Skip to main content
SpringerLink
Log in

Fault Based Almost Universal Forgeries on CLOC and SILC

  • Conference paper
  • First Online:
Security, Privacy, and Applied Cryptography Engineering (SPACE 2016)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10076))

Abstract

\(\textsf {CLOC}\) and \(\textsf {SILC}\) are two blockcipher based authenticated encryption schemes, submitted to the CAESAR competition, that aim to use low area buffer and handle short input efficiently. The designers of the schemes claimed \(\frac{n}{2}\)-bit integrity security against nonce reusing adversaries, where n is the blockcipher state size in bits. In this paper, we present single fault-based almost universal forgeries on both \(\textsf {CLOC}\) and \(\textsf {SILC}\) with only one single bit fault at a fixed position of a specific blockcipher input. In the case of CLOC, the forgery can be done for almost any nonce, associated data and message triplet, except some nominal restrictions on associated data. In the case of SILC, the forgery can be done for almost any associated data and message, except some nominal restrictions on associated data along with a fixed nonce. Both the attacks on \(\textsf {CLOC}\) and SILC require several nonce-misusing encryption queries. This attack is independent of the underlying blockcipher and works on the encryption mode. In this paper, we also validate the proposed fault based forgery methodology by performing actual fault attacks by electromagnetic pulse injection which shows practicality of the proposed forgery procedure. Finally, we provide updated constructions, that can resist the fault attack on the mode assuming the underlying blockcipher is fault resistant. We would like to note that our attacks do not violate the designers’ claims as our attacks require fault. However, it shows some vulnerability of the schemes when fault is feasible.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. — (no editor), CAESAR Competition. http://competitions.cr.yp.to/caesar.html

  2. Banik, S., Maitra, S.: A differential fault attack on MICKEY 2.0. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 215–232. Springer, Heidelberg (2013). doi:10.1007/978-3-642-40349-1_13

    Chapter  Google Scholar 

  3. Banik, S., Maitra, S., Sarkar, S.: A differential fault attack on the grain family of stream ciphers. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 122–139. Springer, Heidelberg (2012). doi:10.1007/978-3-642-33027-8_8

    Chapter  Google Scholar 

  4. Banik, S., Maitra, S., Sarkar, S.: A differential fault attack on the grain family under reasonable assumptions. In: Galbraith, S., Nandi, M. (eds.) INDOCRYPT 2012. LNCS, vol. 7668, pp. 191–208. Springer, Heidelberg (2012). doi:10.1007/978-3-642-34931-7_12

    Chapter  Google Scholar 

  5. Bellare, M., Rogaway, P., Wagner, D.: The EAX mode of operation. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 389–407. Springer, Heidelberg (2004). doi:10.1007/978-3-540-25937-4_25

    Chapter  Google Scholar 

  6. Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997). doi:10.1007/BFb0052259

    Chapter  Google Scholar 

  7. Biham, E., Granboulan, L., Nguyen, P.Q.: Impossible fault analysis of RC4 and differential fault analysis of RC4. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 359–367. Springer, Heidelberg (2005). doi:10.1007/11502760_24

    Chapter  Google Scholar 

  8. Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y., Vikkelsoe, C.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007). doi:10.1007/978-3-540-74735-2_31

    Chapter  Google Scholar 

  9. Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997). doi:10.1007/3-540-69053-0_4

    Chapter  Google Scholar 

  10. Boneh, D., DeMillo, R.A., Lipton, R.J.: On the. Journal of Cryptography. 2001, 101–119 (2001)

    Google Scholar 

  11. Daemen, J., Rijmen, V.: Rijndael for AES. In: AES Candidate Conference, pp. 343–348 (2000)

    Google Scholar 

  12. Daemen, J., Rijmen, V.: The design of Rijndael: AES - the advanced encryption standard. In: Information Security and Cryptography, Springer, Heidelberg (2002)

    Google Scholar 

  13. Dusart, P., Letourneux, G., Vivolo, O.: Differential fault analysis on A.E.S. In: Zhou, J., Yung, M., Han, Y. (eds.) ACNS 2003. LNCS, vol. 2846, pp. 293–306. Springer, Heidelberg (2003). doi:10.1007/978-3-540-45203-4_23

