrary initial permutation the 16th after the value of R being consisted of 64 bit data as front 32 values with L as rear 32 after taking turns computing and finishing, and obtain ciphertext behind the described random number X XOR.
In order to solve the problems of the technologies described above, the invention provides a kind of digital encryption standard modifying device of resisting differential power consumption analysis, described device comprises module and Executive Module is set;
Described parameter arranges module, and being used for three 32 random numbers are set is V1, V2, V3; Arrange 16 and take turns the new S box function that is represented by SM-Box in the S box function treatment step in the computing:
In the 1st, 6,11,12 take turns: SM-Box (A)=S-Box (A) ⊕ P -1(V1)
In the 2nd, 5,10,13 take turns: SM-Box (A)=S-Box (A ⊕ E (V1)) ⊕ P -1(V2)
In the 3rd, 4 take turns: SM-Box (A)=S-Box (A ⊕ E (V2)) ⊕ P -1(V1 ⊕ V2)
In the 7th, 16 take turns: SM-Box (A)=S-Box (A) ⊕ P -1(V3)
In the 8th, 15 take turns: SM-Box (A)=S-Box (A ⊕ E (V3)) ⊕ P -1(V2)
In the 9th, 14 take turns: SM-Box (A)=S-Box (A ⊕ E (V2)) ⊕ P -1(V1 ⊕ V3)
Wherein, S-Box represents to use in the benchmark digital encryption standard algorithm S box function of permutation table, and A represents the input data of new S box function, and E represents to expand permutation function, P -1The inverse permutation function of expression permutation function P;
Described Executive Module is used for 64 plaintexts of input are carried out digital encryption standard, takes turns in the S box function treatment step of computing 16 and uses described new S box function.
Further, said apparatus can also have following characteristics:
Described parameter arranges module, is used for arranging 64 random number X;
Described Executive Module also is used for carrying out initial permutation with behind described plaintext and described 64 the random number X XORs; Take turns R value and the X1 that in each computing of computing previous round is obtained described 16 0-31⊕ X1 32-63The XOR result as the L value that calculates when front-wheel; Carry out contrary initial permutation the 16th after the value of R being consisted of 64 bit data as front 32 values with L as rear 32 after taking turns computing and finishing, and obtain ciphertext behind the described random number X XOR.
The S box function that the present invention transforms in conjunction with different random number has destroyed the correlation between true key information and the power consumption curve, brings great difficulty to reach for the power consumption analysis obtaining information to resist the purpose of power consumption analysis.The present invention is simultaneously in conjunction with concealing technique, to expressly covering in advance, and carries out random number in the computing and covers every the wheel before cryptographic calculation, effectively prevented information leakage and attacked, and improved the ability of its resisting differential power consumption analysis attack.
Description of drawings
Fig. 1 is original DES algorithm flow chart;
Fig. 2 is that each takes turns the step schematic diagram of computing in the former knot DES algorithm;
Fig. 3 is the schematic diagram that the DES among the present invention improves algorithm;
Fig. 4 is the schematic diagram of the first round DES computing after covering in advance among the embodiment and covering;
Fig. 5 is the second schematic diagram of taking turns the DES computing among the embodiment;
Fig. 6 is the schematic diagram of third round DES computing among the embodiment;
Fig. 7 is the 16th schematic diagram of taking turns DES computing and ciphertext recovery among the embodiment.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, hereinafter in connection with accompanying drawing embodiments of the invention are elaborated.Need to prove that in the situation of not conflicting, the embodiment among the application and the feature among the embodiment be combination in any mutually.
The assailant do not have effective defense technique in the original DES implementation, so that can align and process the power consumption curve of collecting at an easy rate.The present invention does not adopt the method for adding randomization noise and power-consumption balance device, because first method has a lot of ways can remove these noises in the attack of reality, namely allow to design the at random good noise source of performance, if the assailant adopts the attack method of emi analysis still can bypass the impact of noise; Second method implements difficulty very, namely allows to design perfect power-consumption balance cell library such as double rail logic, but its area is existing more than 2 times of unit at least, so also do not considered on area.
Through above-mentioned analysis, the present invention proposes a kind of new DES and improve one's methods, as shown in Figure 3, the method comprises: 64 plaintexts are carried out 16 of digital encryption standard take turns and make the following new S box function that is represented by SM-Box in the S box function treatment step of computing;
In the 1st, 6,11,12 take turns: SM-Box (A)=S-Box (A) ⊕ P -1(V1)
In the 2nd, 5,10,13 take turns: SM-Box (A)=S-Box (A ⊕ E (V1)) ⊕ P -1(V2)
In the 3rd, 4 take turns: SM-Box (A)=S-Box (A ⊕ E (V2)) ⊕ P -1(V1 ⊕ V2)
In the 7th, 16 take turns: SM-Box (A)=S-Box (A) ⊕ P -1(V3)
In the 8th, 15 take turns: SM-Box (A)=S-Box (A ⊕ E (V3)) ⊕ P -1(V2)
In the 9th, 14 take turns: SM-Box (A)=S-Box (A ⊕ E (V2)) ⊕ P -1(V1 ⊕ V3)
Wherein, S-Box represents to use in the benchmark digital encryption standard algorithm S box function of permutation table, and A represents the input data of new S box function, and V1, V2, V3 are 32 random numbers, and E represents to expand permutation function, P -1The inverse permutation function of expression permutation function P.
