Deterministic Hard Fault Attack on Trivium

So far, the major work in fault attack on Trivium has been confined to the soft fault attacks where the attacker injects some faults at random position and at random time in the cipher state and analyze a simplified version of the cipher. Besides this, there is also some result on hard fault attack [Hu et al., 2009] on Trivium where the attacker sets the value 0 at any random position of 288 bit state of the cipher permanently. In this approach the key of the cipher is determined with success probability not less than 0.2291. In this paper, we introduce another type of hard fault attack, called a deterministic hard fault attack on Trivium, by setting the value 1 at three particular positions of 288 bit state permanently. We call it deterministic because the internal state is revealed deterministically. More specifically, we show that if we observe 117 original keystream and 236 faulty keystream, we can retrieve the original state of the cipher in 223.85 time with success probability 1.

[1]  Gerhard Goos,et al.  Fast Software Encryption , 2001, Lecture Notes in Computer Science.

[2]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[3]  Yupu Hu,et al.  Hard fault analysis of Trivium , 2009, Inf. Sci..

[4]  Leonie Ruth Simpson,et al.  Algebraic analysis of Trivium-like ciphers , 2013, IACR Cryptol. ePrint Arch..

[5]  Marc Joye,et al.  Cryptographic Hardware and Embedded Systems - CHES 2004 , 2004, Lecture Notes in Computer Science.

[6]  Michal Hojsík,et al.  Floating Fault Analysis of Trivium , 2008, INDOCRYPT.

[7]  Goutam Paul,et al.  Recovering RC4 Permutation from 2048 Keystream Bytes if jIs Stuck , 2008, ACISP.

[8]  Gregory V. Bard,et al.  Improved Algebraic Cryptanalysis of QUAD, Bivium and Trivium via Graph Partitioning on Equation Systems , 2010, ACISP.

[9]  Information Security and Privacy , 1996, Lecture Notes in Computer Science.

[10]  Adi Shamir,et al.  Fault Analysis of Stream Ciphers , 2004, CHES.

[11]  Piotr Mroczkowski,et al.  The Cube Attack on Stream Cipher Trivium and Quadraticity Tests , 2012, Fundam. Informaticae.

[12]  Burton S. Kaliski Advances in Cryptology - CRYPTO '97 , 1997 .

[13]  Julia Borghoff Mixed-integer Linear Programming in the Analysis of Trivium and Ktantan , 2012, IACR Cryptol. ePrint Arch..

[14]  Chris Charnes,et al.  An Algebraic Analysis of Trivium Ciphers based on the Boolean Satisfiability Problem , 2007, IACR Cryptol. ePrint Arch..

[15]  Vincent Rijmen,et al.  Progress in Cryptology - INDOCRYPT 2008, 9th International Conference on Cryptology in India, Kharagpur, India, December 14-17, 2008. Proceedings , 2008, INDOCRYPT.

[16]  Alex Biryukov,et al.  Slid Pairs in Salsa20 and Trivium , 2008, INDOCRYPT.

[17]  Qing Liu,et al.  Floating Fault analysis of Trivium under Weaker Assumptions , 2009, IACR Cryptol. ePrint Arch..

[18]  Michal Hojsík,et al.  Differential Fault Analysis of Trivium , 2008, FSE.

[19]  Pablo Pedregal,et al.  Mixed‐Integer Linear Programming , 2011 .

[20]  Shahram Khazaei,et al.  Linear Sequential Circuit Approximation of Grain and Trivium Stream Ciphers , 2006, IACR Cryptol. ePrint Arch..

[21]  Christophe De Cannière,et al.  Trivium: A Stream Cipher Construction Inspired by Block Cipher Design Principles , 2006, ISC.

[22]  Alex Biryukov,et al.  Two Trivial Attacks on Trivium , 2007, IACR Cryptol. ePrint Arch..

[23]  Stanislav Bulygin,et al.  Improved Dierential Fault Analysis of Trivium , 2011 .