能量攻击利用密码设备（芯片）物理实现过程中所泄露的功耗进行攻击，捕获算法密钥信息，其鲜明特点是攻击成本较低，且对密码设备容易构成致命威胁。针对分组密码无法直接抵御能量攻击问题，凝练出“新型掩码方案构造理论”和“安全性自动化分析”两个科学问题，并开展以下研究工作：探索无随机数高阶掩码方案的构造技术，突破传统掩码方案过于“笨重”的技术瓶颈；设计具有低面积、低延迟的通用门限实现方案；构造基于查找表的轻量化掩码方案；结合分组密码S盒的特点，提出快速的掩码实现方法；探索高效的安全性自动化分析手段，避免以往繁琐的手工推演及经验测试的局限，构建覆盖探测模型、毛刺泄露等模型下安全性规约的形式化验证工具；搭建分组密码掩码构造及其自动化分析实验验证平台。课题力图在新型掩码方案构造理论上的突破，并侧重其安全性自动化分析的有效性。研究成果将为对称密码算法防护的设计及自动化分析提供新的理论和实用分析工具。

Power analysis attack is able to achieve the secret keys by inspecting the power consumption of a cryptographic device (e.g. chip) when the device is physically implemented. Its distinctive feature is that the cost is quite cheap, and it easily gives rise to fatal threat to the cryptographic device. Aiming at the issue that block cipher cannot directly resist the power analysis attack, two scientific problems, i.e., both "the theory regarding to new construction of mask schemes" and " the automatic analysis technique of security", are formalized in this project. The research content of this project are as following. We will explore the construction of the high-order mask scheme without fresh randomness to break the technical bottleneck where the traditional masking schemes are too unwieldy in implementation. We will design a universal threshold implementation scheme with low area and low latency. On the other hand, we will also construct some lightweight masking schemes by basing on look-up tables. In particular, we will optimize the implementation of the mask schemes by using some new algebraic properties of S-box. Moreover, we try to look for efficient automatic secure analysis tools to avoid the cumbersome manual deduction and the limitations of empirical test. More precisely, a formal verification tool will be constructed, which covers the security of probing model and so on. A test platform will be established, which is able to perform the automatic analysis of the security of masking schemes. In this project, we try to achieve theoretical breakthrough in aspect of the construction of new masking schemes. At the same time, we also focus on the efficiency of this automatic analysis tool. The project will provide some new theoretical and practical analysis tools for the protection design and automatic analysis of symmetric encryption algorithms.