为了研究密码算法的安全性能,提出了一种基于选择明文-时间差异的边信道攻击（简称选择明文-时间攻击）方法.该方法通过选择少量适当的明文输入密码系统,检测相应部分代码的执行时间,从而分析获取密钥,用来攻击分组密码或公钥密码系统.为了便于说明,文中以分组密码DES算法为例,详述了选择明文-时间攻击的具体实现.在单片机上的实验结果表明,文中所提方法是可行的和有效的.文中最后分析了密码算法实现中普遍存在的执行时间差异的原因,并给出了相应的抵抗措施.

Proposed in this paper is a side-channel attack method based on chosen plaintext-timing difference.This method,which is called chosen plaintext-timing attack for short and is adopted to evaluate the security of cryptography algorithms,extracts the secret key by selecting a few appropriate plaintexts which are sent to the cryptosystem and by measuring the execution time of the corresponding code,and uses the secret key to attack block cryptosystem and public cryptosystem.Moreover,DES block cipher algorithm is taken as an example to explain the implementation of the chosen plaintext-timing attack.Experimental results on a microcontroller unit indicate that the proposed attack method is effective and practical.In addition,the reason for the execution time diffe-rence existing in cryptosystem implementation is analyzed,and the corresponding countermeasures are presented.