Side-Channel Attacks and Countermeasures for Identity-Based Cryptographic Algorithm SM9

Qi Zhang; An Wang; Yongchuan Niu; Ning Shang; Rixin Xu; Guoshuang Zhang; Liehuang Zhu

doi:10.1155/2018/9701756

Side-Channel Attacks and Countermeasures for Identity-Based Cryptographic Algorithm SM9

Qi Zhang, An Wang^*, Yongchuan Niu, Ning Shang, Rixin Xu, Guoshuang Zhang, Liehuang Zhu

^*Corresponding author for this work

School of Cyberspace Science and Technology

Research output: Contribution to journal › Article › peer-review

10 Citations (Scopus)

Abstract

Identity-based cryptographic algorithm SM9, which has become the main part of the ISO/IEC 14888-3/AMD1 standard in November 2017, employs the identities of users to generate public-private key pairs. Without the support of digital certificate, it has been applied for cloud computing, cyber-physical system, Internet of Things, and so on. In this paper, the implementation of SM9 algorithm and its Simple Power Attack (SPA) are discussed. Then, we present template attack and fault attack on SPA-resistant SM9. Our experiments have proved that if attackers try the template attack on an 8-bit microcontrol unit, the secret key can be revealed by enabling the device to execute one time. Fault attack even allows the attackers to obtain the 256-bit key of SM9 by performing the algorithm twice and analyzing the two different results. Accordingly, some countermeasures to resist the three kinds of attacks above are given.

Original language	English
Article number	9701756
Journal	Security and Communication Networks
Volume	2018
DOIs	https://doi.org/10.1155/2018/9701756
Publication status	Published - 2018

Access to Document

10.1155/2018/9701756

Cite this

@article{c125b9b353fd4aaa97e4cb6c9d22257c,

title = "Side-Channel Attacks and Countermeasures for Identity-Based Cryptographic Algorithm SM9",

abstract = "Identity-based cryptographic algorithm SM9, which has become the main part of the ISO/IEC 14888-3/AMD1 standard in November 2017, employs the identities of users to generate public-private key pairs. Without the support of digital certificate, it has been applied for cloud computing, cyber-physical system, Internet of Things, and so on. In this paper, the implementation of SM9 algorithm and its Simple Power Attack (SPA) are discussed. Then, we present template attack and fault attack on SPA-resistant SM9. Our experiments have proved that if attackers try the template attack on an 8-bit microcontrol unit, the secret key can be revealed by enabling the device to execute one time. Fault attack even allows the attackers to obtain the 256-bit key of SM9 by performing the algorithm twice and analyzing the two different results. Accordingly, some countermeasures to resist the three kinds of attacks above are given.",

author = "Qi Zhang and An Wang and Yongchuan Niu and Ning Shang and Rixin Xu and Guoshuang Zhang and Liehuang Zhu",

note = "Publisher Copyright: {\textcopyright} 2018 Qi Zhang et al.",

year = "2018",

doi = "10.1155/2018/9701756",

language = "English",

volume = "2018",

journal = "Security and Communication Networks",

issn = "1939-0114",

publisher = "Hindawi Limited",

}

TY - JOUR

T1 - Side-Channel Attacks and Countermeasures for Identity-Based Cryptographic Algorithm SM9

AU - Zhang, Qi

AU - Wang, An

AU - Niu, Yongchuan

AU - Shang, Ning

AU - Xu, Rixin

AU - Zhang, Guoshuang

AU - Zhu, Liehuang

PY - 2018

Y1 - 2018

N2 - Identity-based cryptographic algorithm SM9, which has become the main part of the ISO/IEC 14888-3/AMD1 standard in November 2017, employs the identities of users to generate public-private key pairs. Without the support of digital certificate, it has been applied for cloud computing, cyber-physical system, Internet of Things, and so on. In this paper, the implementation of SM9 algorithm and its Simple Power Attack (SPA) are discussed. Then, we present template attack and fault attack on SPA-resistant SM9. Our experiments have proved that if attackers try the template attack on an 8-bit microcontrol unit, the secret key can be revealed by enabling the device to execute one time. Fault attack even allows the attackers to obtain the 256-bit key of SM9 by performing the algorithm twice and analyzing the two different results. Accordingly, some countermeasures to resist the three kinds of attacks above are given.

AB - Identity-based cryptographic algorithm SM9, which has become the main part of the ISO/IEC 14888-3/AMD1 standard in November 2017, employs the identities of users to generate public-private key pairs. Without the support of digital certificate, it has been applied for cloud computing, cyber-physical system, Internet of Things, and so on. In this paper, the implementation of SM9 algorithm and its Simple Power Attack (SPA) are discussed. Then, we present template attack and fault attack on SPA-resistant SM9. Our experiments have proved that if attackers try the template attack on an 8-bit microcontrol unit, the secret key can be revealed by enabling the device to execute one time. Fault attack even allows the attackers to obtain the 256-bit key of SM9 by performing the algorithm twice and analyzing the two different results. Accordingly, some countermeasures to resist the three kinds of attacks above are given.

UR - http://www.scopus.com/inward/record.url?scp=85045761817&partnerID=8YFLogxK

U2 - 10.1155/2018/9701756

DO - 10.1155/2018/9701756

M3 - Article

AN - SCOPUS:85045761817

SN - 1939-0114

VL - 2018

JO - Security and Communication Networks

JF - Security and Communication Networks

M1 - 9701756

ER -

Side-Channel Attacks and Countermeasures for Identity-Based Cryptographic Algorithm SM9

Abstract

Access to Document

Other files and links

Fingerprint

Cite this