SKINNY-64-64 is a lightweight block cipher with a 64-bit block length and key length,and it is mainly used on the Internet of Things(IoT).Currently,faults can be injected into cryptographic devices by attackers in a v...SKINNY-64-64 is a lightweight block cipher with a 64-bit block length and key length,and it is mainly used on the Internet of Things(IoT).Currently,faults can be injected into cryptographic devices by attackers in a variety of ways,but it is still difficult to achieve a precisely located fault attacks at a low cost,whereas a Hardware Trojan(HT)can realize this.Temperature,as a physical quantity incidental to the operation of a cryptographic device,is easily overlooked.In this paper,a temperature-triggered HT(THT)is designed,which,when activated,causes a specific bit of the intermediate state of the SKINNY-64-64 to be flipped.Further,in this paper,a THT-based algebraic fault analysis(THT-AFA)method is proposed.To demonstrate the effectiveness of the method,experiments on algebraic fault analysis(AFA)and THT-AFA have been carried out on SKINNY-64-64.In the THT-AFA for SKINNY-64-64,it is only required to activate the THT 3 times to obtain the master key with a 100%success rate,and the average time for the attack is 64.57 s.However,when performing AFA on this cipher,we provide a relation-ship between the number of different faults and the residual entropy of the key.In comparison,our proposed THT-AFA method has better performance in terms of attack efficiency.To the best of our knowledge,this is the first HT attack on SKINNY-64-64.展开更多
PRINCE is a 64-bit lightweight block cipher with a 128-bit key published at ASIACRYPT 2012. Assuming one nibble fault is injected, previous different fault analysis(DFA) on PRINCE adopted the technique from DFA on AES...PRINCE is a 64-bit lightweight block cipher with a 128-bit key published at ASIACRYPT 2012. Assuming one nibble fault is injected, previous different fault analysis(DFA) on PRINCE adopted the technique from DFA on AES and current results are different. This paper aims to make a comprehensive study of algebraic fault analysis(AFA) on PRINCE. How to build the equations for PRINCE and faults are explained. Extensive experiments are conducted. Under nibble-based fault model, AFA with three or four fault injections can succeed within 300 seconds with a very high probability. Under other fault models such as byte-based, half word-based, word-based fault models, the faults become overlapped in the last round and previous DFAs are difficult to work. Our results show that AFA can still succeed to recover the full master key. To evaluate security of PRINCE against fault attacks, we utilize AFA to calculate the reduced entropy of the secret key for given amount of fault injections. The results can interpret and compare the efficiency of previous work. Under nibble-based fault model, the master key of PRINCE can be reduced to 29.69 and 236.10 with 3 and 2 fault injections on average, respectively.展开更多
基金supported in part by the Natural Science Foundation of Heilongjiang Province of China(Grant No.LH2022F053)in part by the Scientific and technological development project of the central government guiding local(Grant No.SBZY2021E076)+2 种基金in part by the PostdoctoralResearch Fund Project of Heilongjiang Province of China(Grant No.LBH-Q21195)in part by the Fundamental Research Funds of Heilongjiang Provincial Universities of China(Grant No.145209146)in part by the National Natural Science Foundation of China(NSFC)(Grant No.61501275).
文摘SKINNY-64-64 is a lightweight block cipher with a 64-bit block length and key length,and it is mainly used on the Internet of Things(IoT).Currently,faults can be injected into cryptographic devices by attackers in a variety of ways,but it is still difficult to achieve a precisely located fault attacks at a low cost,whereas a Hardware Trojan(HT)can realize this.Temperature,as a physical quantity incidental to the operation of a cryptographic device,is easily overlooked.In this paper,a temperature-triggered HT(THT)is designed,which,when activated,causes a specific bit of the intermediate state of the SKINNY-64-64 to be flipped.Further,in this paper,a THT-based algebraic fault analysis(THT-AFA)method is proposed.To demonstrate the effectiveness of the method,experiments on algebraic fault analysis(AFA)and THT-AFA have been carried out on SKINNY-64-64.In the THT-AFA for SKINNY-64-64,it is only required to activate the THT 3 times to obtain the master key with a 100%success rate,and the average time for the attack is 64.57 s.However,when performing AFA on this cipher,we provide a relation-ship between the number of different faults and the residual entropy of the key.In comparison,our proposed THT-AFA method has better performance in terms of attack efficiency.To the best of our knowledge,this is the first HT attack on SKINNY-64-64.
基金supported in part by the Major State Basic Research Development Program (973 Plan) of China under thegrant 2013CB338004the National Natural Science Foundation of China under the grants 61173191, 61271124, 61272491, 61309021, 61472357+1 种基金by the Zhejiang Provincial Natural Science Foundation of China under the grant LY13F010001by the Fundamental Research Funds for the Central Universities under the grant 2015QNA5005
文摘PRINCE is a 64-bit lightweight block cipher with a 128-bit key published at ASIACRYPT 2012. Assuming one nibble fault is injected, previous different fault analysis(DFA) on PRINCE adopted the technique from DFA on AES and current results are different. This paper aims to make a comprehensive study of algebraic fault analysis(AFA) on PRINCE. How to build the equations for PRINCE and faults are explained. Extensive experiments are conducted. Under nibble-based fault model, AFA with three or four fault injections can succeed within 300 seconds with a very high probability. Under other fault models such as byte-based, half word-based, word-based fault models, the faults become overlapped in the last round and previous DFAs are difficult to work. Our results show that AFA can still succeed to recover the full master key. To evaluate security of PRINCE against fault attacks, we utilize AFA to calculate the reduced entropy of the secret key for given amount of fault injections. The results can interpret and compare the efficiency of previous work. Under nibble-based fault model, the master key of PRINCE can be reduced to 29.69 and 236.10 with 3 and 2 fault injections on average, respectively.