Research On Design And Evaluation Of Block Cipher With CPA-Resistance Capability

Correlation Power Analysis(CPA)and Differential Power Analysis(DPA)are the most accessible and practical threats among the known Side Channel Analysis(SCA)methods.However,most of the current countermeasures are designed to resist DPA,rather than CPA.In view of implement security and design security of block ciphers,the evaluation method of block cipher’s CPA-resistance Capability is studied in this paper.On this basis,a more systematic CPA-resistance design method is proposed,not only to provide the basis for the implementation design of the block cipher,but also provide the theory guidance for cryptographic components design.This paper mainly completed the following work:Two key properties of Pearson correlation coefficient under the CPA condition are deduced and proved.Meanwhile,the simulation power consumption and the measured power consumption verification environment are respectively constructed to verify the two key properties.Firstly,the limit value of the correlation coefficient corresponding to the correct key is discussed.Based on this property,the concept of the overall correlation coefficient is put forward,and the CPA-resistance capability weakness of current implementation method is explained.Secondly,the concept of confusion coefficient matrix is proposed base on discuss of the CPA-Resistance influence caused by different cryptographic components.The proof of the above two key properties is the foundation for the CPA-resistance design of implementation method and cryptographic components in the following content.Based on the overall correlation coefficient,an evaluation parameter of power randomization degree,namely randomization factor,is proposed to realize implement security.The structure of Random Interleave(RMI)and Inverse Interleave(IEI)are proposed by analyzing the quantitative relationship between the randomization factor and the sample size.And then,the CPA-resistance Capability of the two is deduced and verified.Further,Based on the analysis of advantages and disadvantages of the two timing structures corresponding to the circuit,two kinds of typical protective circuits based on RMI and RMI-IEI are designed respectively.Taking the AES-128 algorithm as an example,The results show that the two kinds of protective circuits’energy efficiency achieve 296.369Kbps/um~2,303.691Kbps/um~2 respectively,which is higher than the unprotected circuit(288.327Kbps/um~2),with good feasibility.An evaluation parameter for the CPA-resistance capability of the Sbox is proposed,on the foundation of confusion coefficient matrix.Meanwhile,an automatic search generation of the CPA-resistant Sbox is studied,in view of the specific attack model.Firstly,both considering the resistance of CPA,linear analysis and differential analysis and no fixed point security requirements,the rule of CPA-resistant Sbox is proposed.On this basis,the Sbox generation problem is translated into three objective minimum optimization problem.Then,based on the NSGA-II algorithm,the key steps of crossover and mutation were redesigned,and corresponding congestion calculation method and fixed point elimination strategy are put forward to realize the automatic generation of CPA-resistant Sbox.Finally,CPA-resistance capability of the generated Sbox is analyzed and summarized.The results shows that the generated Sboxs have good CPA-resistance capability with a guarantee of traditional cryptography nature.