Intermediate-meeting differential error injection attack automatic search method and device
By employing an automated search method that traverses both fault injection rounds and intermediate encounter rounds, an automated search model is constructed. This solves the problem of low evaluation efficiency for intermediate encounter differential fault injection attacks, and provides a basis for efficient and accurate security evaluation and protection design of SPN structure block cipher algorithms.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- TSINGHUA UNIVERSITY
- Filing Date
- 2026-04-23
- Publication Date
- 2026-07-10
AI Technical Summary
In existing technologies, the evaluation efficiency of intermediate encounter differential error injection attacks is low and the results are inaccurate, making it difficult to find the optimal attack route. This results in a lack of precise basis for the protection design of block cipher algorithms, and there is a risk of over-protection or under-protection.
This paper presents an automated search method for intermediate encounter differential error injection attacks. By traversing the fault injection rounds and intermediate encounter rounds, an automated search model is constructed. Differential activity variables and additional binary variables are introduced. The optimization objective is to minimize the key subset and constrain the time complexity to find the optimal key recovery route.
It achieves efficient and accurate search for intermediate encounter differential error injection attack paths, significantly improving the security assessment efficiency and reliability of SPN structure block cipher algorithms, and providing quantifiable key round protection basis for hardware protection design.
Smart Images

Figure CN122372294A_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of cryptographic security technology, and in particular to an automated search method and apparatus for intermediate encounter differential error injection attacks. Background Technology
[0002] Block ciphers, as a branch of cryptography, are widely used due to their advantage of fast encryption and decryption. Error injection attacks on block cipher algorithms are a type of active side-channel attack. They influence the encryption process of cryptographic hardware through methods such as voltage transformation, electromagnetic radiation, and laser irradiation, causing it to produce the erroneous output desired by the attacker. Attacks that recover the key by exploiting the difference between the correct and erroneous outputs are called differential error injection attacks. This is one of the mainstream key recovery methods among error injection attacks, and typically, the goal of error injection attacks is to recover the key within practical time complexity.
[0003] In 2011, Derbez et al. first proposed a differential error injection attack scheme based on the meet-in-the-middle method for block ciphers, called the meet-in-the-middle differential error injection attack. This attack uses the linear relationship between the difference values generated by the correct and incorrect states during error injection in a given encryption state to filter the key, thereby efficiently recovering the key. The scheme was used to improve the differential error injection attack on AES proposed by Piret and Quisquater in 2003. When applied to the AES-128 algorithm, the meet-in-the-middle differential error injection attack can affect the algorithm for up to four rounds.
[0004] While mature automated tools exist for searching differential features or pure meet-in-the-middle paths, MITM-DFA (Meet-In-The-Middle Differential Fault Attack) involves a coupled mechanism of differential propagation, bidirectional key splitting, and intermediate round matching, which cannot be directly modeled using existing methods. Currently, security assessments of MITM-DFA in block ciphers still rely on manual analysis, which is not only inefficient but also makes it difficult to discover optimal attack routes. This results in a lack of precise basis for protection design (such as the number of rounds to be protected), leading to the risk of over-protection or under-protection.
[0005] Therefore, there is an urgent need for a technical solution that can automatically, accurately, and efficiently search for the optimal key recovery route of MITM-DFA, in order to support the scientific evaluation and targeted reinforcement of the fault resistance of SPN (Substitution-Permutation Network) block cipher algorithms. Summary of the Invention
[0006] This invention provides an automated search method and apparatus for encounter-in-the-middle differential error injection attacks, which overcomes the shortcomings of existing methods for evaluating encounter-in-the-middle differential error injection attacks, which are inefficient and inaccurate. This method efficiently obtains the key recovery route for encounter-in-the-middle differential error injection attacks and ensures that the key recovery time complexity is a practically feasible attack time. It provides strong support for accurately evaluating the strength of SPN block cipher algorithms against encounter-in-the-middle differential error injection attacks and the number of rounds required to add protective measures.
[0007] On one hand, this invention provides an automated search method for intermediate encounter differential error injection attacks, comprising: traversing fault injection rounds and intermediate encounter rounds, wherein the fault injection round is earlier than the intermediate encounter round, and the intermediate encounter round is not the last round; constructing an automated search model based on the fault injection round and the intermediate encounter round; wherein the automated search model introduces a differential activity variable and an additional binary variable, wherein the differential activity variable represents the differential propagation state from the fault injection round to the round before the intermediate encounter round, and the additional binary variable represents whether the state value from the intermediate encounter round to the last round can be determined by a first key subset or a second key subset; taking minimizing the smaller of the first key subset and the second key subset as the optimization objective, and constraining the time complexity corresponding to the smaller one to not exceed a preset upper limit threshold, solving the automated search model, and outputting the optimal key recovery route.
[0008] Furthermore, when traversing the fault injection rounds and the intermediate encounter rounds, it is limited that only one state unit in the fault injection round has an active differential.
[0009] Furthermore, the construction of the automated search model based on the fault injection round and the intermediate encounter round includes: for the nonlinear substitution layer in the target block cipher algorithm SPN structure, setting a constraint that the input state unit and the output state unit have the same differential activity; for the XOR operation in the linear diffusion layer in the SPN structure, setting a constraint that the differential activity of the output state unit is equal to the logical OR of the differential activities of all its input state units; and based on the established constraints, recursively generating a complete differential propagation path from the fault injection round to the round before the intermediate encounter round.
[0010] Furthermore, the construction of the automated search model based on the fault injection rounds and the intermediate encounter rounds includes: simulating the differential states formed by the propagation of the single-point fault location to the intermediate encounter rounds through a nonlinear replacement layer and a linear diffusion layer, based on the single-point fault location in the fault injection rounds; identifying state unit pairs affected by the fault in the intermediate encounter rounds based on the differential states, wherein the differential values of the state unit pairs satisfy a fixed set of linear relationships determined by the linear diffusion structure of the algorithm; using all differential value pairs satisfying the fixed set of linear relationships as a set of truth points, constructing a convex hull representation of the set of truth points through a set of inequalities, and embedding the convex hull representation as a feasible region constraint into the automated search model.
