Method for computing low-entropy universal high-order masks based on composite field

A calculation method and composite domain technology, applied in the field of masking schemes, can solve problems such as inability to realize high-order masks, large resources, complex algorithms, etc., and achieve the effect of reducing hardware implementation area, cost, and hardware resource occupancy

Inactive Publication Date: 2018-05-04
HARBIN UNIV OF SCI & TECH
View PDF1 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The purpose of the present invention is to solve the disadvantages of existing masking schemes that the orders of masks are all first-order masks, high-order masks cannot be realized, the algorithm is complex, and the resources occupied by the algorithm are large, and provide a method for improving performance and Versatility, reducing its hardware implementation area, simple and flexible implementation of the masking algorithm of the composite domain, and improving the security of the cryptographic chip. The calculation method of the low-entropy general high-order mask based on the composite domain

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for computing low-entropy universal high-order masks based on composite field
  • Method for computing low-entropy universal high-order masks based on composite field
  • Method for computing low-entropy universal high-order masks based on composite field

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0039] A method for calculating a low-entropy general-purpose high-order mask based on a compound domain, the method comprising the following steps:

[0040] (1) Enter the masked value , the mask value

[0041] in: represents the sensitive variable, Indicates the input random mask value;

[0042] (2) Through isomorphic matrix will finite field The input values ​​on map to the finite field superior;

[0043] (3) Will the finite field The inverse operation on transforms into a finite field Addition, multiplication, and inverse operations on

[0044] (4) Obtain The mask protection value of ;

[0045] (5) In finite fields upper pair Perform mask inversion, the inversion result is ;

[0046] (6) Obtain , mask protection value;

[0047] (7) Through the isomorphic inverse matrix , the finite field The inverse result on is mapped back to the finite field, and the finite field is obtained Inverse result .

[0048] will finite field The...

Embodiment 2

[0064] According to the calculation method of the low-entropy general-purpose high-order mask based on the compound domain described in Example 1, the calculation method is applied to AES, and the second-order mask algorithm of AES S-box is given in this paper, with two random masks value, the specific process of the algorithm is as follows: First, apply Algorithm 2, take n=4, in the finite field GF(2 8 ) to select two random mask values, the finite field GF(2 8 ) is the domain GF(2 4 ), the finite field GF(2 8 ) on the input and mask values ​​are mapped to the field GF(2 4 ), use the domain GF(2 4 ) instead of the finite field GF(2 8 ) on the calculation (usually called the finite field algorithm), reducing the complexity of hardware implementation. Follow the steps of Algorithm 2 to execute the intermediate value d.

[0065] Second, the domain GF(2 4 ) to find the inverse of the middle value d, take n=1, and set the field GF(2 4 ) on the input unit is mapped to the f...

Embodiment 3

[0082] AES low-entropy high-order mask hardware implementation process is as follows figure 1 As shown, there are mainly two parts, one is the mask update module, and the other is the mask AES data path. Compared with non-masked AES, the masked AES algorithm data path is more complicated, and it is necessary to ensure that all intermediate values ​​are masked. Therefore, when designing the entire AES algorithm hardware architecture, each module must add a mask, and the mask value of each round is different, so as to ensure the security of the algorithm. figure 1 The meaning of the mask correction module on the right is to update the mask for each round to ensure that the mask value of each round is different. exist figure 1 Where X represents the plaintext, M represents the initial mask value, K represents the key value, Xi and Mi are the intermediate results of the plaintext data and the mask update value, respectively, and Cipher out is the output of the ciphertext.

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method for computing low-entropy universal high-order masks based on a composite field. In the prior composite field mask plans, each mask order is a first-order mask, so thatthe high-order mask is not realized; and in other words, the extensibility of the algorithm is not high. The complexity of the algorithm is high; and relatively larger resources are occupied to realize the algorithm. The algorithm is not flexible; and the plans only designed according to the AES (Advanced Encryption Standard) cannot be applied to other algorithms. The method comprises the steps of: (1) inputting a masked value and a mask value; (2) mapping an inputting value on a finite field; (3) converting an inversion operation on the finite field GF(22n) into addition, multiplication andinversion operations on a finite field that is as shown in the description; and (4) evaluating a mask protective value of d that is as shown in the description. The invention is used for the method for computing low-entropy universal high-order masks based on the composite field.

Description

Technical field: [0001] The invention relates to a masking scheme, in particular to a calculation method of a low-entropy general high-order mask based on a composite domain. Background technique: [0002] Masking schemes are the most effective means of protecting cryptographic chips. The existing masking schemes are mainly divided into three categories in terms of algorithms: look-up table-based, addition-chain-based and compound-field masking algorithms. The masking algorithm based on the lookup table has the advantages of simple implementation principle and fast lookup, but it occupies relatively large storage resources and is not easy to expand to high order. The masking algorithm based on the addition chain has the advantages of high security, but the complexity and implementation cost of the mask are very high. The masking scheme based on the composite domain makes up for the shortcomings of the above two types of schemes with its advantages of relatively low impleme...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/00H04L9/08
CPCH04L9/003H04L9/0861H04L9/0869
Inventor 黄海赵玉迎冯新新厚娇刘红雨
Owner HARBIN UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap