Public-key cryptography, such as RSA and DSA, adopt sliding window method for modular exponentiation, from which side-channel information can be leaked while accessing Cache during execution, thus private key can be decrypted. Exponent analysis algorithm is the key point to improve the efficiency of the attack. By analyzing the shortcoming of previous work, this paper farther analyzed the relationship between Cache-access trace and precomputed multipliers and proposed an improved exponent analysis algorithm based on window-value identifying. Experiments were made to prove the efficiency the improved algorithm and results showed that the improved algorithm was able to recover 60% exponential bits, which is better than the previous result 47%. In the end, the application of the improved algorithm was showed on RSA and DSA.%RSA、DSA等公钥密码大都基于“滑动窗口”算法实现模幂运算,其运算过程中进行的Cache访问会产生旁路信息泄漏并用于密钥破解,基于Cache访问泄漏的幂指数分析算法是提高攻击效率的关键.通过分析现有攻击的不足,进一步分析了预计算乘法因子到Cache的映射规律,提出了一种基于窗口值判定的幂指数分析改进算法;以基本模幂运算为例,通过实际攻击实验验证改进算法的效率,结果表明改进算法可恢复出60%的幂指数位,优于前人最好工作的47%;最后以RSA和DSA为例,给出了改进算法对密钥分析的影响.
展开▼