[0011] Furthermore, the construction of the automated search model based on the fault injection rounds and the intermediate encounter rounds includes: parsing the key scheduling algorithm of the target block cipher algorithm, identifying the round key bits participating in the intermediate encounter rounds to the last round of computation; dividing the round key bits into a first key subset and a second key subset that are mutually exclusive; and introducing two additional binary variables, which are used to indicate whether the state unit can be determined by reverse derivation through the first key subset or the second key subset.
[0012] Furthermore, the automated search model is at least one of a mixed-integer linear programming model, a Boolean satisfiability model, and a constrained programming model.
[0013] Secondly, the present invention also provides an automated search device for intermediate encounter differential error injection attacks, comprising: a round combination traversal module for traversing fault injection rounds and intermediate encounter rounds, wherein the fault injection round is earlier than the intermediate encounter round, and the intermediate encounter round is not the last round; an automated search model construction module for constructing an automated search model based on the fault injection round and the intermediate encounter round; wherein the automated search model introduces a differential activity variable and an additional binary variable, wherein the differential activity variable represents the differential propagation state from the fault injection round to the round preceding the intermediate encounter round, and the additional binary variable represents whether the state value from the intermediate encounter round to the last round can be determined by a first key subset or a second key subset; and an automated search model solving module for solving the automated search model with the optimization objective of minimizing the smaller of the first key subset and the second key subset, and constraining the time complexity corresponding to the smaller one to not exceed a preset upper limit threshold, and outputting the optimal key recovery route.
[0014] Thirdly, the present invention also provides an electronic device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor executes the computer program to implement the automated search method for intermediate encounter differential error injection attacks as described above.
[0015] Fourthly, the present invention also provides a non-transitory computer-readable storage medium having a computer program stored thereon, which, when executed by a processor, implements the automated search method for intermediate encounter differential error injection attacks as described above.
[0016] Fifthly, the present invention also provides a computer program product, including a computer program that, when executed by a processor, implements the automated search method for intermediate encounter differential error injection attacks as described above.
[0017] This invention provides an automated search method for intermediate encounter differential error injection attacks. It iterates through fault injection rounds and intermediate encounter rounds (where the fault injection round precedes the intermediate encounter round, and the intermediate encounter round is not the last round). An automated search model is constructed based on these rounds. This model introduces a differential activity variable and an additional binary variable. The differential activity variable represents the differential propagation state from the fault injection round to the round preceding the intermediate encounter round, while the additional binary variable indicates whether the state value from the intermediate encounter round to the last round can be determined by either a first key subset or a second key subset. The optimization objective is to minimize the smaller of the first and second key subsets, while constraining the time complexity corresponding to the smaller subset to not exceed a preset upper limit threshold. The automated search model is then solved, outputting the optimal key recovery route. This method, through automated modeling and optimization, achieves efficient and accurate searching for intermediate encounter differential error injection attack paths, significantly improving the efficiency and reliability of security assessment for SPN structure block cipher algorithms and providing quantifiable key round protection basis for hardware protection design. Attached Figure Description
[0018] To more clearly illustrate the technical solutions in this invention or the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are some embodiments of this invention. For those skilled in the art, other drawings can be obtained from these drawings without creative effort.
[0019] Figure 1 This is a flowchart illustrating the automated search method for intermediate encounter differential error injection attacks provided in this embodiment of the invention.
[0020] Figure 2This is a schematic diagram of the construction process of the automated search model provided in the embodiments of the present invention.
[0021] Figure 3 This is a schematic diagram illustrating the principle of the automated search method for intermediate encounter differential error injection attacks provided in this embodiment of the invention.
[0022] Figure 4 This is a flowchart illustrating the solution process of the automated search model provided in this embodiment of the invention.
[0023] Figure 5 The R provided in the embodiments of the present invention s Flowchart for solving the automated search model when a wheel injection failure occurs.
[0024] Figure 6 A schematic diagram of the structure of the automated search device for intermediate encounter differential error injection attacks provided in an embodiment of the present invention is shown.
[0025] Figure 7 This is a schematic diagram of the physical structure of the electronic device provided in the embodiment of the present invention. Detailed Implementation
[0026] To make the objectives, technical solutions, and advantages of this invention clearer, the technical solutions of this invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some, not all, of the embodiments of this invention. All other embodiments obtained by those skilled in the art based on the embodiments of this invention without creative effort are within the scope of protection of this invention.
[0027] It should be noted that while automated techniques for searching differential features and intermediate encounter paths are relatively mature in the current technology, the search for intermediate encounter differential error injection attacks is not a direct application of these two. Intermediate encounter differential error injection attacks typically affect a greater number of rounds of the algorithm, rendering rounds of protection for algorithms evaluated through other methods insecure. However, current evaluation of the number of rounds for differential error injection in block cipher algorithms is done manually and does not incorporate key recovery methods for intermediate encounters. This makes traditional differential error injection evaluation inefficient and unable to achieve optimal analysis results.
[0028] In view of this, the present invention proposes an automated search method for intermediate encounter differential error injection attacks, specifically, Figure 1 The diagram illustrates the flowchart of the automated search method for intermediate encounter differential error injection attacks provided in this embodiment of the invention.
[0029] like Figure 1As shown, the method includes: S110, traversing the fault injection rounds and intermediate encounter rounds, wherein the fault injection rounds are earlier than the intermediate encounter rounds, and the intermediate encounter rounds are not the last round; S120, constructing an automated search model based on the fault injection rounds and the intermediate encounter rounds; wherein the automated search model introduces differential activity variables and additional binary variables, wherein the differential activity variables represent the differential propagation state from the fault injection round to the round before the intermediate encounter round, and the additional binary variables represent whether the state value from the intermediate encounter round to the last round can be determined by a first key subset or a second key subset; S130, with minimizing the smaller of the first key subset and the second key subset as the optimization objective, and constraining the time complexity corresponding to the smaller one to not exceed a preset upper limit threshold, solving the automated search model, and outputting the optimal key recovery route.
