A Differential Fault Attack on the Grain Family under Reasonable Assumptions
In this paper we study a differential fault attack against ciphers having the same physical structure as in the Grain family. In particular we demonstrate our attack against Grain v1, Grain-128 and Grain-128a. The existing attacks by Berzati et al. (HOST 2009), Karmakar et al. (Africacrypt 2011) and Banik et al. (CHES 2012) assume a fault model that allows them to reproduce a fault at a particular register location more than once. However, we assume a realistic fault model in which the above assumption is no longer necessary, i.e., re-injecting the fault in the same location more than once is not required. In addition, towards a more practical framework, we also consider the situation in which more than one consecutive locations of the LFSR are flipped as result of a single fault injection.
KeywordsDifferential fault attacks Grain v1 Grain-128 Grain-128a LFSR NFSR Stream Cipher
Unable to display preview. Download preview PDF.
- 1.Biham, E., Shamir, A.: Differential Fault Analysis of Secret Key Cryptosystems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997)Google Scholar
- 2.Boneh, D., DeMillo, R.A., Lipton, R.J.: On the Importance of Checking Cryptographic Protocols for Faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)Google Scholar
- 3.The ECRYPT Stream Cipher Project. eSTREAM Portfolio of Stream Ciphers (revised on September 8, 2008)Google Scholar
- 4.Ågren, M., Hell, M., Johansson, T., Meier, W.: A New Version of Grain-128 with Authentication. In: Symmetric Key Encryption Workshop. DTU, Denmark (2011)Google Scholar
- 6.Berzati, A., Canovas, C., Castagnos, G., Debraize, B., Goubin, L., Gouget, A., Paillier, P., Salgado, S.: Fault Analysis of Grain-128. In: IEEE International Workshop on Hardware-Oriented Security and Trust 2009, pp. 7–14 (2009)Google Scholar
- 8.Hell, M., Johansson, T., Meier, W.: Grain - A Stream Cipher for Constrained Environments. ECRYPT Stream Cipher Project Report 2005/001 (2005), http://www.ecrypt.eu.org/stream
- 9.Hell, M., Johansson, T., Maximov, A., Meier, W.: A Stream Cipher Proposal: Grain-128. In: IEEE International Symposium on Information Theory, ISIT 2006 (2006)Google Scholar