文献类型：期刊文献

英文题名：Timing leakage to break SM2 signature algorithm

作者：Chen, Aidong[1,2];Hong, Chen[1,2];Shang, Xinna[1,2];Jing, Hongyuan[1,2];Xu, Sen[3]

第一作者：陈艾东

通讯作者：Jing, HY[1]

机构：[1]Beijing Union Univ, Multiagent Syst Res Ctr, Beijing 100101, Peoples R China;[2]Beijing Union Univ, Coll Robot, Beijing 100101, Peoples R China;[3]Shanghai ViewSource Technol, Shanghai, Peoples R China

第一机构：北京联合大学

通讯机构：[1]corresponding author), Beijing Union Univ, Multiagent Syst Res Ctr, Beijing 100101, Peoples R China.|[11417]北京联合大学;

年份：2022

卷号：67

外文期刊名：JOURNAL OF INFORMATION SECURITY AND APPLICATIONS

收录：;EI(收录号：20222212186014);Scopus(收录号：2-s2.0-85131092686);WOS:【SCI-EXPANDED(收录号:WOS:000807257800010)】；

基金：Acknowledgments This work is support by The National Key R& D Program of China (Grant No. 2018AAA0100804) and High-Level Teachers in Beijing Mu-nicipal Universities in the Period of the 13th Five-Year Plan (CIT & TCD 201704069) .

语种：英文

外文关键词：public key cryptography; Side-channel attack; SM2-DSA; Lattice analysis

摘要：SM2 digital signature algorithm (SM2-DSA) is a Chinese public key cryptography standard, which is also ISO/IEC standard. However, seldom publications show the evaluation results for combination analysis of side channel and lattice theory. The combination attack is powerful and has been confirmed on ECDSA schemes. We target SM2-DSA to evaluate security with respect to the combinated analysis. Given the most significant zero bits, we provide the detailed deduction of inequations for lattice construction. We confirmed the validity of our deduction and also confirmed security bounder where a successful lattice attack requires at least 6 bits leakage of nonce. Our results show a greatly difference from the results gained under the least significant bits leakage. We then provide a comprehensive analysis on parameters selection of lattice reduction. Our results can be a guide for both security evaluation and secure implementation design.