[0030] It should be noted that the automated search method for intermediate encounter differential error injection attacks provided in this embodiment of the invention is applicable to various block cipher algorithms with SPN (Substitution-Permutation Network) structures. Such algorithms typically consist of multiple rounds of iteration, each round containing a nonlinear substitution layer (such as an S-box) and a linear diffusion layer (such as XOR, shift, matrix multiplication, etc.), and generating round keys for each round through a key scheduling algorithm.
[0031] Among them, the block cipher algorithms that can be used include, but are not limited to, the Advanced Encryption Standard AES-128, the Chinese Commercial Cryptography Standard SM4, the Lightweight Cipher PRESENT, GIFT, or ASCON, etc., without specific limitations.
[0032] In one specific embodiment, the target block cipher algorithm is the AES-128 algorithm, which has a typical and standardized structure, has been thoroughly studied for security, and has publicly available cases of intermediate encounter differential error injection attacks, making it easy to verify the effectiveness of the automated search method for intermediate encounter differential error injection attacks provided in this embodiment of the invention.
[0033] The plaintext block length of AES-128 is 128 bits, the key length is 128 bits, and the encryption process consists of 10 rounds of operation (numbered from round 0 to round 9), with round 9 being the last round, which does not include a complete linear mixing operation.
[0034] The following will take AES-128 as the target block cipher algorithm as an example and describe steps S110-S130 and related steps in detail.
[0035] S110, traverse the fault injection rounds and the intermediate encounter rounds, wherein the fault injection rounds are earlier than the intermediate encounter rounds, and the intermediate encounter rounds are not the last rounds.
[0036] It is easy to understand that this step enumerates all possible combinations of attack windows to determine "in which rounds to inject faults and in which rounds to perform intermediate state matching" that may achieve effective key recovery.
[0037] Specifically, iterate through all round pairs that satisfy the following two conditions: (1) the fault injection round is earlier than the intermediate encounter round; (2) the intermediate encounter round is not the last round (i.e., it cannot be the 9th round). For example, if the fault is injected in the 6th round, the intermediate encounter round can be the 7th or 8th round, but not the 9th round, because there are no subsequent rounds after the 9th round that can be used to reverse derive the key.
[0038] Furthermore, during the traversal process, constraints are imposed on the fault injection rounds. Only one state unit is allowed to have an active difference in each fault injection round, simulating the most common single-byte fault model in real-world hardware attacks, thus ensuring the search results have realistic attack feasibility. Here, a state unit refers to a single byte in the AES state matrix; an active difference refers to a non-zero difference between the correct and incorrect encryption paths for a state unit.
[0039] Based on step S110, which traverses the fault injection rounds and intermediate encounter rounds, step S120 is further executed.
[0040] S120, an automated search model is constructed based on the fault injection round and the intermediate encounter round; wherein, the automated search model introduces a differential activity variable and an additional binary variable, the differential activity variable represents the differential propagation state from the fault injection round to the round before the intermediate encounter round, and the additional binary variable represents whether the state value from the intermediate encounter round to the last round can be determined by a first key subset or a second key subset.
[0041] Specifically, this step transforms the structural characteristics and attack logic of the target block cipher algorithm into a formal model that can be solved automatically, i.e., an automated search model.
[0042] Taking the fault injection round as the 6th round and the intermediate encounter round as the 8th round as an example, an automated search model is constructed.
[0043] First, two types of key variables are defined: differential activity variables and additional binary variables. Specifically, for each state unit from round 6 to round 7 (i.e., the round before the intermediate encounter round to the round after the fault injection), a binary differential activity variable is introduced to characterize whether the state unit has active differential propagation. If the differential activity variable takes a value of 1, it indicates that the state unit is differentially active; if it is 0, it indicates that the state unit is differentially inactive, meaning that the correct and incorrect paths are the same here.
[0044] Meanwhile, for each state unit from round 8 to round 9 (i.e., from the intermediate encounter round to the final round), two independent additional binary variables are introduced to jointly characterize the bidirectional guessing mechanism in the intermediate encounter concept. The first additional binary variable indicates whether the value of the state unit can be obtained by reverse calculation using the first key subset; the second variable indicates whether the value of the state unit can be obtained by reverse calculation using the second key subset.
[0045] Based on this, constraints are established according to the structure of AES-128. Specifically, for the nonlinear replacement layer (usually an S-box), since the S-box is byte-by-byte independent, the differential activity of its input and output is consistent, so the corresponding variables are set to be equal; for the linear diffusion layer, if any input byte is differentially active, then the output byte is differentially active, and logical OR relation constraints are established accordingly; in the intermediate encounter round (round 8), the differential patterns formed by the propagation of single-point faults are analyzed, and state unit pairs that satisfy a fixed set of linear relations (such as ΔX=a·ΔY) are identified. The set consisting of all legal differential value pairs is transformed into linear inequality constraints through convex hull technology and embedded into the model.
[0046] Meanwhile, the key scheduling algorithm of AES-128 is analyzed, and the round key bits participating in the 8th and 9th rounds of operation are divided into a first key subset and a second key subset that are mutually exclusive, in order to support the reverse calculation of state values.
[0047] The specific construction process of the automated cryptographic parsing model will be elaborated in the examples below.
[0048] Based on the construction of the automated search model in step S120 based on the fault injection rounds and intermediate encounter rounds, step S130 is further executed.
[0049] S130, with the optimization objective of minimizing the smaller of the first key subset and the second key subset, and constraining the time complexity corresponding to the smaller one to not exceed a preset upper limit threshold, solve the automated search model and output the optimal key recovery route.
[0050] Specifically, since the actual time complexity of a meet-in-the-middle attack is determined by the smaller key subset, this step sets the optimization objective as minimizing the smaller of the sizes of the first and second key subsets. A practical constraint is also introduced: the time complexity corresponding to the smaller of the sizes of the first and second key subsets must not exceed a preset upper limit threshold (usually set to 2). 40 This represents the upper limit of a practically feasible attack.
