论文部分内容阅读
This paper presents an improved simple power attack against the key schedule of Camellia. While the original attack required an exact determination of the Hamming weight of inter-mediate data values based on power measurements,in this paper,two types of the simple power attack are presented and shown to be tolerant of errors that might occur in the Hamming weight de-terminations. In practical applications of the attack,such errors are likely to occur due to noise and distortion in the power measure-ments and their mapping to the Hamming weights of the data. To resist these attacks,the required design rationale of key schedules and several practical countermeasures are suggested.
This paper presented an improved simple power attack against the key schedule of Camellia. While the original attack required an exact determination of the Hamming weight of inter-mediate data values based on power measurements, in this paper, two types of the simple power attack are presented and shown to be tolerant of errors that might occur in the Hamming weight de-terminations. In practical applications of the attack, such errors are likely to occur due to noise and distortion in the power measure-ments and their mapping to the Hamming weights of the data. To resist these attacks, the required design rationale of key schedules and several practical countermeasures are suggested.