Fault Analysis of the New Ukrainian Hash Function Standard: Kupyna

Kupyna has been selected by the Ukrainian government as the new national hash function standard in 2015. In this paper, we apply two fault attacks on Kupyna. In the first attack, we assume that the attacker knows all the hash parameters and aims to recover the input to the hash function. We experiment using three different fault models which are random byte fault model, known byte unique fault model and known byte random fault model. In the second fault attack, we assume that the attacker does not know the entries of the SBoxes used in Kupyna and aims to recover the SBox entries. Our experimental results in both attacks illustrate the importance of protecting implementations of Kupyna against fault analysis attacks.

[1]  Christophe Clavier,et al.  Reverse Engineering of a Secret AES-like Cipher by Ineffective Fault Analysis , 2013, 2013 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[2]  Florian Mendel,et al.  Analysis of the Kupyna-256 Hash Function , 2015, IACR Cryptol. ePrint Arch..

[3]  Roman Oliynykov,et al.  A New Standard of Ukraine: The Kupyna Hash Function , 2015, IACR Cryptol. ePrint Arch..

[4]  Richard J. Lipton,et al.  On the Importance of Eliminating Errors in Cryptographic Computations , 2015, Journal of Cryptology.

[5]  Florian Mendel,et al.  Cryptanalysis of the GOST Hash Function , 2008, CRYPTO.

[6]  Chao Li,et al.  Differential Fault Analysis on SHACAL-1 , 2009, 2009 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC).

[7]  Jean-Jacques Quisquater,et al.  Faults, Injection Methods, and Fault Attacks , 2007, IEEE Design & Test of Computers.

[8]  Roman Oliynykov,et al.  A New Encryption Standard of Ukraine: The Kalyna Block Cipher , 2015, IACR Cryptol. ePrint Arch..

[9]  Jian Zou,et al.  Cryptanalysis of the Round-Reduced Kupyna Hash Function , 2015, IACR Cryptol. ePrint Arch..

[10]  Amr M. Youssef,et al.  Fault analysis on Kalyna , 2017, Inf. Secur. J. A Glob. Perspect..

[11]  Amr M. Youssef,et al.  Differential Fault Analysis of Streebog , 2015, ISPEC.

[12]  Marc Joye,et al.  Fault Analysis in Cryptography , 2012, Information Security and Cryptography.

[13]  Christian A. Reuter,et al.  Differential Fault Analysis on Grøstl , 2012, 2012 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[14]  Jean-Jacques Quisquater,et al.  A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD , 2003, CHES.

[15]  Florian Mendel,et al.  A (Second) Preimage Attack on the GOST Hash Function , 2008, FSE.

[16]  Dongdai Lin,et al.  Fault Attack on the Authenticated Cipher ACORN v2 , 2017, Secur. Commun. Networks.

[17]  Pierre Dusart,et al.  Differential Fault Analysis on A.E.S , 2003, ACNS.

[18]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[19]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.