Side-Channel Attacks and Countermeasures for Identity-Based Cryptographic Algorithm SM9

Side-Channel Attacks and Countermeasures for Identity-Based Cryptographic Algorithm SM9

Identity-based cryptographic algorithm SM9, which has become the main part of the ISO/IEC 14888-3/AMD1 standard in November 2017, employs the identities of users to generate public-private key pairs. Without the support of digital certificate, it has been applied for cloud computing, cyber-physical...

Full description

Bibliographic Details
Main Authors: Qi Zhang, An Wang, Yongchuan Niu, Ning Shang, Rixin Xu, Guoshuang Zhang, Liehuang Zhu
Format: Article
Language:English
Published: Hindawi-Wiley 2018-01-01
Series:Security and Communication Networks
Online Access:http://dx.doi.org/10.1155/2018/9701756
id doaj-fdf963d6973441ef8796cf10c1ecf49e
record_format Article
spelling doaj-fdf963d6973441ef8796cf10c1ecf49e2020-11-25T01:58:50ZengHindawi-WileySecurity and Communication Networks1939-01141939-01222018-01-01201810.1155/2018/97017569701756Side-Channel Attacks and Countermeasures for Identity-Based Cryptographic Algorithm SM9Qi Zhang0An Wang1Yongchuan Niu2Ning Shang3Rixin Xu4Guoshuang Zhang5Liehuang Zhu6School of Computer Science, Beijing Institute of Technology, Beijing 100081, ChinaSchool of Computer Science, Beijing Institute of Technology, Beijing 100081, ChinaData Communication Science and Technology Research Institute, Beijing 100191, ChinaSchool of Computer Science, Beijing Institute of Technology, Beijing 100081, ChinaSchool of Computer Science, Beijing Institute of Technology, Beijing 100081, ChinaScience and Technology on Information Assurance Laboratory, Beijing 100072, ChinaSchool of Computer Science, Beijing Institute of Technology, Beijing 100081, ChinaIdentity-based cryptographic algorithm SM9, which has become the main part of the ISO/IEC 14888-3/AMD1 standard in November 2017, employs the identities of users to generate public-private key pairs. Without the support of digital certificate, it has been applied for cloud computing, cyber-physical system, Internet of Things, and so on. In this paper, the implementation of SM9 algorithm and its Simple Power Attack (SPA) are discussed. Then, we present template attack and fault attack on SPA-resistant SM9. Our experiments have proved that if attackers try the template attack on an 8-bit microcontrol unit, the secret key can be revealed by enabling the device to execute one time. Fault attack even allows the attackers to obtain the 256-bit key of SM9 by performing the algorithm twice and analyzing the two different results. Accordingly, some countermeasures to resist the three kinds of attacks above are given.http://dx.doi.org/10.1155/2018/9701756
collection DOAJ
language English
format Article
sources DOAJ
author Qi Zhang
An Wang
Yongchuan Niu
Ning Shang
Rixin Xu
Guoshuang Zhang
Liehuang Zhu
spellingShingle Qi Zhang
An Wang
Yongchuan Niu
Ning Shang
Rixin Xu
Guoshuang Zhang
Liehuang Zhu
Side-Channel Attacks and Countermeasures for Identity-Based Cryptographic Algorithm SM9
Security and Communication Networks
author_facet Qi Zhang
An Wang
Yongchuan Niu
Ning Shang
Rixin Xu
Guoshuang Zhang
Liehuang Zhu
author_sort Qi Zhang
title Side-Channel Attacks and Countermeasures for Identity-Based Cryptographic Algorithm SM9
title_short Side-Channel Attacks and Countermeasures for Identity-Based Cryptographic Algorithm SM9
title_full Side-Channel Attacks and Countermeasures for Identity-Based Cryptographic Algorithm SM9
title_fullStr Side-Channel Attacks and Countermeasures for Identity-Based Cryptographic Algorithm SM9
title_full_unstemmed Side-Channel Attacks and Countermeasures for Identity-Based Cryptographic Algorithm SM9
title_sort side-channel attacks and countermeasures for identity-based cryptographic algorithm sm9
publisher Hindawi-Wiley
series Security and Communication Networks
issn 1939-0114
1939-0122
publishDate 2018-01-01
description Identity-based cryptographic algorithm SM9, which has become the main part of the ISO/IEC 14888-3/AMD1 standard in November 2017, employs the identities of users to generate public-private key pairs. Without the support of digital certificate, it has been applied for cloud computing, cyber-physical system, Internet of Things, and so on. In this paper, the implementation of SM9 algorithm and its Simple Power Attack (SPA) are discussed. Then, we present template attack and fault attack on SPA-resistant SM9. Our experiments have proved that if attackers try the template attack on an 8-bit microcontrol unit, the secret key can be revealed by enabling the device to execute one time. Fault attack even allows the attackers to obtain the 256-bit key of SM9 by performing the algorithm twice and analyzing the two different results. Accordingly, some countermeasures to resist the three kinds of attacks above are given.
url http://dx.doi.org/10.1155/2018/9701756
work_keys_str_mv AT qizhang sidechannelattacksandcountermeasuresforidentitybasedcryptographicalgorithmsm9
AT anwang sidechannelattacksandcountermeasuresforidentitybasedcryptographicalgorithmsm9
AT yongchuanniu sidechannelattacksandcountermeasuresforidentitybasedcryptographicalgorithmsm9
AT ningshang sidechannelattacksandcountermeasuresforidentitybasedcryptographicalgorithmsm9
AT rixinxu sidechannelattacksandcountermeasuresforidentitybasedcryptographicalgorithmsm9
AT guoshuangzhang sidechannelattacksandcountermeasuresforidentitybasedcryptographicalgorithmsm9
AT liehuangzhu sidechannelattacksandcountermeasuresforidentitybasedcryptographicalgorithmsm9
_version_ 1724967848355299328

Similar Items