Introduced new S box function among the present invention data are covered, and having introduced three 32 random number V1, V2 and V3, to make each take turns the random number that is used for obfuscated data in the cryptographic calculation different, can improve the ability of resisting power consumption analysis.
Use in the device of this method module and Executive Module are set, it is V1, V2, V3 that parameter arranges that module is used for three 32 random numbers are set, and arranges 16 and take turns the new S box function that is represented by SM-Box in the S box function treatment step in the computing; Executive Module is used for 64 plaintexts of input are carried out digital encryption standard, takes turns in the S box function treatment step of computing 16 and uses described new S box function.
For the better problem of resisting timing attack and power consumption analysis attack of improving, also can introduce one 64 random number X in this method, at the beginning of beginning, computing will expressly with behind 64 random number X XORs carry out initial permutation; Take turns R value and the X1 that in each computing of computing previous round is obtained 16 0-31⊕ X1 32-63The XOR result as the L value that calculates when front-wheel; Carry out contrary initial permutation the 16th after the value of R being consisted of 64 bit data as front 32 values with L as rear 32 after taking turns computing and finishing, and obtain ciphertext behind the random number X XOR.In the device of use the method module is set this 64 random number X also need be set, Executive Module is carried out said method.The below is elaborated to this scheme.
Fig. 4 is the schematic diagram of the first round DES computing after covering in advance and covering.The process of covering in advance comprises: at the beginning of algorithm begins 64 random number X and plaintext M are carried out XOR.Cover in advance finish after, carry out initial permutation (IP), then carry out first round DES computing.Wherein X1 represents X through the value IP (X) of initial permutation, X1 0-31And X1 32-63Represent respectively hang down 32 and high 32 of X1, X2 is X1 32-63Value E (X1 through expansion E conversion 32-63).In the first round DES computing, R 0Be IP(M) 32-63⊕ X 132-63Rear result is EP(IP(M through expansion displacement (EP is called for short E)) 32-63) ⊕ X2, enter new S box behind this result and key K 1 XOR, through after the new S box conversion, through the P conversion, obtain OutSP1 ⊕ P -1(V1 ⊕ X 10-31⊕ X1 32-63), what this result only did to illustrate is used for representing not covering in advance in the situation with new S box replacement Treatment result from the output of P box through random number X with OutSP1.L in this result and the first round DES computing 0Be IP(M) 0-31⊕ X1 0-31XOR obtains the R of first round DES computing 1, wherein the ResTmp1 usefulness of only doing to illustrate represents not to cover in advance the initial data of not covered by random number in the situation with new S box replacement Treatment through random number X.Obtain real ciphertext in order finally to reduce, before each takes turns the computing end, with R 0With X1 0-31⊕ X1 32-63Carry out XOR and obtain L 1
Fig. 5 and Fig. 6 are respectively second and third schematic diagrames of taking turns the DES computing.
Fig. 7 the 16th takes turns the schematic diagram that DES computing and ciphertext are recovered.After taking turns computing through 16, before the encryption and decryption computing finished, the position of exchange height 32 bit data was about to R 15Value as front 32 with L 15Value carry out contrary initial permutation after consisting of 64 bit data as rear 32, and obtain ciphertext behind the random number X XOR.
In this method, take turns computing at each and all make corresponding modification according to top new S box function, and data are covered, cryptographic calculation is from start to finish all carried out under the covering of random number, thereby increase the difficulty of power consumption analysis.
The present invention adopts pre-randomization means when cryptographic calculation begins, just data are carried out randomization, and revise S box function middle result is covered, take turns the different random number of employing in conjunction with each, from start to finish with data with different random number masks, make power consumption information be independent of the intermediate operations result, attack obtaining information for SPA and DPA and bring great difficulty.
As mentioned above, in the middle of the algorithm flow of whole DES, all intermediate variables are all covered by the random number mask, destroyed the correlation between true key information and the power consumption curve, and before cryptographic calculation, just plaintext has been carried out covering in advance, until computing recovers after finishing, effectively prevented information leakage and attacked, improved the ability that its anti-DPA attacks.
Certainly; the present invention also can have other various embodiments; in the situation that does not deviate from spirit of the present invention and essence thereof; those of ordinary skill in the art can make according to the present invention various corresponding changes and distortion, but these corresponding changes and distortion all should belong to the protection range of the appended claim of the present invention.
One of ordinary skill in the art will appreciate that all or part of step in the said method can come the instruction related hardware to finish by program, described program can be stored in the computer-readable recording medium, such as read-only memory, disk or CD etc.Alternatively, all or part of step of above-described embodiment also can realize with one or more integrated circuits.Correspondingly, each the module/unit in above-described embodiment can adopt the form of hardware to realize, also can adopt the form of software function module to realize.The present invention is not restricted to the combination of the hardware and software of any particular form.

