Using SAT Solving to Improve Differential Fault Analysis of Trivium
Combining different cryptanalytic methods to attack a cryptosystem became one of the hot topics in cryptanalysis. In particular, algebraic methods in side channel and differential fault analysis (DFA) attracted a lot of attention recently. In , Hojsík and Rudolf used DFA to recover the inner state of the stream cipher Trivium which leads to recovering the secret key. For this attack, they required 3.2 one-bit fault injections on average and 800 keystream bits. In this paper, we give an example of combining DFA attacks and algebraic attacks. We use algebraic methods to improve the DFA of Trivium . Our improved DFA attack recovers the inner state of Trivium by using only 2 fault injections and only 420 keystream bits.
KeywordsDifferential Fault Analysis algebraic attack SAT-Solvers Trivium
Unable to display preview. Download preview PDF.
- 1.Albrecht, M., Soos, M.: ANF2CNF – Converting ANF to CNF for algebraic attack using SAT solver (2008), http://bitbucket.org/malb/algebraicattacks/src
- 4.Canniere, C.D., Preneel, B.: Trivium specifications. eSTREAM, ECRYPT Stream Cipher Project (2006)Google Scholar
- 11.Niklas Een, N.S.: MinSat 2.0 – one of the best known SAT solvers (2008), http://minisat.se/MiniSat.html