Improved differential fault attack on MICKEY 2.0

In this paper we describe several ideas related to differential fault attack (DFA) on MICKEY 2.0, a stream cipher from eStream hardware profile. Using the standard assumptions for fault attacks, we first show that if the adversary can induce random single bit faults in the internal state of the cipher, then by injecting around $$2^{16.7}$$216.7 faults and performing $$2^{32.5}$$232.5 computations on an average, it is possible to recover the entire internal state of MICKEY at the beginning of the key-stream generation phase. We further consider the scenario where the fault may affect more than one (at most three) neighboring bits and in that case we require around $$2^{18.4}$$218.4 faults on an average to mount the DFA. We further show that if the attacker can solve multivariate equations (say, using SAT solvers) then the attack can be carried out using around $$2^{14.7}$$214.7 faults in the single-bit fault model and $$2^{16.06}$$216.06 faults for the multiple-bit scenario

[1]  Christophe Clavier,et al.  Susceptibility of eSTREAM Candidates towards Side Channel Analysis , 2008 .

[2]  Dipanwita Roy Chowdhury,et al.  Fault Analysis of Grain-128 by Targeting NFSR , 2011, AFRICACRYPT.

[3]  Santanu Sarkar,et al.  A Differential Fault Attack on the Grain Family under Reasonable Assumptions , 2012, INDOCRYPT.

[4]  Adi Shamir,et al.  Fault Analysis of Stream Ciphers , 2004, CHES.

[5]  Santanu Sarkar,et al.  Differential Fault Attack against Grain Family with Very Few Faults and Minimal Assumptions , 2015, IEEE Transactions on Computers.

[6]  Michal Hojsík,et al.  Differential Fault Analysis of Trivium , 2008, FSE.

[7]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[8]  P. Erd6s ON A CLASSICAL PROBLEM OF PROBABILITY THEORY b , 2001 .

[9]  Subhamoy Maitra,et al.  A Differential Fault Attack on MICKEY 2.0 , 2013, CHES.

[10]  Aline Gouget,et al.  Fault analysis of GRAIN-128 , 2009, 2009 IEEE International Workshop on Hardware-Oriented Security and Trust.

[11]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.

[12]  Woo-Hwan Kim,et al.  TMD-Tradeoff and State Entropy Loss Considerations of Streamcipher MICKEY , 2005, INDOCRYPT.

[13]  Jean-Jacques Quisquater,et al.  A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD , 2003, CHES.

[14]  Alessandro Barenghi,et al.  Fault Injection Attacks on Cryptographic Devices: Theory, Practice, and Countermeasures , 2012, Proceedings of the IEEE.

[15]  Michal Hojsík,et al.  Floating Fault Analysis of Trivium , 2008, INDOCRYPT.

[16]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[17]  Sergei P. Skorobogatov Optically Enhanced Position-Locked Power Analysis , 2006, CHES.

[18]  Stanislav Bulygin,et al.  Using SAT Solving to Improve Differential Fault Analysis of Trivium , 2011, ISA.

[19]  Jean-Pierre Seifert,et al.  Fault Based Cryptanalysis of the Advanced Encryption Standard (AES) , 2003, Financial Cryptography.

[20]  Santanu Sarkar,et al.  A Differential Fault Attack on the Grain Family of Stream Ciphers , 2012, CHES.