Claims (4)

1. the digital encryption standard of a resisting differential power consumption analysis is improved one's methods, it is characterized in that,
64 plaintexts are carried out 16 of digital encryption standard takes turns and makes the following new S box function that is represented by SM-Box in the S box function treatment step of computing;
In the 1st, 6,11,12 take turns: SM-Box (A)=S-Box (A) ⊕ P -1(V1)
In the 2nd, 5,10,13 take turns: SM-Box (A)=S-Box (A ⊕ E (V1)) ⊕ P -1(V2)
In the 3rd, 4 take turns: SM-Box (A)=S-Box (A ⊕ E (V2)) ⊕ P -1(V1 ⊕ V2)
In the 7th, 16 take turns: SM-Box (A)=S-Box (A) ⊕ P -1(V3)
In the 8th, 15 take turns: SM-Box (A)=S-Box (A ⊕ E (V3)) ⊕ P -1(V2)
In the 9th, 14 take turns: SM-Box (A)=S-Box (A ⊕ E (V2)) ⊕ P -1(V1 ⊕ V3)
Wherein, S-Box represents to use in the benchmark digital encryption standard algorithm S box function of permutation table, and A represents the input data of new S box function, and V1, V2, V3 are 32 random numbers, and E represents to expand permutation function, P -1The inverse permutation function of expression permutation function P.
2. the method for claim 1 is characterized in that,
Described method also comprises: carry out initial permutation with behind described plaintext and 64 the random number X XORs; Take turns R value and the X1 that in each computing of computing previous round is obtained described 16 0-31⊕ X1 32-63The XOR result as the L value that calculates when front-wheel; Carry out contrary initial permutation the 16th after the value of R being consisted of 64 bit data as front 32 values with L as rear 32 after taking turns computing and finishing, and obtain ciphertext behind the described random number X XOR.
3. the digital encryption standard modifying device of a resisting differential power consumption analysis is characterized in that,
Described device comprises module and Executive Module is set;
Described parameter arranges module, and being used for three 32 random numbers are set is V1, V2, V3; Arrange 16 and take turns the new S box function that is represented by SM-Box in the S box function treatment step in the computing:
In the 1st, 6,11,12 take turns: SM-Box (A)=S-Box (A) ⊕ P -1(V1)
In the 2nd, 5,10,13 take turns: SM-Box (A)=S-Box (A ⊕ E (V1)) ⊕ P -1(V2)
In the 3rd, 4 take turns: SM-Box (A)=S-Box (A ⊕ E (V2)) ⊕ P -1(V1 ⊕ V2)
In the 7th, 16 take turns: SM-Box (A)=S-Box (A) ⊕ P -1(V3)
In the 8th, 15 take turns: SM-Box (A)=S-Box (A ⊕ E (V3)) ⊕ P -1(V2)
In the 9th, 14 take turns: SM-Box (A)=S-Box (A ⊕ E (V2)) ⊕ P -1(V1 ⊕ V3)
Wherein, S-Box represents to use in the benchmark digital encryption standard algorithm S box function of permutation table, and A represents the input data of new S box function, and E represents to expand permutation function, P -1The inverse permutation function of expression permutation function P;
Described Executive Module is used for 64 plaintexts of input are carried out digital encryption standard, takes turns in the S box function treatment step of computing 16 and uses described new S box function.
4. device as claimed in claim 3 is characterized in that,
Described parameter arranges module, is used for arranging 64 random number X;
Described Executive Module also is used for carrying out initial permutation with behind described plaintext and described 64 the random number X XORs; Take turns R value and the X1 that in each computing of computing previous round is obtained described 16 0-31⊕ X1 32-63The XOR result as the L value that calculates when front-wheel; Carry out contrary initial permutation the 16th after the value of R being consisted of 64 bit data as front 32 values with L as rear 32 after taking turns computing and finishing, and obtain ciphertext behind the described random number X XOR.
CN201210586065XA 2012-12-28 2012-12-28 method and device for improving digital encryption standard resisting differential power analysis Pending CN102983964A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210586065XA CN102983964A (en) 2012-12-28 2012-12-28 method and device for improving digital encryption standard resisting differential power analysis

