Mutant Differential Fault Analysis of Trivium MDFA

In this paper we present improvements to the differential fault analysis (DFA) of the stream cipher Trivium proposed in the work of M. Hojsik and B. Rudolf. In particular, we optimize the algebraic representation of obtained DFA information applying the concept of Mutants, which represent low degree equations derived after processing of DFA information. As a result, we are able to minimize the number of fault injections necessary for retrieving the secret key. Therefore, we introduce a new algebraic framework that combines the power of different algebraic techniques for handling additional information received from a physical attack. Using this framework, we are able to recover the secret key by only an one-bit fault injection. In fact, this is the first attack on stream ciphers utilizing minimal amount of DFA information. We study the efficiency of our improved attack by comparing the size of gathered DFA information with previous attacks.

[1]  Marc Joye,et al.  Cryptographic Hardware and Embedded Systems - CHES 2004 , 2004, Lecture Notes in Computer Science.

[2]  Dong Hoon Lee,et al.  Information, Security and Cryptology - ICISC 2009, 12th International Conference, Seoul, Korea, December 2-4, 2009, Revised Selected Papers , 2010, ICISC.

[3]  Vincent Rijmen,et al.  Progress in Cryptology - INDOCRYPT 2008, 9th International Conference on Cryptology in India, Kharagpur, India, December 14-17, 2008. Proceedings , 2008, INDOCRYPT.

[4]  François-Xavier Standaert,et al.  Algebraic Side-Channel Attacks , 2009, Inscrypt.

[5]  Matthew J. B. Robshaw,et al.  The eSTREAM Project , 2008, The eSTREAM Finalists.

[6]  Hans Kleine Büning,et al.  Theory and Applications of Satisfiability Testing - SAT 2008, 11th International Conference, SAT 2008, Guangzhou, China, May 12-15, 2008. Proceedings , 2008, SAT.

[7]  Santanu Sarkar,et al.  A Differential Fault Attack on Grain-128a using MACs , 2012, IACR Cryptol. ePrint Arch..

[8]  Tobias Eibach,et al.  Attacking Bivium Using SAT Solvers , 2008, SAT.

[9]  J. Faugère,et al.  Algebraic-Differential Cryptanalysis of DES , 2009 .

[10]  Subhamoy Maitra,et al.  A Differential Fault Attack on MICKEY 2.0 , 2013, CHES.

[11]  Michal Hojsík,et al.  Floating Fault Analysis of Trivium , 2008, INDOCRYPT.

[12]  B. Preneel,et al.  Trivium Specifications ? , 2022 .

[13]  Michal Hojsík,et al.  Differential Fault Analysis of Trivium , 2008, FSE.

[14]  Jintai Ding,et al.  MXL3: An Efficient Algorithm for Computing Gröbner Bases of Zero-Dimensional Ideals , 2009, ICISC.

[15]  Elisabeth Oswald,et al.  Profiling DPA: Efficacy and Efficiency Trade-Offs , 2013, CHES.

[16]  Adi Shamir,et al.  Fault Analysis of Stream Ciphers , 2004, CHES.

[17]  Michael Brickenstein,et al.  PolyBoRi: A framework for Gröbner-basis computations with Boolean polynomials , 2009, J. Symb. Comput..

[18]  Gregory V. Bard,et al.  Algebraic Cryptanalysis , 2009 .

[19]  Gregory V. Bard,et al.  Algebraic and Slide Attacks on KeeLoq , 2008, FSE.

[20]  Matthew J. B. Robshaw,et al.  New Stream Cipher Designs: The eSTREAM Finalists , 2008 .

[21]  Stanislav Bulygin,et al.  Using SAT Solving to Improve Differential Fault Analysis of Trivium , 2011, ISA.

[22]  Gerhard Goos,et al.  Fast Software Encryption , 2001, Lecture Notes in Computer Science.