针对S芯片验证模块引脚信息的自动分析技术

项目名称： 针对S芯片验证模块引脚信息的自动分析技术

项目编号： No.U1536103

项目类型： 联合基金项目

立项/批准年度： 2016

项目学科： 管理科学

项目作者： 刘军荣

作者单位： 上海交通大学

项目金额： 63万元

中文摘要： 具备身份验证功能的智能卡被广泛应用于政府、公安、金融、教育、交通等领域，一旦这些智能卡受到安全威胁，将会导致巨大的经济损失，严重的甚至会影响社会稳定。本项目针对本次联合基金重点关注的S芯片，通过与需求单位密切合作，分析其密码算法中的安全问题，其中涉及的算法包括认证加密算法及保护内容信息的数据完整性校验算法。研究工作将围绕硬件电路的反向工程、密码算法的软件代码分析及密码电路的旁路攻击三个方面展开。利用反向工程技术完成对硬件电路的剖析、电路提取、以及认证加密算法的识别；利用代码分析技术对从芯片中获取的码流进行反汇编及动态调试，恢复出数据完整性校验算法；最后通过旁路攻击技术获取各类算法中的密钥信息，从而实现对此智能卡认证过程的完全破译。本研究将对一个未知的密码系统进行深入、彻底地分析，发现其安全性问题。研究成果不仅可为同类系统的安全性分析提供方法上的借鉴，也可为防护措施的进一步加固提供依据。

中文关键词： 密码电路；物理攻击；旁路攻击；代码分析；密码分析

英文摘要： The smart carts with authentication function have been widely used in the field of government, public security, finance, education, medicine and transportation. The threat of the security of the smart card will lead to huge financial loss, and even affect the social stability. This project aims to analyze the security issue for the cryptographic algorithms for the S chip which is focused in this foundation item. The cryptographic algorithms include authentication encryption algorithm and data integrity check algorithm to protect content information. This research will focus on three aspects: hardware circuit reverse engineering, software code analysis and the side-channel attack against cryptographic algorithms. hardware circuit reverse engineering techniques are used to mount the hardware circuit analysis, circuit extraction, and to identify certified encryption algorithms; software code analysis technology is used to extract flow of code from the chip to recover the data integrity check algorithm by using dynamic debugging; finally side-channel attack is used to get the secret key information of all kinds of the cryptographic algorithms in order to completely break the smart card authentication process. This study will analyze deeply and completely an unknown cryptographic system and found its security issues. The results of this work not only provide a reference method for security analysis for similar systems, but also provide the basis for further countermeasures.

英文关键词： cryptographic circuit;physical attack;side-channel attack;code analysis;cryptanalysis