Combined Side-Channel and Fault Analysis Attack on Protected Grain Family of Stream Ciphers

In this paper, we first demonstrate a new Differential Power Analysis (DPA) attack technique against the Grain family of stream ciphers (Grain v1 and Grain-128) by resynchronizing the cipher multiple times with the same value of the secret key and randomly generated different initialization vectors (IVs). Subsequently, we develop a combined side channel and fault analysis attack strategy targeting various fault attack countermeasures for the Grain cipher family. We considered clock glitch induced faults occurring in practice for a hardware implementation of the cipher to devise our novel attack technique. Our proposed combined attack strategy works well even if the useful ciphertexts are not available to the adversary. Further, the power trace classifications of a Grain cipher implementation on SASEBO G-II standard side channel evaluation board is shown in order to validate our proposed attack against the cipher. The captured power traces were analyzed using Least Squares Support Vector Machine (LS-SVM) learning algorithm based multiclass classifiers to classify the power traces into the respective Hamming distance (HD) classes. To extract power samples with high information about HD classes, Signal-tonoise ratio (SNR) metric was chosen for feature selection. The experimental results of power trace classifications of test set showed a high success rate of 98% when the five largest SNR sample instants over a clock cycle were chosen as features. Our proposed attack strategy can also be extended to other stream cipher designs based on Fibonacci configured shift registers.

[1]  Amine Dehbaoui,et al.  Electromagnetic Transient Faults Injection on a Hardware and a Software Implementations of AES , 2012, 2012 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[2]  Kerstin Lemke-Rust,et al.  Efficient Template Attacks Based on Probabilistic Multi-class Support Vector Machines , 2012, CARDIS.

[3]  Johan A. K. Suykens,et al.  LS-SVMlab Toolbox User's Guide version 1.7 , 2003 .

[4]  Johan A. K. Suykens,et al.  Least Squares Support Vector Machine Classifiers , 1999, Neural Processing Letters.

[5]  I. Koren,et al.  Fault Diagnosis and Tolerance in Cryptography , 2006 .

[6]  Santanu Sarkar,et al.  A Differential Fault Attack on the Grain Family of Stream Ciphers , 2012, CHES.

[7]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[8]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[9]  Olivier Markowitch,et al.  Side channel attack: an approach based on machine learning , 2011 .

[10]  Francis Olivier,et al.  Electromagnetic Analysis: Concrete Results , 2001, CHES.

[11]  Martin Hell,et al.  Grain: a stream cipher for constrained environments , 2007, Int. J. Wirel. Mob. Comput..

[12]  Abdulah Abdulah Zadeh,et al.  Simple power analysis applied to nonlinear feedback shift registers , 2014, IET Inf. Secur..

[13]  Johan A. K. Suykens,et al.  Least Squares Support Vector Machines , 2002 .

[14]  Dipanwita Roy Chowdhury,et al.  Fault Analysis of Grain-128 by Targeting NFSR , 2011, AFRICACRYPT.

[15]  Wieland Fischer,et al.  Differential Power Analysis of Stream Ciphers , 2007, CT-RSA.

[16]  Aline Gouget,et al.  Fault analysis of GRAIN-128 , 2009, 2009 IEEE International Workshop on Hardware-Oriented Security and Trust.

[17]  Debdeep Mukhopadhyay,et al.  LFSR Based Stream Ciphers Are Vulnerable to Power Attacks , 2007, INDOCRYPT.

[18]  Ilan Adler,et al.  The coupon subset collection problem , 2001, Journal of Applied Probability.

[19]  Elena Dubrova,et al.  An Improved Hardware Implementation of the Grain Stream Cipher , 2010, 2010 13th Euromicro Conference on Digital System Design: Architectures, Methods and Tools.

[20]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[21]  Debdeep Mukhopadhyay,et al.  Improved practical differential fault analysis of Grain-128 , 2015, 2015 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[22]  Christophe Clavier,et al.  Susceptibility of eSTREAM Candidates towards Side Channel Analysis , 2008 .

[23]  Debdeep Mukhopadhyay,et al.  Fibonacci LFSR vs. Galois LFSR: Which is More Vulnerable to Power Attacks? , 2014, SPACE.

[24]  Elena Dubrova,et al.  A Transformation From the Fibonacci to the Galois NLFSRs , 2009, IEEE Transactions on Information Theory.

[25]  Benoit Feix,et al.  Passive and Active Combined Attacks: Combining Fault Attacks and Side Channel Analysis , 2007, Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC 2007).

[26]  Christophe Clavier,et al.  Passive and Active Combined Attacks on AES Combining Fault Attacks and Side Channel Analysis , 2007 .

[27]  Yang Li,et al.  Fault Sensitivity Analysis , 2010, CHES.

[28]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[29]  Elena Dubrova,et al.  An Architectural Countermeasure against Power Analysis Attacks for FSR-Based Stream Ciphers , 2012, COSADE.