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210586065XA CN102983964A (en) 2012-12-28 2012-12-28 method and device for improving digital encryption standard resisting differential power analysis

Publications (1)

Publication Number Publication Date
CN102983964A true CN102983964A (en) 2013-03-20

Family

ID=47857728

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210586065XA Pending CN102983964A (en) 2012-12-28 2012-12-28 method and device for improving digital encryption standard resisting differential power analysis

Country Status (1)

Country Link
CN (1) CN102983964A (en)

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103441843A (en) * 2013-07-26 2013-12-11 北京华大信安科技有限公司 Method and device for obtaining private key elements of RSA algorithm
CN103618595A (en) * 2013-09-13 2014-03-05 杭州晟元芯片技术有限公司 Cryptographic algorithm substitution circuit of resisting power consumption analysis
CN104639312A (en) * 2013-11-08 2015-05-20 国家电网公司 Anti-power-attack method and device for DES (Data Encrypt Standard) algorithm
CN104683095A (en) * 2013-11-29 2015-06-03 上海复旦微电子集团股份有限公司 A kind of DES encryption method and device
CN105187364A (en) * 2014-03-19 2015-12-23 恩智浦有限公司 Protecting A White-box Implementation Against Attacks
CN106027222A (en) * 2016-06-30 2016-10-12 中国南方电网有限责任公司电网技术研究中心 Smart card encryption method and device for preventing differential power analysis
CN106487497A (en) * 2015-09-02 2017-03-08 意法半导体(鲁塞)公司 DPA protection to RIJNDAEL algorithm
CN107294700A (en) * 2017-08-22 2017-10-24 兆讯恒达微电子技术(北京)有限公司 Defend bypass attack with logic circuit apparatus and processing method
CN108270545A (en) * 2016-12-30 2018-07-10 广东精点数据科技股份有限公司 A kind of improved DES data encryption algorithm based on mobile Internet
CN108737067A (en) * 2018-04-04 2018-11-02 中国电子科技集团公司第三十研究所 A kind of dividing method based on S boxes
CN109257395A (en) * 2018-12-07 2019-01-22 四川长虹电器股份有限公司 The system for resisting bypass attack
US10243728B2 (en) 2015-09-02 2019-03-26 Stmicroelectronics (Rousset) Sas Verification of the resistance of an electronic circuit to side-channel attacks
CN110417540A (en) * 2019-08-05 2019-11-05 李春旺 A kind of information ciphering method of resisting differential power consumption analysis
CN111464288A (en) * 2019-12-18 2020-07-28 安徽继远软件有限公司 S box generation method and system
CN112543094A (en) * 2020-12-07 2021-03-23 山东华翼微电子技术股份有限公司 DES mask anti-side channel attack realization method based on multiple random numbers
CN112883395A (en) * 2021-02-25 2021-06-01 山东华翼微电子技术股份有限公司 High-performance GFN mask method for enhancing anti-attack capability
CN114465804A (en) * 2022-02-16 2022-05-10 贵州福润德文化产业发展有限公司 Instruction encryption and decryption method capable of resisting replay attack
CN115567215A (en) * 2022-09-15 2023-01-03 武汉大学 Anti-attack and deciphering block chain distributed data storage system and access storage method
CN116866038A (en) * 2023-07-12 2023-10-10 北京兆讯恒达技术有限公司 Dynamic mask encryption method and dynamic mask encryption device

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101197660A (en) * 2006-12-07 2008-06-11 上海安创信息科技有限公司 Encrypting method and chip for anti-attack standard encryption criterion

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101197660A (en) * 2006-12-07 2008-06-11 上海安创信息科技有限公司 Encrypting method and chip for anti-attack standard encryption criterion

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
JIQIANG LV: "Enhanced DES Implementation Secure against High-Order DifferSecure against High-Order Differential Power Analys is in Smartcards", 《ACISP 2005》, 6 July 2005 (2005-07-06), pages 5 *

Cited By (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103441843B (en) * 2013-07-26 2016-09-21 北京华大信安科技有限公司 RSA Algorithm private key element acquisition methods and acquisition device
CN103441843A (en) * 2013-07-26 2013-12-11 北京华大信安科技有限公司 Method and device for obtaining private key elements of RSA algorithm
CN103618595A (en) * 2013-09-13 2014-03-05 杭州晟元芯片技术有限公司 Cryptographic algorithm substitution circuit of resisting power consumption analysis
CN103618595B (en) * 2013-09-13 2017-03-29 杭州晟元数据安全技术股份有限公司 A kind of cryptographic algorithm substitution circuit of resisting power consumption analysis
CN104639312B (en) * 2013-11-08 2017-12-29 国家电网公司 A kind of method and device of the anti-Attacks of DES algorithms
CN104639312A (en) * 2013-11-08 2015-05-20 国家电网公司 Anti-power-attack method and device for DES (Data Encrypt Standard) algorithm
CN104683095B (en) * 2013-11-29 2018-03-06 上海复旦微电子集团股份有限公司 A kind of des encryption method and apparatus
CN104683095A (en) * 2013-11-29 2015-06-03 上海复旦微电子集团股份有限公司 A kind of DES encryption method and device
CN105187364A (en) * 2014-03-19 2015-12-23 恩智浦有限公司 Protecting A White-box Implementation Against Attacks
CN106487497A (en) * 2015-09-02 2017-03-08 意法半导体(鲁塞)公司 DPA protection to RIJNDAEL algorithm
CN106487497B (en) * 2015-09-02 2020-03-10 意法半导体(鲁塞)公司 DPA protection for RIJNDAEL algorithm
US10243728B2 (en) 2015-09-02 2019-03-26 Stmicroelectronics (Rousset) Sas Verification of the resistance of an electronic circuit to side-channel attacks
CN106027222B (en) * 2016-06-30 2022-10-28 南方电网科学研究院有限责任公司 Smart card encryption method and device for preventing differential power analysis
CN106027222A (en) * 2016-06-30 2016-10-12 中国南方电网有限责任公司电网技术研究中心 Smart card encryption method and device for preventing differential power analysis
CN108270545A (en) * 2016-12-30 2018-07-10 广东精点数据科技股份有限公司 A kind of improved DES data encryption algorithm based on mobile Internet
CN107294700B (en) * 2017-08-22 2019-11-08 兆讯恒达微电子技术(北京)有限公司 Defend bypass attack with logic circuit apparatus and processing method
CN107294700A (en) * 2017-08-22 2017-10-24 兆讯恒达微电子技术(北京)有限公司 Defend bypass attack with logic circuit apparatus and processing method
CN108737067A (en) * 2018-04-04 2018-11-02 中国电子科技集团公司第三十研究所 A kind of dividing method based on S boxes
CN109257395A (en) * 2018-12-07 2019-01-22 四川长虹电器股份有限公司 The system for resisting bypass attack
CN109257395B (en) * 2018-12-07 2020-10-23 四川长虹电器股份有限公司 System for defending against side-channel attack
CN110417540A (en) * 2019-08-05 2019-11-05 李春旺 A kind of information ciphering method of resisting differential power consumption analysis
CN111464288B (en) * 2019-12-18 2022-09-30 安徽继远软件有限公司 S box generation method and system
CN111464288A (en) * 2019-12-18 2020-07-28 安徽继远软件有限公司 S box generation method and system
CN112543094A (en) * 2020-12-07 2021-03-23 山东华翼微电子技术股份有限公司 DES mask anti-side channel attack realization method based on multiple random numbers
CN112543094B (en) * 2020-12-07 2022-09-27 山东华翼微电子技术股份有限公司 DES mask anti-side channel attack realization method based on multiple random numbers
CN112883395A (en) * 2021-02-25 2021-06-01 山东华翼微电子技术股份有限公司 High-performance GFN mask method for enhancing anti-attack capability
CN114465804A (en) * 2022-02-16 2022-05-10 贵州福润德文化产业发展有限公司 Instruction encryption and decryption method capable of resisting replay attack
CN114465804B (en) * 2022-02-16 2024-03-26 贵州福润德文化产业发展有限公司 Instruction encryption and decryption method capable of resisting replay attack
CN115567215A (en) * 2022-09-15 2023-01-03 武汉大学 Anti-attack and deciphering block chain distributed data storage system and access storage method
CN115567215B (en) * 2022-09-15 2024-07-19 武汉大学 Block chain distributed data storage system capable of preventing attack and decoding and access storage method
CN116866038A (en) * 2023-07-12 2023-10-10 北京兆讯恒达技术有限公司 Dynamic mask encryption method and dynamic mask encryption device
CN116866038B (en) * 2023-07-12 2024-06-11 北京兆讯恒达技术有限公司 Dynamic mask encryption method and dynamic mask encryption device