[0051] Call the solver to solve the automated search model. If a valid solution is obtained (e.g., a smaller subset of keys of 4 bytes, corresponding to a complexity of 2), then... 32 <2 40 If the condition is met, the complete optimal key recovery route will be output. The optimal key recovery route includes the fault injection location (e.g., a certain byte in round 6), the intermediate encounter round (round 8), the specific composition of the two key subsets, and the range of critical rounds that need to be protected (e.g., rounds 6 to 8).
[0052] By traversing all legal combinations (fault injection rounds, intermediate encounter rounds) and repeatedly executing steps S110-S130, the globally optimal attack scheme can be obtained automatically without manual intervention.
[0053] It should be noted that the automated search method designed in this embodiment of the invention is for block cipher algorithms with SPN structure. It injects a random error value (the length of an S-box bit in the SPN structure algorithm, typically one byte or half a byte) into a controllable state at any controllable round in the intermediate rounds. By collecting several sets of known correct and corrupted ciphertext values, the calculation path for the key recovery attack is completed through automated search. Unit-level error injection attack scenarios are relatively common. Interference can usually be added at the S-box level, with the goal of adding differential errors to a single S-box. The resulting differential error can be of any value.
[0054] In this embodiment, an automated search model is constructed by traversing the fault injection rounds and intermediate encounter rounds, where the fault injection round precedes the intermediate encounter round and the intermediate encounter round is not the last round. This automated search model incorporates differential activity variables and additional binary variables. The differential activity variable represents the differential propagation state from the fault injection round to the round preceding the intermediate encounter round, while the additional binary variable represents whether the state value from the intermediate encounter round to the last round can be determined by either the first key subset or the second key subset. The optimization objective is to minimize the smaller of the first and second key subsets, while constraining the time complexity corresponding to the smaller subset to not exceed a preset upper limit threshold. This method solves the automated search model and outputs the optimal key recovery route. Through automated modeling and optimization, this method achieves efficient and accurate searching for intermediate encounter differential fault injection attack paths, significantly improving the efficiency and reliability of security assessment for SPN structure block cipher algorithms and providing quantifiable key round protection basis for hardware protection design.
[0055] Based on the above embodiments, taking the AES-128 algorithm as an example, this paper details how to construct an automated search model for intermediate encounter differential error injection attack search based on the selected fault injection rounds and intermediate encounter rounds.
[0056] AES-128 is a typical SPN block cipher algorithm. Each round of encryption consists of a nonlinear substitution layer and a linear diffusion layer, where the linear diffusion layer contains multiple XOR operations and linear transformations. In this embodiment, the fault injection round is set to the 6th round, and the intermediate encounter round is set to the 8th round.
[0057] It is easy to understand that in the automated search model of this embodiment, each state unit is assigned a specific color semantic based on its role in differential propagation and key recovery. Specifically, a white state indicates that differential propagation is inactive, meaning that the correct path and the incorrect path have the same value; a gray state indicates that differential propagation is active, but its value cannot be determined by reverse derivation from either key subset; a blue state indicates that differential propagation is active, and its value can be determined by reverse derivation from the first key subset; a red state indicates that differential propagation is active, and its value can be determined by reverse derivation from the second key subset; and an orange state indicates that differential propagation is active, and its value can be determined by both the first and second key subsets.
[0058] These color states can be jointly represented by one differential activity variable (a) and two additional binary variables (b and c), with the following mapping relationships: white state is (a,b,c)=(0,0,0); gray state is (a,b,c)=(1,0,0); blue state is (a,b,c)=(1,1,0); red state is (a,b,c)=(1,0,1); and orange state is (a,b,c)=(1,1,1).
[0059] The construction process of the automated search model mainly includes three parts: constructing the differential propagation path, embedding the feasible region constraint of the intermediate round differential linear relationship, and establishing the association between the key subset and the computability of the state.
[0060] In one specific embodiment, the process of constructing the differential propagation path is described in detail.
[0061] For the nonlinear substitution layer in the SPN structure of the target block cipher algorithm, a constraint is set that the input state units and the output state units have the same differential activity. For the XOR operation in the linear diffusion layer of the SPN structure, a constraint is set that the differential activity of the output state unit is equal to the logical OR of the differential activities of all its input state units. Based on the established constraints, a complete differential propagation path from the fault injection round to the round before the intermediate encounter round is recursively generated.
[0062] Specifically, for the nonlinear substitution layer in the SPN structure of the target block cipher algorithm, a constraint is set that the input state unit and the output state unit have the same differential activity. For the n-bit XOR operation of the n-branch input and 1-branch output in the linear diffusion layer of the SPN structure, the differential activity of its output branch is constrained to be equal to the n-bit logical OR of the differential activity of its input n branches. For unit-level operations, since the differential activity of each unit is represented by a 1-bit variable, only the logical OR constraint needs to be performed on that variable. In particular, the bitrate operation in the algorithm can be regarded as a degenerate of the XOR operation, that is, an XOR operation of 1 bit input and 1 bit output, and the logical OR constraint of the output with respect to the input can be degenerated into an equality constraint. Based on the established constraints, a complete differential propagation path from the fault injection round to the round before the intermediate encounter round is recursively generated.
[0063] In detail, when building an automated search model, the first step is to accurately characterize the propagation behavior of the fault from the injection point to the round before the intermediate encounter round.
[0064] For the nonlinear substitution layer (SubBytes operation in AES-128) in the SPN block cipher structure, since the S-box is a byte-by-byte independent deterministic nonlinear transformation, the model sets the constraint that the input and output state units have the same differential activity. Here, a state unit refers to a byte in the state matrix; differential activity is a binary attribute used to characterize whether there is a non-zero difference between the correct and incorrect encryption paths for that state unit. If so, the state unit is differentially active; otherwise, it is differentially inactive. The model forces the differential activity variables of the S-box input and output to have equal values, ensuring that the differential propagation of the nonlinear substitution layer is accurately modeled.
