research-article

Reduction in the Number of Fault Injections for Blind Fault Attack on SPN Block Ciphers

Authors:

Jian WangAuthors Info & Claims

ACM Transactions on Embedded Computing Systems (TECS), Volume 16, Issue 2

Article No.: 55, Pages 1 - 20

https://doi.org/10.1145/3014583

Published: 19 December 2016 Publication History

Abstract

In 2014, a new fault analysis called blind fault attack (BFA) was proposed, in which attackers can only obtain the number of different faulty outputs without knowing the public data. The original BFA requires 480,000 fault injections to recover a 128-bit AES key. This work attempts to reduce the number of fault injections under the same attack assumptions. We analyze BFA from an information theoretical perspective and introduce a new probability-based distinguisher. Three approaches are proposed for different attack scenarios. The best one realized a 66.8% reduction of the number of fault injections on AES.

References

[1]

Eli Biham and Adi Shamir. 1997. Differential fault analysis of secret key cryptosystems. In Advances in Cryptology—CRYPTO’97. Lecture Notes in Computer Science, Vol. 1294. Springer, 513--525.

Digital Library

[2]

Johannes Blömer and Jean-Pierre Seifert. 2003. Fault based cryptanalysis of the advanced encryption standard (AES). In Financial Cryptography. Springer, 162--181.

[3]

Dan Boneh, Richard A. DeMillo, and Richard J. Lipton. 1997. On the importance of checking cryptographic protocols for faults (extended abstract). In Advances in Cryptology—EUROCRYPT ’97. Lecture Notes in Computer Science, Vol. 1233. Springer, 37--51.

Digital Library

[4]

Eric Brier, Christophe Clavier, and Francis Olivier. 2004. Correlation power analysis with a leakage model. In Cryptographic Hardware and Embedded Systems—CHES 2004. Lecture Notes in Computer Science, Vol. 3156. Springer, 16--29.

[5]

Thomas Fuhr, Éliane Jaulmes, Victor Lomné, and Adrian Thillard. 2013. Fault attacks on AES with faulty ciphertexts only. In Proceedings of the 2013 Workshop on Fault Diagnosis and Tolerance in Cryptology. IEEE, Los Alamitos, CA, 108--118.

Digital Library

[6]

Nahid Farhady Ghalaty, Bilgiday Yuce, Mostafa Taha, and Patrick Schaumont. 2014. Differential fault intensity analysis. In Proceedings of the 2014 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC’14). IEEE, Los Alamitos, CA, 49--58.

Digital Library

[7]

Jian Guo, Thomas Peyrin, Axel Poschmann, and Matt Robshaw. 2011. The LED block cipher. In Proceedings of the 13th International Conference on Cryptographic Hardware and Embedded Systems (CHES’11). 326--341.

Digital Library

[8]

Roman Korkikian, Sylvain Pelissier, and David Naccache. 2014. Blind fault attack against SPN ciphers. In Proceedings of the 2014 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC’14). IEEE, Los Alamitos, CA, 94--103.

Digital Library

[9]

Juliane Krämer, Anke Stüber, and Ágnes Kiss. 2014. On the optimality of differential fault analyses on CLEFIA. IACR Cryptology ePrint Archive. Available at http://eprint.iacr.org/2014/572

[10]

Ronan Lashermes, Guillaume Reymond, Jean-Max Dutertre, Jacques J. A. Fournier, Bruno Robisson, and Assia Tria. 2012. A DFA on AES based on the entropy of error distributions. In Proceedings of the 2012 Workshop on Fault Diagnosis and Tolerance in Cryptography. IEEE, Los Alamitos, CA, 34--43.

Digital Library

[11]

Yang Li, Yu-Ichi Hayashi, Arisa Matsubara, Naofumi Homma, Takafumi Aoki, Kazuo Ohta, and Kazuo Sakiyama. 2013. Yet another fault-based leakage in non-uniform faulty ciphertexts. In Foundationa and Practice of Security. Lecture Notes in Computer Science, Vol. 8352. Springer, 272--287.

Digital Library

[12]

Yang Li, Kazuo Ohta, and Kazuo Sakiyama. 2012. New fault-based side-channel attack using fault sensitivity. IEEE Transactions on Information Forensics and Security 7, 1, 88--97.