    Chapter  Google Scholar 

  14. Dworkin, M.: Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality (2004). NIST Special, Publication, 800-38C (2004)

    Google Scholar 

  15. Guo, J., Peyrin, T., Poschmann, A., Robshaw, M.: The LED block cipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 326–341. Springer, Heidelberg (2011). doi:10.1007/978-3-642-23951-9_22

    Chapter  Google Scholar 

  16. Hemme, L., Hoffman, L., Lee, C.: Differential Fault Analysis on the SHA1 Compression Function. In: FDTC 2011, pp. 54–62, 11 (2011)

    Google Scholar 

  17. Hoch, J.J., Shamir, A.: Fault analysis of stream ciphers. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 240–253. Springer, Heidelberg (2004). doi:10.1007/978-3-540-28632-5_18

    Chapter  Google Scholar 

  18. Hojsík, M., Rudolf, B.: Floating fault analysis of trivium. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 239–250. Springer, Heidelberg (2008). doi:10.1007/978-3-540-89754-5_19

    Chapter  Google Scholar 

  19. Hojsík, M., Rudolf, B.: Differential fault analysis of trivium. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 158–172. Springer, Heidelberg (2008). doi:10.1007/978-3-540-71039-4_10

    Chapter  Google Scholar 

  20. Iwata, T., Minematsu, K., Guo, J., Morioka, S., Kobayashi, E.: Re: Fault Based Forgery on CLOC and SILC. https://groups.google.com/forum/#!topic/crypto-competitions/_qxORmqcSrY

  21. Iwata, T., Minematsu, K., Guo, J., Morioka, S., Kobayashi, E.: SILC: SImple Lightweight CFB (2014). http://competitions.cr.yp.to/round1/silcv1.pdf

  22. Iwata, T., Minematsu, K., Guo, J., Morioka, S., Kobayashi, E.: CLOC: Compact Low- Overhead CFB (2014). http://competitions.cr.yp.to/round1/clocv1.pdf

  23. Jeong, K., Lee, C.: Differential fault analysis on block cipher LED-64. In: Park, J.J., Leung, V.C.M., Wang, C.-L., Shon, T. (eds.) Future Information Technology, Application, and Service. LNEE, vol. 164, pp. 747–755. Springer, Heidelberg (2012). doi:10.1007/978-94-007-4516-2_79

    Chapter  Google Scholar 

  24. Jovanovic, P., Kreuzer, M., Polian, I.: A fault attack on the LED block cipher. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 120–134. Springer, Heidelberg (2012). doi:10.1007/978-3-642-29912-4_10

    Chapter  Google Scholar 

  25. Minematsu, K., Lucks, S., Iwata, T.: Improved authenticity bound of EAX, and refinements. In: Susilo, W., Reyhanitabar, R. (eds.) ProvSec 2013. LNCS, vol. 8209, pp. 184–201. Springer, Heidelberg (2013). doi:10.1007/978-3-642-41227-1_11

    Chapter  Google Scholar 

  26. Moise, A., Beroset, E., Phinney, T., Burns, M.: EAX0 Cipher Mode. NIST Submission, 2011: Technique against SPN Structures, with Application to the AES and KHAZAD(2011). http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/eax-prime/eax-prime-spec.pdf

  27. Piret, G., Quisquater, J.-J.: A differential fault attack technique against SPN structures, with application to the AES and Khazad. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 77–88. Springer, Heidelberg (2003). doi:10.1007/978-3-540-45238-6_7

    Chapter  Google Scholar 

  28. Saha, D., Kuila, S., Roy Chowdhury, D.: EscApe: diagonal fault analysis of APE. In: Meier, W., Mukhopadhyay, D. (eds.) INDOCRYPT 2014. LNCS, vol. 8885, pp. 197–216. Springer, Heidelberg (2014). doi:10.1007/978-3-319-13039-2_12