[0065] For the linear diffusion layer in the SPN structure (mainly manifested as the MixColumns operation in AES-128, which contains multiple XOR operations and finite field multiplications), this embodiment focuses on modeling the XOR operation. The model sets a constraint: the differential activity of the output state unit is equal to the logical OR of the differential activities of all its input state units. For example, in MixColumns, each output byte is a linear combination of four input bytes; as long as any input byte is differentially active, the output byte may be activated. Under the truncated differential diffusion model, this constraint is simplified to a Boolean logical OR, thus transforming into a linear inequality embedding automated search model.
[0066] Based on the two types of constraints mentioned above, the model automatically and recursively generates a complete differential propagation path from round 6 to round 7 (i.e., from the fault injection round to the round before the intermediate encounter round). For example, if a single point of failure (differential active) is injected into byte 0 in round 6, and it remains active after the nonlinear replacement layer, then after ShiftRows shifting and MixColumns diffusion, it can activate the entire column of 4 bytes in round 7. This process is entirely constraint-driven, requiring no manual intervention, ensuring that the differential influence range is accurately captured.
[0067] In one specific embodiment, the process of embedding the feasible region constraint of the intermediate wheel differential linear relationship is described in detail.
[0068] Based on the single-point fault location in the fault injection round, the differential state formed by the propagation of the single-point fault location through the nonlinear replacement layer and the linear diffusion layer to the intermediate encounter round is simulated. Based on the differential state identification, the state unit pairs affected by the fault in the intermediate encounter round are identified, and the differential values of the state unit pairs satisfy a fixed set of linear relationships determined by the linear diffusion structure of the algorithm. All differential value pairs that satisfy the fixed set of linear relationships are taken as the set of truth points, and the convex hull representation of the set of truth points is constructed through the set of inequalities. The convex hull representation is then embedded as a feasible region constraint into the automated search model.
[0069] Specifically, after completing the differential propagation modeling, the key matching conditions of the intermediate encounter round (round 8) need to be addressed. First, based on the single-point fault location in the fault injection round (e.g., byte 0 in round 6), the differential state formed by the single-point fault location propagating through the nonlinear replacement layer and the linear diffusion layer to round 8 is simulated. As can be seen from the differential propagation path above, several state units in round 8 will exhibit active differential states.
[0070] Next, the state unit pairs affected by the fault in round 8 are identified, and their difference values satisfy a fixed set of linear relationships determined by the algorithm's linear diffusion structure. For example, in AES-128, due to the linear nature of MixColumns, the difference values of bytes in the same column satisfy a deterministic proportional relationship, such as... This fixed set of linear relationships is the core basis for filtering keys in meet-in-the-middle attacks.
[0071] Enumerate all valid difference pairs that satisfy this fixed linear relation set (such as all...) Make A set of truth points is formed by inequalities. Using computational geometry, a convex hull representation of this set is constructed through a set of inequalities, and this convex hull representation is embedded as a feasible region constraint into the automated search model. The convex hull representation is a minimal convex polyhedron containing all legal points, and its boundary is defined by a set of linear inequalities.
[0072] The purpose of the feasible region constraint of the intermediate round differential linear relationship is to ensure that the model allows two state units to be simultaneously marked as computable states (such as blue and red states) only when the difference value of the two state units in the intermediate round falls within the constructed convex hull, thus ensuring the correctness of subsequent key screening.
[0073] In one specific embodiment, the process of establishing the association between a subset of keys and state computability is described in detail.
[0074] The key scheduling algorithm of the target block cipher is analyzed to identify the round key bits involved in the intermediate encounter rounds to the last round of operation; the round key bits are divided into a first key subset and a second key subset that are mutually exclusive; two additional binary variables are introduced to indicate whether the state value of a state unit can be determined by reverse derivation from the first key subset or the second key subset.
[0075] The two additional binary variables follow the following transmission rules: For nonlinear substitution layers, the input state units and output state units are constrained to have the same differential activity; for the XOR operation of n-bit input and 1-bit input in the inverse operation matrix of the linear diffusion layer, the differential activity of its output branch is constrained to be equal to the n-bit logical AND of the differential activity of its input n branches; for unit-level operations, since the differential activity of each unit is represented by a 1-bit variable, only the logical AND constraint needs to be performed on that variable; in particular, the bittrade operation in the algorithm can be regarded as a degenerate of the XOR operation, that is, an XOR operation of 1-bit input and 1-bit output, and the logical AND constraint of the output with respect to the input can be degenerate into an equality constraint.
[0076] Specifically, a correlation is established between key guessing and state computability. First, the key scheduling algorithm of the target block cipher (the KeyExpansion function in AES-128) is analyzed to identify all round key bits involved in rounds 8 and 9. The round key bits are generated from the original 128-bit key through a non-linear recursion.
[0077] Subsequently, the round key bits are divided into two disjoint key subsets: a first key subset and a second key subset. The division principle is based on the idea of meeting in the middle: the first key subset is used to reverse-engineer a portion of the 8th round state (e.g., the first column) from the ciphertext, while the second key subset is used to calculate the remaining bytes (e.g., the remaining three columns). The first and second key subsets have no overlap and cover all relevant key bits.
[0078] Based on this, two additional binary variables (denoted as b and c) are introduced to indicate whether the state value of any state unit can be determined by reverse derivation using either the first key subset or the second key subset. Specifically, if the state value of a state unit can be uniquely determined given the first key subset (i.e., without guessing), then its corresponding additional binary variable b is set to 1; if the state value of a state unit can be determined using the second key subset, then its corresponding additional binary variable c is set to 1.
[0079] Two additional binary variables (b and c) are combined with the differential activity variable a to define the color semantics of the state unit (white, gray, blue, red, and orange states), thereby uniformly expressing the dual attributes of whether it is active and whether it is calculable in the automated search model.
[0080] Thus, the optimization objective (minimizing the first key subset) becomes... With the second key subset The smaller one: This can be achieved directly by summing additional binary variables. , , Represents a state unit.
