论文总字数：31944字

摘 要

智能卡由于具有携带方便、标准完善等优点，被广泛应用于金融、电信等领域。智能卡内部的信息需要进行保密，其密码算法通常由内部的密码芯片来实现。密码芯片的安全性不仅涉及到相应的算法，而且和硬件的电磁泄露等也有密切的关系。因为智能卡的加密是由硬件实现的，无法直接读取到密钥，所以具有很高的安全性。旁路攻击是指绕过对复杂加密算法的分析，利用密码芯片运行过程中的电磁泄露信息（如时间、功耗、出错信息等）去进行攻击的方法。旁路攻击与具体的加密算法无关，给密码芯片的安全性带来了巨大的威胁，从而成为了安全领域的研究热点。

3G/4G移动通信中使用的USIM卡在与认证中心鉴权时，采用基于AES算法的MILENAGE机制。

本文针对USIM卡的MILENAGE算法，采用功耗分析方法进行研究，来获取密钥。主要工作和创新点如下：

1、研究了3G/4G鉴权流程。3G/4G鉴权使用MILENAGE算法。在USIM卡与认证中心的鉴权中，着重分析了USIM卡一端的MILENAGE算法，该算法是基于AES-128的，本文对MILENAGE算法的加密函数和AES的加密过程进行了研究。

2、针对MILENAGE算法，提出了功耗分析方法。采用相关功耗分析和差分功耗分析两种方法对USIM卡安全性进行分析。相关功耗分析将加密运算过程中的数据和USIM卡功耗进行皮尔逊相关分析，差分功耗分析通过分类函数将功耗数据进行分组并做差分运算。实验结果表明，这两种分析方法对MILENAGE算法的安全性分析都是有效的，能够推导出USIM卡的完整密钥。

3、模拟3G/4G鉴权过程。本文对读写器的硬件电路进行了改造，然后把PC作为控制端，用改造后的读写器驱动USIM卡，通过APDU指令向USIM卡发送鉴权指令。在鉴权过程中使用示波器采集USIM卡的功耗，并把采集到的功耗数据传回PC进行处理和分析。

4、用功耗分析法对USIM卡的安全性进行研究。将示波器采集到的400组数据用巴特沃斯滤波器进行滤波，然后将滤除噪声后的数据进行对齐操作。选择MILENAGE算法的f5函数作为研究对象，把f5函数中第一轮AES字节替代后的数据作为中间值进行安全性分析，证明USIM卡的安全性存在威胁。

关键词：3G/4G鉴权，MILENAGE算法，旁路攻击，功耗分析

Abstract

Smart cards are widely used in finance, telecommunications and other fields because of their convenient carrying and perfect standards. The information inside the smart card needs to be kept secret. The cryptographic algorithm is usually implemented by the internal cryptographic chip. The security of chips is not only related to the corresponding algorithms, but also closely related to the electromagnetic leakage of hardware. Because the encryption of smart card is implemented by hardware, we can not get the key directly, so it has high security. Side-channel attack is a method which doesn’t analyze the encryption algorithm but uses electromagnetic leakage information (such as time, power consumption, error information, etc.) of cryptographic chip to attack. Side-channel attacks are not limited by specific encryption algorithms, which pose a huge threat to the security of cryptographic chips, and thus become a research hotspot in the field of security.

When the USIM card used in 3G/4G mobile communication authenticates with the certification center, the MILENAGE mechanism based on AES algorithm is adopted.

In this paper, the MILENAGE algorithm of USIM card is studied by power analysis method to obtain the key. The main work and innovations are as follows:

1. The authentication process of 3G/4G is studied. The authentication of 3G/4G uses MILENAGE algorithm. In the authentication of USIM card and certification center, we analyze the MILENAGE algorithm of USIM card emphatically. MILENAGE algorithm is based on AES-128. In this paper, the encryption function of MILENAGE algorithm and the encryption process of AES are studied.

2. For MILENAGE algorithm, a power analysis method is proposed. The security of USIM card is analyzed by correlation power analysis and differential power analysis. The Pearson correlation analysis is used to analyze the data and the power consumption of USIM card in the process of encryption operation. The differential power analysis grouped the power consumption through the classification function and performed the differential operation. The experimental results show that the two schemes are effective for security analysis of MILENAGE algorithm, and can deduce the complete key of USIM card.

3. Simulate the authentication process of 3G/4G. In this paper, the hardware circuit of the reader is modified, and PC is used as the control end. The modified reader drives the USIM card and sends authentication instructions to the USIM card through APDU instructions. In the authentication process, the oscilloscope is used to collect the power consumption of USIM card, and the collected power consumption data is sent back to PC for processing and analysis.

4. The security of USIM card is studied by power analysis method. The 400 sets of data collected by the oscilloscope are filtered by Butterworth filter, and then the data filtered are aligned. The f5 function of MILENAGE algorithm is chosen as the research object, and the data after the first round of AES SubBytes is taken as the intermediate value for security analysis, which proves that the security of USIM card is threatened.

Key words: 3G/4G authentication, MILENAGE algorithm, side-channel attack, power analysis

目 录

题 目 基于功耗分析的USIM卡安全性研究 I

摘 要 I

Abstract II

第一章 绪论 1

1.1 研究背景 1

1.2 研究现状 1

1.2.1 旁路攻击的来源和分类 1

1.2.2 时间攻击研究现状 2

1.2.3 故障注入攻击研究现状 3

1.2.4 功耗攻击研究现状 3

1.3 本文的主要工作和成果 4

1.4 论文结构 4

第二章 USIM卡鉴权机制研究 6

2.1 3G/4G鉴权流程 6

2.2 MILENAGE算法 7

2.2.1 鉴权中心侧的MILENAGE算法 7

2.2.2 USIM卡侧的MILENAGE算法 8

2.3 AES算法基础 8

2.3.1 有限域定义与运算 9

2.3.2 AES算法执行步骤 10

2.4 USIM卡基础与APDU指令 13

2.4.1 USIM物理结构 13

2.4.2 USIM文件结构 14

2.4.3 APDU指令 15

第三章 功耗分析攻击 18

3.1 功耗分析基础 18

3.1.1 CMOS功耗 18

3.1.2 噪声功耗 19

3.2 功耗分析模型 20

3.2.1 汉明重量功耗模型 20

3.2.2 汉明距离功耗模型 21

3.3功耗分析原理 21

3.3.1 相关功耗分析攻击（CPA） 21

3.3.2 差分功耗分析攻击（DPA） 22

第四章 USIM卡MILENAGE算法的功耗分析 25

4.1 攻击原理 25

剩余内容已隐藏，请支付后下载全文，论文总字数：31944字