Differential Fault Analysis on SMS4 using a single fault

Differential Fault Analysis (DFA) attack is a powerful cryptanalytic technique that could be used to retrieve the secret key by exploiting computational errors in the encryption (decryption) procedure. In this paper, we propose a new DFA attack on SMS4 using a single fault. We show that if a random byte fault is induced into either the second, third, or fourth word register at the input of the 28-th round, the 128-bit key could be recovered with an exhaustive search of 22.11 bits on average. The proposed attack makes use of the characteristic of the cipher's structure and its round function. Furthermore, it can be tailored to any block cipher employing a similar structure and an SPN-style round function as that of SMS4.

[1]  Kaisa Nyberg,et al.  Differentially Uniform Mappings for Cryptography , 1994, EUROCRYPT.

[2]  Dengguo Feng,et al.  Some New Observations on the SMS4 Block Cipher in the Chinese WAPI Standard , 2009, ISPEC.

[3]  Chris Christensen,et al.  Algebraic Cryptanalysis of SMS4: Gröbner Basis Attack and SAT Attack Compared , 2009, ICISC.

[4]  David Naccache,et al.  The Sorcerer's Apprentice Guide to Fault Attacks , 2006, Proceedings of the IEEE.

[5]  Matthieu Rivain,et al.  Differential Fault Analysis on DES Middle Rounds , 2009, CHES.

[6]  Gu Da-wu Differential fault analysis on the SMS4 cipher by inducing faults to the key schedule , 2008 .

[7]  Pulak Mishra,et al.  Mergers, Acquisitions and Export Competitive- ness: Experience of Indian Manufacturing Sector , 2012 .

[8]  Amir Moradi,et al.  A Generalized Method of Differential Fault Attack Against AES Cryptosystem , 2006, CHES.

[9]  Whitfield Diffie,et al.  SMS4 Encryption Algorithm for Wireless Networks , 2008, IACR Cryptol. ePrint Arch..

[10]  Eltayeb Salih Abuelyaman,et al.  Differential Fault Analysis , 2005, International Conference on Internet Computing.

[11]  Markus G. Kuhn,et al.  Tamper resistance: a cautionary note , 1996 .

[12]  Jiqiang Lu Attacking Reduced-Round Versions of the SMS4 Block Cipher in the Chinese WAPI Standard , 2007, ICICS.

[13]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.

[14]  David J. Goodman,et al.  Personal Communications , 1994, Mobile Communications.

[15]  Junko Takahashi,et al.  Improved Differential Fault Analysis on CLEFIA , 2008, 2008 5th Workshop on Fault Diagnosis and Tolerance in Cryptography.

[16]  Jean-Pierre Seifert,et al.  Fault Based Cryptanalysis of the Advanced Encryption Standard (AES) , 2003, Financial Cryptography.

[17]  Wu Wen Differential Fault Analysis on SMS4 , 2006 .

[18]  Lei Hu,et al.  New Description of SMS4 by an Embedding overGF(28) , 2007, INDOCRYPT.

[19]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[20]  Khoongming Khoo,et al.  An Analysis of the Compact XSL Attack on BES and Embedded SMS4 , 2009, CANS.

[21]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[22]  Pierre Dusart,et al.  Differential Fault Analysis on A.E.S , 2003, ACNS.

[23]  Matthew J. B. Robshaw,et al.  The Cryptanalysis of Reduced-Round SMS4 , 2009, Selected Areas in Cryptography.

[24]  Lei Hu,et al.  Analysis of the SMS4 Block Cipher , 2007, ACISP.

[25]  Dawu Gu,et al.  An Improved Method of Differential Fault Analysis on the SMS4 Cryptosystem , 2007, The First International Symposium on Data, Privacy, and E-Commerce (ISDPE 2007).

[26]  Jean-Jacques Quisquater,et al.  A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD , 2003, CHES.

[27]  Markus G. Kuhn,et al.  Low Cost Attacks on Tamper Resistant Devices , 1997, Security Protocols Workshop.

[28]  Christophe Giraud,et al.  A Survey on Fault Attacks , 2004, CARDIS.

[29]  Debdeep Mukhopadhyay,et al.  An Improved Fault Based Attack of the Advanced Encryption Standard , 2009, AFRICACRYPT.

[30]  Orr Dunkelman,et al.  Analysis of Two Attacks on Reduced-Round Versions of the SMS4 , 2008, ICICS.

[31]  Ludger Hemme,et al.  A Differential Fault Attack Against Early Rounds of (Triple-)DES , 2004, CHES.

[32]  Wenling Wu,et al.  Cryptanalysis of Reduced-Round SMS4 Block Cipher , 2008, ACISP.

[33]  Eli Biham,et al.  Differential cryptanalysis of DES-like cryptosystems , 1990, Journal of Cryptology.