[0081] Figure 2 This diagram illustrates the construction process of the automated search model provided in an embodiment of the present invention. Figure 2 As shown, the fault injection round R is first determined. s Meeting in the middle round R m Then inject R from the fault in round R. s The round before the midpoint meeting point R m-1 The unit states are used to construct a truncated differential propagation model (corresponding to the "construction of differential propagation path" described above) to characterize the fault propagation path, i.e., the differential propagation path; then, the intermediate encounter rounds R are... m The unit states establish differential matching rules (corresponding to the "feasible region constraint of embedded intermediate round differential linear relationship" described above) to filter valid key combinations; subsequently, for the intermediate meeting round R... m In the final round of R, the cell state is used to construct key guessing and state value determination rules (corresponding to the "establishment of key subset and state computability association" described above) to achieve bidirectional key recovery. Finally, an optimization objective is set (i.e., minimizing the smaller of the first key subset and the second key subset), and the key recovery time complexity under the current fault injection round is constrained (i.e., the time complexity does not exceed the preset upper limit threshold), thereby completing the construction of the automated search model.
[0082] In this embodiment, by modeling an automated search model from three aspects—constructing differential propagation paths, embedding feasible region constraints of intermediate round differential linear relationships, and establishing a correlation between key subsets and state computability—it not only accurately reflects the structural characteristics of cryptographic algorithms but also fully integrates the core logic of intermediate encounter differential error injection attacks, providing a basis for efficiently and automatically searching for the optimal key recovery route.
[0083] Based on the above embodiments, the automated search model is further defined as at least one of a mixed-integer linear programming model, a Boolean satisfiability model, and a constrained programming model.
[0084] It is readily understood that in the automated search method for intermediate encounter differential error injection attacks provided in this embodiment of the invention, the automated search model serves as the carrier connecting the cryptographic algorithm structure and the attack feasibility assessment. Considering practical needs and solution efficiency, the automated search model can be constructed and solved using at least one of the following forms: Mixed Integer Linear Programming (MILP), Boolean Satisfiability Problem (SAT), or Constraint Programming (CP). These three models are mainstream frameworks in the field of formal constraint solving, each with different expressive capabilities and solution characteristics, but all can support the modeling logic and optimization objectives described in this embodiment of the invention.
[0085] The MILP model is a mathematical optimization model based on a linear objective function and linear constraints, allowing some variables to take integer values. In this embodiment of the invention, the MILP model is suitable for uniformly representing differential activity variables and additional binary variables as 0-1 integer variables, and transforming the differential activity consistency of the nonlinear substitution layer, the logical OR relationship of the linear diffusion layer, and the convex hull constraints of the intermediate wheel differential linear relationship into linear inequalities. This model can be efficiently solved by directly calling mature commercial or open-source solvers.
[0086] The SAT model is a Boolean logic-based framework for solving decision problems. Its core task is to determine whether there exists a set of Boolean variable assignments that make a given conjunctive normal form true. In this embodiment of the invention, the differential activity and computability attributes of all state units can be encoded as Boolean variables, while various cryptographic operation rules (such as S-box differential propagation, XOR activation conditions, and key subset coverage relationships) are transformed into Boolean logic clauses. Although the SAT model itself does not directly support numerical optimization, the goal of minimizing the key subset size can be achieved through incremental solving or minimum satisfaction assignment techniques.
[0087] The Conformance-Constraint (CP) model is a solution paradigm centered on higher-order constraints. It allows variables to be defined over finite fields and narrows the solution space through constraint propagation and search strategies. In this embodiment of the invention, the CP model can naturally express the color semantics of state units (such as white, gray, and blue states) and their transition rules, and directly embed enumeration tables of truth point sets or algebraic constraints of difference linear relationships, without requiring convex hull approximation. Furthermore, CP solvers typically incorporate efficient search heuristics, which can accelerate the discovery of the optimal key recovery path.
[0088] It should be noted that although the above three models differ in their underlying representation and solution mechanisms, their functional objectives in the embodiments of this invention are completely consistent. That is, given the number of fault injection rounds and intermediate encounter rounds, they accurately characterize the differential propagation path, embed intermediate round matching constraints, associate key subsets and state computability, and finally optimize by minimizing the smaller of the size of the first key subset and the second key subset, and solve for the optimal key recovery route under the condition that the time complexity does not exceed the preset upper limit threshold.
[0089] Regardless of the model used, the inputs are the same: the number of fault injection rounds, the number of intermediate encounter rounds, and the algorithm structure parameters. The outputs are all complete attack schemes that include the location of the injected fault, the composition of the key subset, the number of intermediate encounter rounds, and the range of the protection rounds.
[0090] In some other embodiments, Figure 3 This diagram illustrates the principle of the automated search method for intermediate encounter differential error injection attacks provided in an embodiment of the present invention.
[0091] like Figure 3 As shown, at the Rth time... s Wheel injection failure, generating Rth m The differential state of the round is divided into two differential units, and guess key sets Set1 (first key subset) and Set2 (second key subset) are generated by reverse decryption respectively. The key combinations are filtered by using the fixed linear relationship set between the two differential units, and finally the key recovery is achieved.
[0092] Figure 4 A flowchart illustrating the solution process of the automated search model provided in an embodiment of the present invention is shown. Figure 4 As shown, the fault injection round R is first determined. s Meeting in the middle round R m Then, an automated search model is built and the search is performed; it is then determined whether the attack time complexity is less than 2. 40If not, stop running, indicating that the automated search model has no practical attack feasibility; if yes, record the time complexity of a single recovery, mark the guessed key and update the model; then determine whether the remaining keys have been traversed within a finite time; if not, update the model parameters and continue searching; if completed, output the attack result with the best time complexity, i.e. the optimal key recovery route.
[0093] Figure 5 The R provided by the embodiments of the present invention is shown. s A flowchart illustrating the solution process for the automated search model in the event of a round injection failure. (Example:) Figure 5 As shown, the fault injection round R is selected first. s And set the intermediate encounter round R. m =R s +1; then build an automated search model and complete the search, storing the time complexity of the current attack; determine R. m Is it less than R-1 (where R is the total number of rounds)? If so, then set R... m If the value is increased by 1, continue the next round of search; otherwise, output the attack result with the optimal time complexity.