Digital Library

[13]

Yang Li, Kazuo Sakiyama, Shigeto Gomisawa, Toshinori Fukunaga, Junko Takahashi, and Kazuo Ohta. 2010. Fault sensitivity analysis. In Cryptographic Hardware and Embedded Systems—CHES 2010. Lecture Notes in Computer Science, Vol. 6225. Springer, 320--334.

[14]

Yannan Liu, Jie Zhang, Lingxiao Wei, Feng Yuan, and Qiang Xu. 2015. DERA: Yet another differential fault attack on cryptographic devices based on error rate analysis. In Proceedings of the 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC’15). IEEE, Los Alamitos, CA, 1--6.

Digital Library

[15]

James L. Massey, Gurgen H. Khachatrian, and Melsik K. Kuregian. 2000. Nomination of SAFER++ as candidate algorithm for the new European schemes for signatures, integrity, and encryption (NESSIE). Primitive submitted to NESSIE by Cylink Corp.

[16]

Amir Moradi, Oliver Mischke, Christof Paar, Yang Li, Kazuo Ohta, and Kazuo Sakiyama. 2011. On the power of fault sensitivity analysis and collision side-channel attacks in a combined setting. In Cryptographic Hardware and Embedded Systems—CHES 2011. Lecture Notes in Computer Science, Vol. 6917. Springer, 292--311.

Digital Library

[17]

Nicolas Moro, Amine Dehbaoui, Karine Heydemann, Bruno Robisson, and Emmanuelle Encrenaz. 2013. Electromagnetic fault injection: Towards a fault model on a 32-bit microcontroller. In Proceedings of the 2013 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC’13). IEEE, Los Alamitos, CA, 77--88.

Digital Library

[18]

National Institute of Standards and Technology. 2001. Federal Information Processing Standards Publication 197: Advanced Encryption Standard. Retrieved November 18, 2016, from http://csrc.nist.gov/ publications/fips/fips197/fips-197.pdf.

[19]

Gilles Piret and Jean-Jacques Quisquater. 2003. A differential fault attack technique against SPN structures, with application to the AES and KHAZAD. In Cryptographic Hardware and Embedded Systems—CHES 2003. Lecture Notes in Computer Science, Vol. 2779. Springer, 77--88.

[20]

C. Roscian, A. Sarafianos, J.-M. Dutertre, and A. Tria. 2013. Fault model analysis of laser-induced faults in SRAM memory cells. In Proceedings of the 2013 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC’13). IEEE, Los Alamitos, CA, 89--98.

Digital Library

[21]

Kazuo Sakiyama, Yang Li, Mitsugu Iwamoto, and Kazuo Ohta. 2012. Information-theoretic approach to optimal differential fault analysis. IEEE Transactions on Information Forensics and Security 7, 1, 109--120.

Digital Library

[22]

Fabrizio De Santis, Oscar M. Guillen, Ermin Sakic, and Georg Sigl. 2014. Ciphertext-only fault attacks on PRESENT. In Lightweight Cryptography for Security and Privacy. Lecture Notes in Computer Science, Vol. 8898. Springer, 85--108.

[23]

Michael Tunstall, Debdeep Mukhopadhyay, and Subidh Ali. 2011. Differential fault analysis of the advanced encryption standard using a single fault. In Information and Security Theory and Practice. Lecture Notes in Computer Science, Vol. 6633. Springer, 224--233.

Digital Library

[24]

An Wang, Man Chen, Zongyue Wang, and Xiaoyun Wang. 2013. Fault rate analysis: Breaking masked AES hardware implementations efficiently. IEEE Transactions on Circuits and Systems II: Express Briefs 60, 8, 517--521.

Cited By

Saini ATsokanos AKirner R(2023)CryptoQNRG: a new framework for evaluation of cryptographic strength in quantum and pseudorandom number generation for key-scheduling algorithmsThe Journal of Supercomputing10.1007/s11227-023-05115-479:11(12219-12237)Online publication date: 8-Mar-2023
https://dl.acm.org/doi/10.1007/s11227-023-05115-4
Hou XBreier JBhasin S(2022)SBCMA: Semi-Blind Combined Middle-Round Attack on Bit-Permutation Ciphers With Application to AEAD SchemesIEEE Transactions on Information Forensics and Security10.1109/TIFS.2022.321342417(3677-3690)Online publication date: 1-Jan-2022
https://dl.acm.org/doi/10.1109/TIFS.2022.3213424
Shang NZhang JDing YChen CWang A(2020)Homological Fault Attack on AES Block Cipher and Its CountermeasuresProceedings of the 9th International Conference on Computer Engineering and Networks10.1007/978-981-15-3753-0_64(655-665)Online publication date: 1-Jul-2020
https://doi.org/10.1007/978-981-15-3753-0_64
Show More Cited By

