摘要
针对AES算法Cache计时模板攻击时会触发大量的Cache失效,容易被硬件计数器检测出来的问题,基于Flush+Flush攻击模型,提出一种基于欧氏距离的AES算法模板攻击方法,以减少触发Cache失效的次数,使攻击更加隐蔽。使用Flush+Flush攻击模型获取AES算法在内存中映射的位置;利用已知明文攻击不断地触发密码进程,通过该模型建立每一个密钥的模板;利用Flush+Flush攻击模型获取真实情况下的Cache计时信息,通过计算计时信息与每一个密钥模板之间的欧式距离推算密钥。通过实验验证,以OpenSSL库中的AES算法快速实现为攻击对象,攻击模型能准确地获取AES算法密钥,并与Flush+Reload攻击模型相比较,触发的Cache失效次数仅为Flush+Reload攻击模型的17%。
Aiming at the problem that the Flush+Reload attack model will trigger a large number of cache failures when attacking the AES algorithm and is easily detected by the hardware counter,a template attack method of utilizing the Flush+Flush attack model based on Euclidean distance is proposed to reduce the number of cache failures.This model can make the attack more covert.Firstly,it exploits Flush+Flush attack model to obtain mapped location of AES algorithm in memory.Then the template for each key is established by using the known clear-text attack which will trigger password process continuously.Finally,it utilizes the Flush+Flush attack model to obtain the Cache timing information under real conditions and predict the key by calculating the Euclidean distance between the timing information and each key tem-plate.Through experimental verification,with taking the AES algorithm fast implementation in openSSL algorithm library as the object of attack,the attack model can accurately obtain the AES algorithm key.Compared with the Flush+Reload attack model,the number of Cache failures triggered by the Flush+Flush attack model is only 17%of the Flush+Reload attack model.
作者
李志明
唐永中
LI Zhiming;TANG Yongzhong(Center for Information Technology,Hexi University,Zhangye,Gansu 734000,China)
出处
《计算机工程与应用》
CSCD
北大核心
2022年第2期110-115,共6页
Computer Engineering and Applications
基金
甘肃省高等学校科研创新能力提升项目(2020B-206)。