[0094] The automated search method for encounter-in-the-middle differential error injection attacks provided in this invention uses a general framework to construct an automated search model for key recovery routes in SPN block cipher algorithms. This method efficiently obtains the fault injection location and key recovery route of the encounter-in-the-middle differential error injection attack, and ensures that the key recovery time complexity is a practically feasible attack time. This provides support for accurately evaluating the strength of SPN block cipher algorithms against encounter-in-the-middle differential error injection attacks and determining the number of rounds required for additional protection measures.
[0095] Corresponding to the automated search method for intermediate encounter differential error injection attacks described in the above embodiments, this invention also proposes an automated search device for intermediate encounter differential error injection attacks. Specifically, Figure 6 A schematic diagram of the structure of the automated search device for intermediate encounter differential error injection attacks provided in an embodiment of the present invention is shown.
[0096] like Figure 6As shown, the device includes: a round combination traversal module 610, used to traverse fault injection rounds and intermediate encounter rounds, wherein the fault injection rounds are earlier than the intermediate encounter rounds, and the intermediate encounter rounds are not the last round; an automated search model construction module 620, used to construct an automated search model based on the fault injection rounds and the intermediate encounter rounds; wherein the automated search model introduces differential activity variables and additional binary variables, wherein the differential activity variables represent the differential propagation state from the fault injection round to the round before the intermediate encounter round, and the additional binary variables represent whether the state value from the intermediate encounter round to the last round can be determined by a first key subset or a second key subset; and an automated search model solving module 630, used to solve the automated search model with the optimization objective of minimizing the smaller of the first key subset and the second key subset, and constraining the time complexity corresponding to the smaller one to not exceed a preset upper limit threshold, and outputting the optimal key recovery route.
[0097] In this embodiment, the round combination traversal module 610 traverses the fault injection round and the intermediate encounter round, where the fault injection round precedes the intermediate encounter round and the intermediate encounter round is not the last round. The automated search model construction module 620 constructs an automated search model based on the fault injection round and the intermediate encounter round. The automated search model introduces a differential activity variable and an additional binary variable. The differential activity variable represents the differential propagation state from the fault injection round to the round before the intermediate encounter round, and the additional binary variable represents whether the state value from the intermediate encounter round to the last round can be determined by either the first key subset or the second key subset. The automated search model solving module 630 optimizes by minimizing the smaller of the first and second key subsets, and constrains the time complexity corresponding to the smaller subset to not exceed a preset upper limit threshold. It solves the automated search model and outputs the optimal key recovery route. This method, through automated modeling and optimization, achieves efficient and accurate searching for intermediate encounter differential fault injection attack paths, significantly improving the efficiency and reliability of SPN structure block cipher algorithm security assessment, and providing quantifiable key round protection basis for hardware protection design.
[0098] It should be noted that the automated search device for intermediate encounter differential error injection attacks provided in this embodiment of the invention can be referred to in correspondence with the automated search method for intermediate encounter differential error injection attacks described in the above embodiments, and will not be repeated here.
[0099] Figure 7 An example is a schematic diagram of the physical structure of an electronic device, such as... Figure 7As shown, the electronic device may include: a processor 710, a communications interface 720, a memory 730, and a communications bus 740, wherein the processor 710, the communications interface 720, and the memory 730 communicate with each other through the communications bus 740. The processor 710 can call logic instructions in the memory 730 to execute an automated search method for intermediate encounter differential error injection attacks. This method includes: traversing fault injection rounds and intermediate encounter rounds, where the fault injection round is earlier than the intermediate encounter round and the intermediate encounter round is not the last round; constructing an automated search model based on the fault injection round and the intermediate encounter round; wherein the automated search model introduces a differential activity variable and an additional binary variable, where the differential activity variable represents the differential propagation state from the fault injection round to the round preceding the intermediate encounter round, and the additional binary variable represents whether the state value from the intermediate encounter round to the last round can be determined by a first key subset or a second key subset; solving the automated search model with the optimization objective of minimizing the smaller of the first key subset and the second key subset, and constraining the time complexity corresponding to the smaller subset to not exceed a preset upper limit threshold, and outputting the optimal key recovery route.
[0100] Furthermore, the logical instructions in the aforementioned memory 730 can be implemented as software functional units and, when sold or used as independent products, can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present invention, essentially, or the part that contributes to the prior art, or a part of the technical solution, can be embodied in the form of a software product. This computer software product is stored in a storage medium and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of the present invention. The aforementioned storage medium includes various media capable of storing program code, such as USB flash drives, portable hard drives, read-only memory (ROM), random access memory (RAM), magnetic disks, or optical disks.
[0101] On the other hand, the present invention also provides a computer program product, which includes a computer program that can be stored on a non-transitory computer-readable storage medium. When the computer program is executed by a processor, the computer can execute the automated search method for intermediate encounter differential error injection attacks provided by the above methods. The method includes: traversing fault injection rounds and intermediate encounter rounds, wherein the fault injection round is earlier than the intermediate encounter round and the intermediate encounter round is not the last round; constructing an automated search model based on the fault injection round and the intermediate encounter round; wherein the automated search model introduces a differential activity variable and an additional binary variable, wherein the differential activity variable represents the differential propagation state from the fault injection round to the round before the intermediate encounter round, and the additional binary variable represents whether the state value from the intermediate encounter round to the last round can be determined by a first key subset or a second key subset; taking minimizing the smaller of the first key subset and the second key subset as the optimization objective, and constraining the time complexity corresponding to the smaller one to not exceed a preset upper limit threshold, solving the automated search model, and outputting the optimal key recovery route.
[0102] In another aspect, the present invention also provides a non-transitory computer-readable storage medium storing a computer program thereon. When executed by a processor, the computer program implements an automated search method for intermediate encounter differential error injection attacks provided by the methods described above. This method includes: traversing fault injection rounds and intermediate encounter rounds, wherein the fault injection round is earlier than the intermediate encounter round, and the intermediate encounter round is not the last round; constructing an automated search model based on the fault injection round and the intermediate encounter round; wherein the automated search model introduces a differential activity variable and an additional binary variable, the differential activity variable representing the differential propagation state from the fault injection round to the round preceding the intermediate encounter round, and the additional binary variable representing whether the state value from the intermediate encounter round to the last round can be determined by a first key subset or a second key subset; solving the automated search model with the optimization objective of minimizing the smaller of the first key subset and the second key subset, and constraining the time complexity corresponding to the smaller one to not exceed a preset upper limit threshold, and outputting the optimal key recovery route.