    Google Scholar 

  29. Suzaki, T., Minematsu, K., Morioka, S., Kobayashi, E.: \(\mathit{TWINE}\): a lightweight block cipher for multiple platforms. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 339–354. Springer, Heidelberg (2013). doi:10.1007/978-3-642-35999-6_22

    Chapter  Google Scholar 

  30. Tunstall, M., Mukhopadhyay, D., Ali, S.: Differential fault analysis of the advanced encryption standard using a single fault. In: Ardagna, C.A., Zhou, J. (eds.) WISTP 2011. LNCS, vol. 6633, pp. 224–233. Springer, Heidelberg (2011). doi:10.1007/978-3-642-21040-2_15

    Chapter  Google Scholar 

  31. Whiting, D., Houeley, R., Ferguson, N.: Counter with CBC-MAC, Submission to NIST: (2002). http://csrc.nist.gov/groups/ST/toolkit/BCM/modesdevelopment.html

  32. Agoyan, M., Dutertre, J.-M., Mirbaha, A.-P., Tria, A.: How to Flip a Bit?, On-Line Testing Symposium (IOLTS). In: 2010 IEEE 16th International, 2010 (2010)

    Google Scholar 

  33. Fournier, J.J.A., Moore, S., Li, H., Mullins, R., Taylor, G.: Security evaluation of asynchronous circuits. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 137–151. Springer, Heidelberg (2003). doi:10.1007/978-3-540-45238-6_12

    Chapter  Google Scholar 

  34. Skorobogatov, S.P., Anderson, R.J.: Optical fault induction attacks. In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 2–12. Springer, Heidelberg (2003). doi:10.1007/3-540-36400-5_2

    Chapter  Google Scholar 

  35. Skorobogatov, S.: Local heating attacks on flash memory devices. In: IEEE International Workshop on Hardware-Oriented Security and Trust, 2009 (2009)

    Google Scholar 

  36. Dehbaoui, A., Dutertre, J.-M., Robisson, B., Tria, A.: Electromagnetic Transient Faults Injection on a Hardware and a Software Implementations of AES. Fault Diagnosis and Tolerance, 2012 (2012)

    Google Scholar 

  37. — (no editor). http://satoh.cs.uec.ac.jp/SAKURA/hardware/SAKURA-G_Spec_Ver1.0_English.pdf

Download references

Acknowledgement

Avik Chakraborti and Mridul Nandi are supported by the Centre of Excellence in Cryptology, Indian Statistical Institute, Kolkata. We would also like to thank the reviewers for their useful comments on our paper.

Author information

Authors and Affiliations

  1. Secured Embedded Architecture Laboratory (SEAL), Department of Computer Science and Engineering, Indian Institute of Technology Kharagpur, Kharagpur, India

    Debapriya Basu Roy, S. V. Dilip Kumar & Debdeep Mukhopadhyay

  2. Indian Statistical Institute, Kolkata, India

    Avik Chakraborti & Mridul Nandi

  3. Indraprastha Institute of Information Technology, Delhi, India

    Donghoon Chang

Authors
  1. Debapriya Basu Roy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Avik Chakraborti
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Donghoon Chang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. S. V. Dilip Kumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Debdeep Mukhopadhyay
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Mridul Nandi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Debapriya Basu Roy .

Editor information

Editors and Affiliations

  1. Universities of Paris 8 and Paris 13, LAGA, Paris, France

    Claude Carlet

  2. University of Waterloo, Waterloo, Ontario, Canada

    M. Anwar Hasan

  3. CRRao AIMSCS, Hyderabad, India

    Vishal Saraswat

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing AG

About this paper

Cite this paper

Roy, D.B., Chakraborti, A., Chang, D., Kumar, S.V.D., Mukhopadhyay, D., Nandi, M. (2016). Fault Based Almost Universal Forgeries on CLOC and SILC . In: Carlet, C., Hasan, M., Saraswat, V. (eds) Security, Privacy, and Applied Cryptography Engineering. SPACE 2016. Lecture Notes in Computer Science(), vol 10076. Springer, Cham. https://doi.org/10.1007/978-3-319-49445-6_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-49445-6_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-49444-9

  • Online ISBN: 978-3-319-49445-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation