Advertisement

Practical Fault Attacks on Minalpher: How to Recover Key with Minimum Faults?

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10662)

Abstract

This work presents two differential fault attacks (or DFA) on Minalpher, a second round CAESAR candidate under practical fault model with as few faults as possible. Minalpher uses a new primitive called tweakable Even-Mansour, based on a permutation-based block-cipher proposed by Even and Mansour and to the best of our knowledge, no practical DFA has yet been reported on it. In the first DFA, only two random faults have been injected on two consecutive 4-bit nibbles (i.e. within total 8 bits) of a specific internal state. We show that (i) if both the faults are injected at the same nibble the key-space for the intermediate key can be reduced significantly from \(2^{256}\) to \(2^{32}\) and (ii) if the faults are injected at different positions, the key-space for the intermediate key can be reduced further to only \(2^{16}\). In the second DFA, we first consider two faults into a single nibble, which reduces the keyspace from \(2^{256}\) to \(2^{48}\). Moreover, we show that one additional fault (i.e. total three faults) helps to reduce the key-space significantly to \(2^{8}\). We can compute the correct intermediate key by observing a few more plain-text, cipher-text pairs, which helps in computing valid cipher-text, tag pairs for any message and associated data under a fixed nonce.

Keywords

Minalpher Fault DFA Tweakable Even Mansour Nibble 

References

  1. 1.
    (no editor): CAESAR Competition. http://competitions.cr.yp.to/caesar.html
  2. 2.
    Banik, S., Maitra, S.: A differential fault attack on MICKEY 2.0. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 215–232. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40349-1_13 CrossRefGoogle Scholar
  3. 3.
    Banik, S., Maitra, S., Sarkar, S.: A differential fault attack on the grain family of stream ciphers. In: Prouff, E., Schaumont, P. (eds.) CHES 2012. LNCS, vol. 7428, pp. 122–139. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-33027-8_8 CrossRefGoogle Scholar
  4. 4.
    Chakraborti, A., Nandi, M.: Differential fault analysis on Minalpher. Presented at DIAC (2015)Google Scholar
  5. 5.
    Banik, S., Maitra, S., Sarkar, S.: A differential fault attack on the grain family under reasonable assumptions. In: Galbraith, S., Nandi, M. (eds.) INDOCRYPT 2012. LNCS, vol. 7668, pp. 191–208. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-34931-7_12 CrossRefGoogle Scholar
  6. 6.
    Yoshikawa, M., Nozaki, Y.: Two stage fault analysis against a falsification detection cipher Minalpher. In: IEEE International Conference on Smart Cloud (2016)Google Scholar
  7. 7.
    Bellare, M., Rogaway, P., Wagner, D.: The EAX mode of operation. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 389–407. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-25937-4_25 CrossRefGoogle Scholar
  8. 8.
    Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997).  https://doi.org/10.1007/BFb0052259 CrossRefGoogle Scholar
  9. 9.
    Biham, E., Granboulan, L., Nguyên, P.Q.: Impossible fault analysis of RC4 and differential fault analysis of RC4. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 359–367. Springer, Heidelberg (2005).  https://doi.org/10.1007/11502760_24 CrossRefGoogle Scholar
  10. 10.
    Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Information Security and Cryptography. Springer, Heidelberg (2002).  https://doi.org/10.1007/978-3-662-04722-4 CrossRefMATHGoogle Scholar
  11. 11.
    Dusart, P., Letourneux, G., Vivolo, O.: Differential fault analysis on A.E.S. In: Zhou, J., Yung, M., Han, Y. (eds.) ACNS 2003. LNCS, vol. 2846, pp. 293–306. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-45203-4_23 CrossRefGoogle Scholar
  12. 12.
    Bossuet, L., Datta, N., Mancillas-López, C., Nandi, M.: ELmD: a pipelineable authenticated encryption and its hardware implementation. IEEE Trans. Comput. 65, 3318–3331 (2016)MathSciNetCrossRefMATHGoogle Scholar
  13. 13.
    Viega, J., McGraw, D.: The use of Galois/Counter Mode (GCM) in IPsec Encapsulating Security Payload (ESP), RFC Editor, United States (2005)Google Scholar
  14. 14.
    Krovetz, T., Rogaway, P.: The software performance of authenticated-encryption modes. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 306–327. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-21702-9_18 CrossRefGoogle Scholar
  15. 15.
    Dobraunig, C., Eichlseder, M., Korak, T., Lomné, V., Mendel, F.: Statistical fault attacks on nonce-based authenticated encryption schemes. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 369–395. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53887-6_14 CrossRefGoogle Scholar
  16. 16.
    Hojsík, M., Rudolf, B.: Floating fault analysis of Trivium. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 239–250. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-89754-5_19 CrossRefGoogle Scholar
  17. 17.
    Hojsík, M., Rudolf, B.: Differential fault analysis of Trivium. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 158–172. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-71039-4_10 CrossRefGoogle Scholar
  18. 18.
    Iwata, T., Minematsu, K., Guo, J., Morioka, S., Kobayashi, E.: SILC: SImple Lightweight CFB (2014). http://competitions.cr.yp.to/round1/silcv1.pdf
  19. 19.
    Iwata, T., Minematsu, K., Guo, J., Morioka, S., Kobayashi, E.: CLOC: compact low-overhead CFB (2014). http://competitions.cr.yp.to/round1/clocv1.pdf
  20. 20.
    Jeong, K., Lee, C.: Differential fault analysis on block cipher LED-64. In: (Jong Hyuk) Park, J.J., Leung, V., Wang, C.L., Shon, T. (eds.) Future Information Technology, Application and Service. LNEE, vol. 164, pp. 747–755. Springer, Dordrecht (2012).  https://doi.org/10.1007/978-94-007-4516-2_79 CrossRefGoogle Scholar
  21. 21.
    Jovanovic, P., Kreuzer, M., Polian, I.: A fault attack on the LED block cipher. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 120–134. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-29912-4_10 CrossRefGoogle Scholar
  22. 22.
    Piret, G., Quisquater, J.-J.: A differential fault attack technique against SPN structures, with application to the AES and Khazad. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 77–88. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-45238-6_7 CrossRefGoogle Scholar
  23. 23.
    Saha, D., Kuila, S., Roy Chowdhury, D.: EscApe: diagonal fault analysis of APE. In: Meier, W., Mukhopadhyay, D. (eds.) INDOCRYPT 2014. LNCS, vol. 8885, pp. 197–216. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-13039-2_12 Google Scholar
  24. 24.
    Sasaki, Y., Todo, Y., Aoki, K., Naito, Y., Sugawara, T., Murakami, Y., Matsui, M., Hirose, S.: Minalpher v1 (2014). http://competitions.cr.yp.to/round1/minalpherv1.pdf
  25. 25.
    Tunstall, M., Mukhopadhyay, D., Ali, S.: Differential fault analysis of the advanced encryption standard using a single fault. In: Ardagna, C.A., Zhou, J. (eds.) WISTP 2011. LNCS, vol. 6633, pp. 224–233. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-21040-2_15 CrossRefGoogle Scholar
  26. 26.
    Whiting, D., Houeley, R., Ferguson, N.: Counter with CBC-MAC. Submission to NIST 2002 (2002). http://csrc.nist.gov/groups/ST/toolkit/BCM/modesdevelopment.html

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Avik Chakraborti
    • 1
  • Nilanjan Datta
    • 2
  • Mridul Nandi
    • 1
  1. 1.Indian Statistical Institute, KolkataKolkataIndia
  2. 2.Indian Institute of Technology, KharagpurKharagpurIndia

Personalised recommendations