Similar Documents

Publication Publication Date Title
CN102983964A (en) method and device for improving digital encryption standard resisting differential power analysis
Moradi et al. A generalized method of differential fault attack against AES cryptosystem
Link et al. Clarifying obfuscation: improving the security of white-box DES
CN102594545B (en) Encryption device
CA2578316C (en) Table splitting for cryptographic processes
CN104734845B (en) Bypass attack means of defence based on full Encryption Algorithm pseudo-operation
CN103986571B (en) A kind of smart card multi-core processor system and its method for defending differential power consumption analysis
CN103647638A (en) DES masking method for resisting side-channel attack
CN101197660A (en) Encrypting method and chip for anti-attack standard encryption criterion
CN104618094B (en) A kind of password Mask method strengthening anti-attack ability
CN105959098A (en) Format-reserved encryption algorithm based on multi-segmented Feistel network
US8619985B2 (en) Table splitting for cryptographic processes
Ding et al. 2D arcsine and sine combined logistic map for image encryption
JP2003513490A (en) Data processing method resistant to data extraction by analyzing unintended side channel signals
CN104301095A (en) DES round operation method and circuit
CN112883395A (en) High-performance GFN mask method for enhancing anti-attack capability
Wang et al. A novel image shift encryption algorithm based on the dynamic Joseph ring problem
CN103444125A (en) Encryption processing device, encryption processing method, and programme
CN106936822B (en) Mask implementation method and system for resisting high-order bypass analysis aiming at SMS4
Wang et al. Efficient private circuits with precomputation
Lin et al. A new Feistel-type white-box encryption scheme
CN118233115B (en) Improved comprehensive protection method based on threshold technology
CN107766725A (en) The data transmission method and system of anti-template attack
Liu et al. A novel color image encryption scheme based on fractional-order chaotic system
Yang et al. LWARX: Lightweight ARX white-box cipher for satellite communications

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20130320

RJ01 Rejection of invention patent application after publication
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载