Exemplary embodiments of the present invention relate to a method for coping with power analysis attacks, and more particularly, to a method for implementing symmetric key encryption algorithm against power analysis attacks for reducing a memory and execution time that occur at the time of implementing the symmetric key encryption algorithm.
Generally, a symmetric key encryption algorithm is referred to as a block encryption algorithm and encrypts and decrypts data having a predetermined unit block with the same key and is operated with a multi-mode for implementing intensive encryption.
Power/electromagnetic wave power analysis attacks, which are one of powerful attack mechanisms against a symmetric key encryption algorithm, are a big threat factors against security products.
The power/electromagnetic wave power analysis attacks are an attack method that collects electromagnetic waves generated at the time of driving an encryption algorithm or consumed power and statistically analyzes the collected electromagnetic waves to analyze secrete information, for example, key information, of the encryption algorithm.
The symmetric key encryption algorithm has proposed various mechanisms for preventing power/electromagnetic wave sub-channel analysis attacks.
Among those, a masking mechanism is a representative method for preventing power analysis attacks at an encryption algorithm level. The masking mechanism is a method that cannot expect a median value of encryption operation by adding or XORing random data to data to be originally encrypted and cannot statistically analyze collected power waveforms or electromagnetic wave data.
The above-mentioned technical configuration is a background art for helping understanding of the present invention and does not mean related arts well known in a technical field to which the present invention pertains.
The related art uses an S-box as a non-linear function in a symmetric key encryption algorithm.
As described above, when implementing the symmetric key encryption algorithm by the masking method for preventing power analysis attacks, a memory for generating a masked S-box table is additionally consumed and masking operation needs to be performed for each round, which results in additionally increasing the execution time.