A Self-Healing Cryptosystem Design Prevent from Side-Channel Attack

Side-channel attack is a non destructive physical attacks method. In view of existing cryptosystem of Side-channel leakage of safe hidden trouble, this paper presents a kind of self-healing properties with the cryptosystem design method. Firstly, a new masking method is proposed, and it restricts the side channel measurement by inserting some measure-disabled points into the cryptographic algorithm. And then, a masking update technique is applied for making the side-channel leakage invalid. Compared with previous countermeasures, our method has stronger ability of self-healing and it also resists to complex side-channel attack.


Introduction
Cryptosystem security is a widely attention important questions. Normally, the Cryptosystem safety is measured with used by cryptographic algorithm complexity. However, when cryptographic algorithm is used to physical implementation, the algorithm complexity is not the only safety standard, even theoretically safety cryptographic algorithms, also may be due to the physical implementation and become insecure. Recently, the Cryptosystem security threats from a new Cryptosystem analysis, Side-channel attack [1][2] [3]. Different from the traditional password analysis method, Side-channel attack is a use of Cryptosystem operation divulges information, such as the execution time, power consumption and electromagnetic radiation etc, combining statistics theory quickly cracked Cryptosystem of new methods. The attacker just get a small amount of power curve, can in a few minutes fast cracked DES cryptographic algorithm [4]. The latest research results shows that almost all the cryptographic algorithm, hash function of the physical implementation are vulnerable to Side-channel attack [5].
Current Cryptosystem anti Side-channel attack defensive method mainly adopts increase noise signals, reduce information leakage intensity, insert random time-delays and using random mask defense method, these defense of the core idea is to reduce Side-channel leakage information and internal operation of the correlation between, thus make the general Side-channel attack methods are difficult. However, a recent study shows that even if used these defense, the attacker may through advanced signal processing technology, high order attack technology and template attack technology to crack the Cryptosystem [3] [6].
In order to improve the Cryptosystem safety ability resistance to Side-channel attack, this paper presents a new defensive method resistance to Side-channel attack, the basic idea of this method is that makes the attacker can obtain sufficient Side-channel leakage information, thus increasing the complexity of the Side-channel attack, On this basis, using mask updated technology enables attackers have shaken the leakage of information failure, to prevent an attacker to Cryptosystem in future threats. Compared with existing defenses method, this method reduces the Cryptosystem information leakage of system security hidden danger, and has strong "self-healing" ability.
The remainder of this paper is organized as follows. Section 2 introduces Side-channel leakage principle and adopting defensive strategy. Section 3 is the new mask technology principle and design method. Section 4 is masking update technology. Finally, a conclusion is presented in section 5.

Side-channel leakage and defenses
Side-channel leakage model. Side-channel attack is a non destructive physical attacks method. The principle is to use all Side-channel information when Cryptosystem performing operations to crack the Cryptosystem, Side-channel leakage shows as Fig.1: In order to describe the physical equipment of Side-channel leakage and Micali first proposed based on Turing machines abstract model [7], this model including an abstract virtual Turing machines A and a physical Turing machines P , the relationship shows as formula (1).
L is the abstract leak function. The state sets while Turing machines in operation shows as formula (2).
The attacker gets leakage of information corresponding with the matching state.
Side-channel attack using the Cryptosystem in various kinds of information leak when performing operations, combined with statistical analysis method cracked Cryptosystem. Defense technology. For defensive Side-channel attack, usually by the defensive strategy is to reduce leakage information and key of the correlation between. At present the main defensive strategy can be divided into three categories: 1) Reduce leakage intensity of defensive: This kind of method mainly adopts leakage safety electronic devices constructing the Cryptosystem, such as Dynamic Differential Logic Circuit, ensure chip in operation of the process and the leakage information will never be as state changes and displays the differences in natures.
2) Reduce statistical correlation of defensive: Mainly in the Cryptosystem circuit implementation increase noise signals, or insert Random disrupt code (Random Mask).
3) Limit Side-channel signal detection of protection method: In Cryptosystem additional signal monitoring circuit, prevent the attacker to signal detection and monitor.
Existing defensive strategy is mainly use appropriative anti leakage chips or increase security protection circuit to achieve information leakage of defensive, the Cryptosystem overall costs considerably. This paper put forward a new kind of mask technology. By using the existing CMOS device, only need in design on a small amount of improvement can effectively defensive information leakage.

Advanced Engineering Forum Vols. 6-7 201
New mask technology and safety analysis Defense principle. New mask defensive principle is mainly inserts one or more measurement failure point while cryptography algorithm of operation process, making the attacker can not process sampling analysis about Side-channel leakage information at measurement failure point.
To facilitate the presentation, before given measurement failure point definition, firstly state e Micali's the general principle about Side-channel leakage, such as axiom 1 shows [7]: Axiom 1: calculation and only calculation will leak Side-channel information. Axiom 1 gives Side-channel leakage producing situations, on the basis of Axiom 1, given measuring effectiveness points are defined as follows: Define 1: for key related state set 1 2 n R={r , r ,...r } , measuring failure point refers to set R does not exist or not participate in operation in the relevant key state, the state will not disclose any Sidechannel information.
In Cryptosystem operation process, the attacker through analysis the realization of cryptographic algorithm, determine the key related state set: R={Plaintext, Key, Mask1, Mask2} .
The attacker must obtain all four of relevant state sampling information in set R to carry on statistical analysis. Hypothesis mask 1 does not participate in calculation, the state will not leak information, the attacker even obtain the remaining three state of information are also cannot be carried on statistical analysis. Design method. The implementation process of cryptographic algorithms will be divided into two stages: key equipment initialization stage, cryptographic algorithm of operational stage. In the initialization stage, through the fixed mask to the primitive key information protection, avoid secret information leak, in operational stage, adopt insert measure failure point, ensures the attacker can not get all the sampling information of related state, thus preventing statistical attacks.

202
Information Technology for Manufacturing Systems III