Fault Analysis of Stream Ciphers

A fault attack is a powerful cryptanalytic tool which can be applied to many types of cryptosystems which are not vulnerable to direct attacks. The research literature contains many examples of fault attacks on public key cryptosystems and block ciphers, but surprisingly we could not find any systematic study of the applicability of fault attacks to stream ciphers. Our goal in this paper is to develop general techniques which can be used to attack the standard constructions of stream ciphers based on LFSR's, as well as more specialized techniques which can be used against specific stream ciphers such as RC4, LILI-128 and SOBER-t32. While most of the schemes can be successfully attacked, we point out several interesting open problems such as an attack on FSM filtered constructions and the analysis of high Hamming weight faults in LFSR's.

[1]  Sylvie Dubuc,et al.  Characterization of Linear Structures , 2001, Des. Codes Cryptogr..

[2]  J. Faugère A new efficient algorithm for computing Gröbner bases (F4) , 1999 .

[3]  Shai Halevi,et al.  Scream: A Software-Efficient Stream Cipher , 2002, FSE.

[4]  Adi Shamir,et al.  A Practical Attack on Broadcast RC4 , 2001, FSE.

[5]  Adi Shamir,et al.  Efficient Algorithms for Solving Overdefined Systems of Multivariate Polynomial Equations , 2000, EUROCRYPT.

[6]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[7]  Markku-Juhani O. Saarinen A Time-Memory Tradeoff Attack Against LILI-128 , 2002, FSE.

[8]  Hugo Krawczyk,et al.  The Shrinking Generator , 1994, CRYPTO.

[9]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[10]  Nicolas Courtois Algebraic Attacks on Combiners with Memory and Several Outputs , 2003, ICISC.

[11]  Steve Babbage,et al.  Cryptanalysis of LILI-128 , 2001 .

[12]  Thomas Johansson,et al.  A New Version of the Stream Cipher SNOW , 2002, Selected Areas in Cryptography.

[13]  Shai Halevi,et al.  Cryptanalysis of Stream Ciphers with Linear Masking , 2002, CRYPTO.

[14]  Josef Pieprzyk,et al.  Algebraic Attacks on SOBER-t32 and SOBER-t16 without Stuttering , 2004, FSE.

[15]  Jovan Dj. Golic,et al.  Correlation Analysis of the Alternating Step Generator , 2004, Des. Codes Cryptogr..

[16]  Joos Vandewalle,et al.  Cryptanalysis of SOBER-t32 , 2003, FSE.

[17]  Willi Meier,et al.  Fast Algebraic Attacks on Stream Ciphers with Linear Feedback , 2003, CRYPTO.

[18]  Eli Biham,et al.  Impossible Fault Analysis of RC4 and Differential Fault Analysis of RC4 , 2005, FSE.

[19]  Jovan Dj. Golic,et al.  On the Resynchronization Attack , 2003, FSE.