Practical Fault Attacks on Minalpher: How to Recover Key with Minimum Faults?

  • Avik Chakraborti
  • Nilanjan DattaEmail author
  • Mridul Nandi
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10662)


This work presents two differential fault attacks (or DFA) on Minalpher, a second round CAESAR candidate under practical fault model with as few faults as possible. Minalpher uses a new primitive called tweakable Even-Mansour, based on a permutation-based block-cipher proposed by Even and Mansour and to the best of our knowledge, no practical DFA has yet been reported on it. In the first DFA, only two random faults have been injected on two consecutive 4-bit nibbles (i.e. within total 8 bits) of a specific internal state. We show that (i) if both the faults are injected at the same nibble the key-space for the intermediate key can be reduced significantly from \(2^{256}\) to \(2^{32}\) and (ii) if the faults are injected at different positions, the key-space for the intermediate key can be reduced further to only \(2^{16}\). In the second DFA, we first consider two faults into a single nibble, which reduces the keyspace from \(2^{256}\) to \(2^{48}\). Moreover, we show that one additional fault (i.e. total three faults) helps to reduce the key-space significantly to \(2^{8}\). We can compute the correct intermediate key by observing a few more plain-text, cipher-text pairs, which helps in computing valid cipher-text, tag pairs for any message and associated data under a fixed nonce.


Minalpher Fault DFA Tweakable Even Mansour Nibble 


  1. 1.
    (no editor): CAESAR Competition.
  2. 2.
    Banik, S., Maitra, S.: A differential fault attack on MICKEY 2.0. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 215–232. Springer, Heidelberg (2013). CrossRefGoogle Scholar
  3. 3.
    Banik, S., Maitra, S., Sarkar, S.: A differential fault attack on the grain family of stream ciphers. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 122–139. Springer, Heidelberg (2012). CrossRefGoogle Scholar
  4. 4.
    Chakraborti, A., Nandi, M.: Differential fault analysis on Minalpher. Presented at DIAC (2015)Google Scholar
  5. 5.
    Banik, S., Maitra, S., Sarkar, S.: A differential fault attack on the grain family under reasonable assumptions. In: Galbraith, S., Nandi, M. (eds.) INDOCRYPT 2012. LNCS, vol. 7668, pp. 191–208. Springer, Heidelberg (2012). CrossRefGoogle Scholar
  6. 6.
    Yoshikawa, M., Nozaki, Y.: Two stage fault analysis against a falsification detection cipher Minalpher. In: IEEE International Conference on Smart Cloud (2016)Google Scholar
  7. 7.
    Bellare, M., Rogaway, P., Wagner, D.: The EAX mode of operation. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 389–407. Springer, Heidelberg (2004). CrossRefGoogle Scholar
  8. 8.
    Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997). CrossRefGoogle Scholar
  9. 9.
    Biham, E., Granboulan, L., Nguyên, P.Q.: Impossible fault analysis of RC4 and differential fault analysis of RC4. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 359–367. Springer, Heidelberg (2005). CrossRefGoogle Scholar
  10. 10.
    Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Information Security and Cryptography. Springer, Heidelberg (2002). CrossRefzbMATHGoogle Scholar
  11. 11.
    Dusart, P., Letourneux, G., Vivolo, O.: Differential fault analysis on A.E.S. In: Zhou, J., Yung, M., Han, Y. (eds.) ACNS 2003. LNCS, vol. 2846, pp. 293–306. Springer, Heidelberg (2003). CrossRefGoogle Scholar
  12. 12.
    Bossuet, L., Datta, N., Mancillas-López, C., Nandi, M.: ELmD: a pipelineable authenticated encryption and its hardware implementation. IEEE Trans. Comput. 65, 3318–3331 (2016)MathSciNetCrossRefzbMATHGoogle Scholar
  13. 13.
    Viega, J., McGraw, D.: The use of Galois/Counter Mode (GCM) in IPsec Encapsulating Security Payload (ESP), RFC Editor, United States (2005)Google Scholar
  14. 14.
    Krovetz, T., Rogaway, P.: The software performance of authenticated-encryption modes. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 306–327. Springer, Heidelberg (2011). CrossRefGoogle Scholar
  15. 15.
    Dobraunig, C., Eichlseder, M., Korak, T., Lomné, V., Mendel, F.: Statistical fault attacks on nonce-based authenticated encryption schemes. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 369–395. Springer, Heidelberg (2016). CrossRefGoogle Scholar
  16. 16.
    Hojsík, M., Rudolf, B.: Floating fault analysis of Trivium. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 239–250. Springer, Heidelberg (2008). CrossRefGoogle Scholar
  17. 17.
    Hojsík, M., Rudolf, B.: Differential fault analysis of Trivium. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 158–172. Springer, Heidelberg (2008). CrossRefGoogle Scholar
  18. 18.
    Iwata, T., Minematsu, K., Guo, J., Morioka, S., Kobayashi, E.: SILC: SImple Lightweight CFB (2014).
  19. 19.
    Iwata, T., Minematsu, K., Guo, J., Morioka, S., Kobayashi, E.: CLOC: compact low-overhead CFB (2014).
  20. 20.
    Jeong, K., Lee, C.: Differential fault analysis on block cipher LED-64. In: (Jong Hyuk) Park, J.J., Leung, V., Wang, C.L., Shon, T. (eds.) Future Information Technology, Application and Service. LNEE, vol. 164, pp. 747–755. Springer, Dordrecht (2012). CrossRefGoogle Scholar
  21. 21.
    Jovanovic, P., Kreuzer, M., Polian, I.: A fault attack on the LED block cipher. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 120–134. Springer, Heidelberg (2012). CrossRefGoogle Scholar
  22. 22.
    Piret, G., Quisquater, J.-J.: A differential fault attack technique against SPN structures, with application to the AES and Khazad. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 77–88. Springer, Heidelberg (2003). CrossRefGoogle Scholar
  23. 23.
    Saha, D., Kuila, S., Roy Chowdhury, D.: EscApe: diagonal fault analysis of APE. In: Meier, W., Mukhopadhyay, D. (eds.) INDOCRYPT 2014. LNCS, vol. 8885, pp. 197–216. Springer, Cham (2014). Google Scholar
  24. 24.
    Sasaki, Y., Todo, Y., Aoki, K., Naito, Y., Sugawara, T., Murakami, Y., Matsui, M., Hirose, S.: Minalpher v1 (2014).
  25. 25.
    Tunstall, M., Mukhopadhyay, D., Ali, S.: Differential fault analysis of the advanced encryption standard using a single fault. In: Ardagna, C.A., Zhou, J. (eds.) WISTP 2011. LNCS, vol. 6633, pp. 224–233. Springer, Heidelberg (2011). CrossRefGoogle Scholar
  26. 26.
    Whiting, D., Houeley, R., Ferguson, N.: Counter with CBC-MAC. Submission to NIST 2002 (2002).

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Avik Chakraborti
    • 1
  • Nilanjan Datta
    • 2
    Email author
  • Mridul Nandi
    • 1
  1. 1.Indian Statistical Institute, KolkataKolkataIndia
  2. 2.Indian Institute of Technology, KharagpurKharagpurIndia

Personalised recommendations