摘要
PRINCE is a 64-bit lightweight block cipher with a 128-bit key published at ASIACRYPT 2012. Assuming one nibble fault is injected, previous different fault analysis(DFA) on PRINCE adopted the technique from DFA on AES and current results are different. This paper aims to make a comprehensive study of algebraic fault analysis(AFA) on PRINCE. How to build the equations for PRINCE and faults are explained. Extensive experiments are conducted. Under nibble-based fault model, AFA with three or four fault injections can succeed within 300 seconds with a very high probability. Under other fault models such as byte-based, half word-based, word-based fault models, the faults become overlapped in the last round and previous DFAs are difficult to work. Our results show that AFA can still succeed to recover the full master key. To evaluate security of PRINCE against fault attacks, we utilize AFA to calculate the reduced entropy of the secret key for given amount of fault injections. The results can interpret and compare the efficiency of previous work. Under nibble-based fault model, the master key of PRINCE can be reduced to 29.69 and 236.10 with 3 and 2 fault injections on average, respectively.
PRINCE is a 64-bit lightweight block cipher with a 128-bit key published at ASIACRYPT 2012. Assuming one nibble fault is injected, previous different fault analysis(DFA) on PRINCE adopted the technique from DFA on AES and current results are different. This paper aims to make a comprehensive study of algebraic fault analysis(AFA) on PRINCE. How to build the equations for PRINCE and faults are explained. Extensive experiments are conducted. Under nibble-based fault model, AFA with three or four fault injections can succeed within 300 seconds with a very high probability. Under other fault models such as byte-based, half word-based, word-based fault models, the faults become overlapped in the last round and previous DFAs are difficult to work. Our results show that AFA can still succeed to recover the full master key. To evaluate security of PRINCE against fault attacks, we utilize AFA to calculate the reduced entropy of the secret key for given amount of fault injections. The results can interpret and compare the efficiency of previous work. Under nibble-based fault model, the master key of PRINCE can be reduced to 29.69 and 236.10 with 3 and 2 fault injections on average, respectively.
基金
supported in part by the Major State Basic Research Development Program (973 Plan) of China under thegrant 2013CB338004
the National Natural Science Foundation of China under the grants 61173191, 61271124, 61272491, 61309021, 61472357
by the Zhejiang Provincial Natural Science Foundation of China under the grant LY13F010001
by the Fundamental Research Funds for the Central Universities under the grant 2015QNA5005