[0103] The device embodiments described above are merely illustrative. The units described as separate components may or may not be physically separate. The components shown as units may or may not be physical units; that is, they may be located in one place or distributed across multiple network units. Some or all of the modules can be selected to achieve the purpose of this embodiment according to actual needs. Those skilled in the art can understand and implement this without any creative effort.
[0104] Through the above description of the embodiments, those skilled in the art can clearly understand that each embodiment can be implemented by means of software plus necessary general-purpose hardware platforms, and of course, it can also be implemented by hardware. Based on this understanding, the above technical solutions, in essence or the part that contributes to the prior art, can be embodied in the form of a software product. This computer software product can be stored in a computer-readable storage medium, such as ROM / RAM, magnetic disk, optical disk, etc., and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute the methods described in the various embodiments or some parts of the embodiments.
[0105] Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention, and not to limit them; although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that modifications can still be made to the technical solutions described in the foregoing embodiments, or equivalent substitutions can be made to some of the technical features; and these modifications or substitutions do not cause the essence of the corresponding technical solutions to deviate from the spirit and scope of the technical solutions of the embodiments of the present invention.
Claims
1. An automated search method for intermediate encounter differential error injection attacks, characterized in that, include: Traverse the fault injection rounds and the intermediate encounter rounds, wherein the fault injection rounds are earlier than the intermediate encounter rounds, and the intermediate encounter rounds are not the last round; An automated search model is constructed based on the fault injection round and the intermediate encounter round; wherein, the automated search model introduces a differential activity variable and an additional binary variable, the differential activity variable represents the differential propagation state from the fault injection round to the round before the intermediate encounter round, and the additional binary variable represents whether the state value from the intermediate encounter round to the last round can be determined by a first key subset or a second key subset; The optimization objective is to minimize the smaller of the first key subset and the second key subset, while constraining the time complexity corresponding to the smaller key subset to not exceed a preset upper limit threshold. The automated search model is then solved to output the optimal key recovery route.
2. The automated search method for intermediate encounter differential error injection attacks according to claim 1, characterized in that, When traversing the fault injection rounds and the intermediate encounter rounds, it is limited that only one state unit in the fault injection round has an active differential.
3. The automated search method for intermediate encounter differential error injection attacks according to claim 1, characterized in that, The construction of the automated search model based on the fault injection rounds and the intermediate encounter rounds includes: For the nonlinear substitution layer in the SPN structure of the target block cipher algorithm, a constraint is set that the input state unit and the output state unit have the same differential activity. For the XOR operation in the linear diffusion layer of the SPN structure, the constraint is to set the differential activity of the output state unit to be equal to the logical OR of the differential activity of all its input state units. Based on the established constraints, a complete differential propagation path is recursively generated from the fault injection round to the round preceding the intermediate encounter round.
4. The automated search method for intermediate encounter differential error injection attacks according to claim 3, characterized in that, The construction of the automated search model based on the fault injection rounds and the intermediate encounter rounds includes: Based on the single-point fault location in the fault injection round, the differential state formed by the single-point fault location propagating through the nonlinear replacement layer and the linear diffusion layer to the intermediate encounter round is simulated. Based on the differential state identification, the state unit pairs affected by the fault in the intermediate encounter rounds are identified, and the differential values of the state unit pairs satisfy a fixed set of linear relationships determined by the linear diffusion structure of the algorithm. All difference pairs that satisfy the fixed linear relation set are taken as the truth point set. The convex hull representation of the truth point set is constructed through the set of inequalities, and the convex hull representation is embedded as a feasible region constraint into the automated search model.
5. The automated search method for intermediate encounter differential error injection attacks according to claim 1, characterized in that, The construction of the automated search model based on the fault injection rounds and the intermediate encounter rounds includes: The key scheduling algorithm of the target block cipher algorithm is analyzed to identify the round key bits involved in the intermediate encounter rounds to the last round of operation; The round key bits are divided into a first key subset and a second key subset that do not overlap; Two additional binary variables are introduced to indicate whether the state unit can be determined by reverse derivation from the first key subset or the second key subset.
6. The automated search method for intermediate encounter differential error injection attacks according to any one of claims 1-5, characterized in that, The automated search model is at least one of the following: mixed integer linear programming model, Boolean satisfiability model, and constrained programming model.
7. An automated search device for intermediate encounter differential error injection attacks, characterized in that, include: The round combination traversal module is used to traverse the fault injection round and the intermediate encounter round, wherein the fault injection round is earlier than the intermediate encounter round, and the intermediate encounter round is not the last round; An automated search model construction module is used to construct an automated search model based on the fault injection round and the intermediate encounter round; wherein, the automated search model introduces a differential activity variable and an additional binary variable, the differential activity variable represents the differential propagation state from the fault injection round to the round before the intermediate encounter round, and the additional binary variable represents whether the state value from the intermediate encounter round to the last round can be determined by a first key subset or a second key subset; The automated search model solving module is used to solve the automated search model with the optimization objective of minimizing the smaller of the first key subset and the second key subset, and constraining the time complexity corresponding to the smaller one to not exceed a preset upper limit threshold, and output the optimal key recovery route.
8. An electronic device comprising a memory, a processor, and a computer program stored in the memory and running on the processor, characterized in that, When the processor executes the computer program, it implements the automated search method for intermediate encounter differential error injection attacks as described in any one of claims 1 to 6.
9. A non-transitory computer-readable storage medium having a computer program stored thereon, characterized in that, When the computer program is executed by the processor, it implements the automated search method for intermediate encounter differential error injection attacks as described in any one of claims 1 to 6.
10. A computer program product, comprising a computer program, characterized in that, When the computer program is executed by the processor, it implements the automated search method for intermediate encounter differential error injection attacks as described in any one of claims 1 to 6.