Differential fault attack on ITUbee block cipher

Shan Fu; Guoai Xu; Juan Pan; Zongyue Wang; An Wang

doi:10.1145/2967610

Differential fault attack on ITUbee block cipher

Shan Fu, Guoai Xu, Juan Pan, Zongyue Wang^*, An Wang

^*Corresponding author for this work

School of Cyberspace Science and Technology

Beijing University of Posts and Telecommunications

Research output: Contribution to journal › Article › peer-review

6 Citations (Scopus)

Abstract

Differential Fault Attack (DFA) is a powerful cryptanalytic technique to retrieve secret keys by exploiting the faulty ciphertexts generated during encryption procedure. This article proposes a novel DFA attack that is effective on ITUbee, a software-oriented block cipher for resource-constrained devices. Different from other DFA, our attack makes use of not only faulty values, but also differences between fault-free intermediate values corresponding to 2 plaintexts, which combine traditional differential analysis with DFA. The possible injection positions with different number of faults are discussed. The most efficient attack takes 225 round function operations with 4 faults, which is achieved in a few seconds on a PC.

Original language	English
Article number	54
Journal	Transactions on Embedded Computing Systems
Volume	16
Issue number	2
DOIs	https://doi.org/10.1145/2967610
Publication status	Published - Dec 2016

Keywords

Differential fault attack
ITUbee

Access to Document

10.1145/2967610

Cite this

@article{619baccbef554c8aa45bc66436be31f2,

title = "Differential fault attack on ITUbee block cipher",

abstract = "Differential Fault Attack (DFA) is a powerful cryptanalytic technique to retrieve secret keys by exploiting the faulty ciphertexts generated during encryption procedure. This article proposes a novel DFA attack that is effective on ITUbee, a software-oriented block cipher for resource-constrained devices. Different from other DFA, our attack makes use of not only faulty values, but also differences between fault-free intermediate values corresponding to 2 plaintexts, which combine traditional differential analysis with DFA. The possible injection positions with different number of faults are discussed. The most efficient attack takes 225 round function operations with 4 faults, which is achieved in a few seconds on a PC.",

keywords = "Differential fault attack, ITUbee",

author = "Shan Fu and Guoai Xu and Juan Pan and Zongyue Wang and An Wang",

note = "Publisher Copyright: {\textcopyright} 2016 ACM.",

year = "2016",

month = dec,

doi = "10.1145/2967610",

language = "English",

volume = "16",

journal = "Transactions on Embedded Computing Systems",

issn = "1539-9087",

publisher = "Association for Computing Machinery (ACM)",

number = "2",

}

TY - JOUR

T1 - Differential fault attack on ITUbee block cipher

AU - Fu, Shan

AU - Xu, Guoai

AU - Pan, Juan

AU - Wang, Zongyue

AU - Wang, An

PY - 2016/12

Y1 - 2016/12

N2 - Differential Fault Attack (DFA) is a powerful cryptanalytic technique to retrieve secret keys by exploiting the faulty ciphertexts generated during encryption procedure. This article proposes a novel DFA attack that is effective on ITUbee, a software-oriented block cipher for resource-constrained devices. Different from other DFA, our attack makes use of not only faulty values, but also differences between fault-free intermediate values corresponding to 2 plaintexts, which combine traditional differential analysis with DFA. The possible injection positions with different number of faults are discussed. The most efficient attack takes 225 round function operations with 4 faults, which is achieved in a few seconds on a PC.

AB - Differential Fault Attack (DFA) is a powerful cryptanalytic technique to retrieve secret keys by exploiting the faulty ciphertexts generated during encryption procedure. This article proposes a novel DFA attack that is effective on ITUbee, a software-oriented block cipher for resource-constrained devices. Different from other DFA, our attack makes use of not only faulty values, but also differences between fault-free intermediate values corresponding to 2 plaintexts, which combine traditional differential analysis with DFA. The possible injection positions with different number of faults are discussed. The most efficient attack takes 225 round function operations with 4 faults, which is achieved in a few seconds on a PC.

KW - Differential fault attack

KW - ITUbee

UR - http://www.scopus.com/inward/record.url?scp=85008940806&partnerID=8YFLogxK

U2 - 10.1145/2967610

DO - 10.1145/2967610

M3 - Article

AN - SCOPUS:85008940806

SN - 1539-9087

VL - 16

JO - Transactions on Embedded Computing Systems

JF - Transactions on Embedded Computing Systems

IS - 2

M1 - 54

ER -

Differential fault attack on ITUbee block cipher

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this