| Summary: | 碩士 === 國立成功大學 === 電腦與通信工程研究所 === 94 === NIST (National Institute of Standard Technology) selected Rijndael as the new Advanced Encryption Standard (AES) in 2001. Experts in every field try their best to introduce new style of attack to break AES standard. In hardware point of view, when hardware module is executed, it may reveal information indirectly about the cryptographic device due to many kinds of physical phenomena, like length of execution time, power consumption, and electromagnetic dissipations, etc. Using this kind of information to attack cryptographic device is called Side-Channel Attack (SCA). Therefore, even if one cryptographic algorithm is proved secure, it may reveal protected secret as a result of various implementation factors. An attacker can collect power curves dissipated by cryptographic device and analyze them. This kind of attack is called power attack and is proposed by Kocher in 1999. Therefore recently many papers are published to defend power attack. The most common method is to randomize intermediate value of each round, so that 'Mask' is discussed extensively. This kind of method is to conduct random number to what you want to hide. Thereby, attackers are not able to collect and analyze power curves, hence power attack will be useless. In this thesis, we will review power attack, implement Oswald's mask architecture based on the properties of Dual Cipher, and discuss whether it is better than Oswald's masking method. We will also analyze whether Dual AES combines mask may lead better security to defend power attack.
|
|---|