Index Terms

Reduction in the Number of Fault Injections for Blind Fault Attack on SPN Block Ciphers
1. Security and privacy
  1. Cryptography
    1. Symmetric cryptography and hash functions
      1. Block and stream ciphers
  2. Security in hardware
    1. Embedded systems security
    2. Hardware attacks and countermeasures
      1. Side-channel analysis and countermeasures

Recommendations

Blind Fault Attack against SPN Ciphers
FDTC '14: Proceedings of the 2014 Workshop on Fault Diagnosis and Tolerance in Cryptography

This paper presents a novel fault attack against Substitution Permutation Networks. The main advantage of the method is an absence of necessity to know the exact cipher's input and output values. The attack relies only on the number of faulty cipher ...
New Insights on AES-Like SPN Ciphers
Proceedings, Part I, of the 36th Annual International Cryptology Conference on Advances in Cryptology --- CRYPTO 2016 - Volume 9814

It has been proved in Eurocryptï ź2016 by Sun et al. that if the details of the S-boxes are not exploited, an impossible differential and a zero-correlation linear hull can extend over at most 4 rounds of the AES. This paper concentrates on ...
Automatic search for related-key differential characteristics in byte-oriented block ciphers: application to AES, Camellia, Khazad and others
EUROCRYPT'10: Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques

While differential behavior of modern ciphers in a single secret key scenario is relatively well understood, and simple techniques for computation of security lower bounds are readily available, the security of modern block ciphers against related-key ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Transactions on Embedded Computing Systems

ACM Transactions on Embedded Computing Systems Volume 16, Issue 2

Special Issue on LCETES 2015, Special Issue on ACSD 2015 and Special Issue on Embedded Devise Forensics and Security

May 2017

705 pages

ISSN:1539-9087

EISSN:1558-3465

DOI:10.1145/3025020

Editor:
Sandeep K. Shukla
Indian Institute of Technology, India

Issue’s Table of Contents

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Journal Family

ACM Journals for the Design of Smart and Connected Systems

Publication History

Published: 19 December 2016

Accepted: 01 November 2016

Revised: 01 November 2016

Received: 01 November 2015

Published in TECS Volume 16, Issue 2

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Funding Sources

Natural Science Foundation of Jiangsu Province
Chinese Postdoctoral Science Foundation
National Natural Science Foundation of China
Postdoctoral Science Foundation of Jiangsu

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
186
Total Downloads

Downloads (Last 12 months)4
Downloads (Last 6 weeks)0

Reflects downloads up to 18 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Saini ATsokanos AKirner R(2023)CryptoQNRG: a new framework for evaluation of cryptographic strength in quantum and pseudorandom number generation for key-scheduling algorithmsThe Journal of Supercomputing10.1007/s11227-023-05115-479:11(12219-12237)Online publication date: 8-Mar-2023
https://dl.acm.org/doi/10.1007/s11227-023-05115-4
Hou XBreier JBhasin S(2022)SBCMA: Semi-Blind Combined Middle-Round Attack on Bit-Permutation Ciphers With Application to AEAD SchemesIEEE Transactions on Information Forensics and Security10.1109/TIFS.2022.321342417(3677-3690)Online publication date: 1-Jan-2022
https://dl.acm.org/doi/10.1109/TIFS.2022.3213424
Shang NZhang JDing YChen CWang A(2020)Homological Fault Attack on AES Block Cipher and Its CountermeasuresProceedings of the 9th International Conference on Computer Engineering and Networks10.1007/978-981-15-3753-0_64(655-665)Online publication date: 1-Jul-2020
https://doi.org/10.1007/978-981-15-3753-0_64
Choo KFei YXiang YYu Y(2016)Embedded Device Forensics and SecurityACM Transactions on Embedded Computing Systems10.1145/301566216:2(1-5)Online publication date: 12-Dec-2016
https://dl.acm.org/doi/10.1145/3015662

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents