Abstract
This paper proposes some techniques to improve algebraic fault analysis (AFA). First, we show that building the equation set for the decryption of a cipher can accelerate the solving procedure. Second, we propose a method to represent the injected faults with algebraic equations when the accurate fault location is unknown. We take Piccolo as an example to illustrate our AFA and compare it with differential fault analysis (DFA). Only one fault injection is required to break Piccolo with the improved AFA. Finally, we extend the proposed AFA to other lightweight block ciphers, such as MIBS, LED, and DES. For the first time, the full secret key of DES can be recovered with only a single fault injection.
This work was supported in part by the National Natural Science Foundation of China under the grants 60772082, 61173191, 61272491, and US National Science Foundation under the grant CNS-0644188.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Ali, S., Mukhopadhyay, D., Tunstall, M.: Differential fault analysis of AES: towards reaching its limits. Journal of Cryptographic Engineering (2012), doi:10.1007/s13389-012-0046-y.
Agoyan, M., Dutertre, J.-M., Naccache, D., Robisson, B., Tria, A.: When clocks fail: On critical paths and clock faults. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 182–193. Springer, Heidelberg (2010)
Bar-El, H., Choukri, H., Naccache, D., Tunstall, M., Whelan, C.: The Sorcerers Apprentice Guide to Fault Attacks. In: IEEE 1994, pp. 370–382 (2006)
Barenghi, A., Breveglieri, L., Koren, I., Naccache, D.: Fault injection attacks on cryptographic devices: Theory, practice and countermeasures. Politecnico di Milano, Milan, Italy, Tech. Rep. (2012)
Biham, E., Shamir, A.: Differential Fault Analysis of Secret Key Cryptosystems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997)
Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y., Vikkelsoe, C.: PRESENT: An Ultra-Lightweight Block Cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007)
Boneh, D., DeMillo, R.A., Lipton, R.J.: On the Importance of Checking Cryptographic Protocols for Faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)
Bouillaguet, C., Derbez, P., Fouque, P.-A.: Automatic Search of Attacks on Round-Reduced AES and Applications. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 169–187. Springer, Heidelberg (2011)
Courtois, N.T., Pieprzyk, J.: Cryptanalysis of Block Ciphers with Overdefined Systems of Equations. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 267–287. Springer, Heidelberg (2002)
Courtois, N., Ware, D., Jackson, K.: Fault-Algebraic Attacks on Inner Rounds of DES. In: eSmart 2010, pp. 22–24 (2010)
Derbez, P., Fouque, P.-A., Leresteux, D.: Meet-in-the-Middle and Impossible Differential Fault Analysis on AES. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 274–291. Springer, Heidelberg (2011)
Ding, J., Buchmann, J., Mohamed, M.S.E., et al.: MutantXL algorithm. In: Proceedings of the 1st International Conference in Symbolic Computation and Cryptography, pp. 16–22 (2008)
Faugère, J.C.: Gröbner Bases. Applications in Cryptology. In: FSE 2007, Invited Talk (2007), http://fse2007.uni.lu/slides/faugere.pdf
Gregory, V.B.: Algebraic Cryptanalysis. Published by Springer (2009)
Gu, D., Li, J., Li, S., Guo, Z., Liu, J.: Differential Fault Analysis on Lightweight Blockciphers with Statistical Cryptanalysis Techniques. In: FDTC 2012, pp. 27–33 (2012)
Guo, J., Peyrin, T., Poschmann, A., Robshaw, M.: The LED Block Cipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 326–341. Springer, Heidelberg (2011)
HojsÃk, M., Rudolf, B.: Differential fault analysis of Trivium. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 158–172. Springer, Heidelberg (2008)
HojsÃk, M., Rudolf, B.: Floating fault analysis of trivium. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 239–250. Springer, Heidelberg (2008)
Izadi, M., Sadeghiyan, B., Sadeghian, S.S., et al.: MIBS: A New Lightweight Block Cipher. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 334–348. Springer, Heidelberg (2009)
Jeong, K., Lee, C.: Differential Fault Analysis on Block Cipher LED-64. In (Jong Hyuk) Park, J.J., Leung, V.C.M., Wang, C.-L., Shon, T. (eds.) Future Information Technology, Application, and Service. LNEE, vol. 164, pp. 747–755. Springer, Heidelberg (2012)
Jeong, K.: Differential Fault Analysis on Block Cipher Piccolo. Cryptology ePrint Archive (2012), http://eprint.iacr.org/2012/399.pdf
Jovanovic, P., Kreuzer, M., Polian, I.: A Fault Attack on the LED Block Cipher. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 120–134. Springer, Heidelberg (2012)
Jovanovic, P., Kreuzer, M., Polian, I.: An Algebraic Fault Attack on the LED Block Cipher. Cryptology ePrint Archive (2012), http://eprint.iacr.org/2012/400.pdf
Knudsen, L.R., Miolane, C.V.: Counting equations in algebraic attacks on block ciphers. International Journal of Information Security 9(2), 127–135 (2010)
Lim, C.H., Korkishko, T.: mCrypton – A Lightweight Block Cipher for Security of Low-Cost RFID Tags and Sensors. In: Song, J.-S., Kwon, T., Yung, M. (eds.) WISA 2005. LNCS, vol. 3786, pp. 243–258. Springer, Heidelberg (2006)
Mohamed, M.S.E., Mohamed, W.S.A.E., Ding, J., Buchmann, J.: MXL2: Solving Polynomial Equations over GF(2) Using an Improved Mutant Strategy. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp. 203–215. Springer, Heidelberg (2008)
Mohamed, M., Bulygin, S., Buchmann, J.: Improved Differential Fault Analysis of Trivium. In: COSADE 2011, pp. 147–158 (2011)
Mohamed, M., Bulygin, S., Zohner, M., Heuser, A., Walter, M.: Improved Algebraic Side-Channel Attack on AES. Cryptology ePrint Archive (2011), http://eprint.iacr.org/2012/084.pdf
Mukhopadhyay, D.: An Improved Fault Based Attack of the Advanced Encryption Standard. In: Preneel, B. (ed.) AFRICACRYPT 2009. LNCS, vol. 5580, pp. 421–434. Springer, Heidelberg (2009)
National Bureau of Standards, Data Encryption Standard. U.S. Department of Commerce, FIPS PUB. 46 (January 1977)
Piret, G., Quisquater, J.-J.: A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 77–88. Springer, Heidelberg (2003)
Renauld, M., Standaert, F.-X.: Algebraic Side-Channel Attacks. In: Bao, F., Yung, M., Lin, D., Jing, J. (eds.) Inscrypt 2009. LNCS, vol. 6151, pp. 393–410. Springer, Heidelberg (2010)
Rivain, M.: Differential Fault Analysis on DES Middle Rounds. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 457–469. Springer, Heidelberg (2009)
SAT. Sat Race Competition, http://www.satcompetition.org/
Shibutani, K., Isobe, T., Hiwatari, H., Mitsuda, A., Akishita, T., Shirai, T.: Piccolo: An Ultra-Lightweight Blockcipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 342–357. Springer, Heidelberg (2011)
Soos, M., Nohl, K., Castelluccia, C.: Extending SAT Solvers to Cryptographic Problems. In: Kullmann, O. (ed.) SAT 2009. LNCS, vol. 5584, pp. 244–257. Springer, Heidelberg (2009)
Takahashi, J., Fukunaga, T.: Improved Differential Fault Analysis on CLEFIA. In: FDTC 2008, pp. 25–34 (2008)
Tunstall, M., Mukhopadhyay, D., Ali, S.: Differential Fault Analysis of the Advanced Encryption Standard Using a Single Fault. In: Ardagna, C.A., Zhou, J. (eds.) WISTP 2011. LNCS, vol. 6633, pp. 224–233. Springer, Heidelberg (2011), http://eprint.iacr.org/2009/575
Zhao, X., Wang, T., Wang, S., Wu, Y.: Research on deep differential fault analysis against MIBS. Journal on Communications 31(12), 82–89 (2010)
Zhao, X., Zhang, F., Guo, S., Wang, T., Shi, Z., Liu, H., Ji, K.: MDASCA: An Enhanced Algebraic Side-Channel Attack for Error Tolerance and New Leakage Model Exploitation. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 231–248. Springer, Heidelberg (2012)
Zhao, X., Guo, S., Zhang, F., et al.: Algebraic Differential Fault Attacks on LED using a Single Fault Injection. Cryptology ePrint Archive (2012), http://eprint.iacr.org/2012/347.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, F., Zhao, X., Guo, S., Wang, T., Shi, Z. (2013). Improved Algebraic Fault Analysis: A Case Study on Piccolo and Applications to Other Lightweight Block Ciphers. In: Prouff, E. (eds) Constructive Side-Channel Analysis and Secure Design. COSADE 2013. Lecture Notes in Computer Science, vol 7864. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40026-1_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-40026-1_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40025-4
Online ISBN: 978-3-642-40026-1
eBook Packages: Computer ScienceComputer Science (R0)