A Simple Attack on Some Clock-Controlled Generators

We present a new approach to edit distance attacks on certain clock-controlled generators, which applies basic concepts of Graph Theory to simplify the search trees of the original attacks in such a way that only the most promising branches are analyzed. In particular, the proposed improvement is based on cut sets defined on some graphs so that certain shortest paths provide the edit distances. The strongest aspects of the proposal are that the obtained results from the attack are absolutely deterministic, and that many inconsistent initial states of the target registers are recognized beforehand and avoided during search

Modelling Nonlinear Sequence Generators in terms of Linear Cellular Automata

In this work, a wide family of LFSR-based sequence generators, the so-called Clock-Controlled Shrinking Generators (CCSGs), has been analyzed and identified with a subset of linear Cellular Automata (CA). In fact, a pair of linear models describing the behavior of the CCSGs can be derived. The algorithm that converts a given CCSG into a CA-based linear model is very simple and can be applied to CCSGs in a range of practical interest. The linearity of these cellular models can be advantageously used in two different ways: (a) for the analysis and/or cryptanalysis of the CCSGs and (b) for the reconstruction of the output sequence obtained from this kind of generators.Comment: 15 pages, 0 figure

Platform for Testing and Evaluation of PUF and TRNG Implementations in FPGAs

Implementation of cryptographic primitives like Physical Unclonable Functions (PUFs) and True Random Number Generators (TRNGs) depends significantly on the underlying hardware. Common evaluation boards offered by FPGA vendors are not suitable for a fair benchmarking, since they have different vendor dependent configuration and contain noisy switching power supplies. The proposed hardware platform is primary aimed at testing and evaluation of cryptographic primitives across different FPGA and ASIC families. The modular platform consists of a motherboard and exchangeable daughter board modules. These are designed to be as simple as possible to allow cheap and independent evaluation of cryptographic blocks and namely PUFs. The motherboard is based on the Microsemi SmartFusion 2 SoC FPGA. It features a low-noise power supply, which simplifies evaluation of vulnerability to the side channel attacks. It provides also means of communication between the PC and the daughter module. Available software tools can be easily customized, for example to collect data from the random number generator located in the daughter module and to read it via USB interface. The daughter module can be plugged into the motherboard or connected using an HDMI cable to be placed inside a Faraday cage or a temperature control chamber. The whole platform was designed and optimized to fullfil the European HECTOR project (H2020) requirements

Design and validation of a platform for electromagnetic fault injection

Security is acknowledged as one of the main challenges in the design and deployment of embedded circuits. Devices need to operate on-the-field safely and correctly, even when at physical reach of potential adversaries. One of the most powerful techniques to compromise the correct functioning of a device are fault injection attacks. They enable an active adversary to trigger errors on a circuit in order to bypass security features or to gain knowledge of security-sensitive information. There are several methods to induce such errors. In this work we focus on the injection of faults through the electromagnetic (EM) channel. In particular, we document our efforts towards building a suitable platform for EM pulse injection. We design a pulse injection circuit that can provide currents over 20 A to an EM injector in order to generate abrupt variations of the EM field on the vicinity of a circuit. We validate the suitability of our platform by applying a well-know attack on an embedded 8-bit microcontroller implementing the AES block cipher. In particular, we show how to extract the AES secret cryptographic keys stored in the device by careful injection of faults during the encryption operations and simple analysis of the erroneous outputs.Peer ReviewedPostprint (published version

Graph-Based Approach to the Edit Distance Cryptanalysis of Irregularly Clocked Linear Feedback Shift Registers

This paper proposes a speed-up of a known-plaintext attack on some stream ciphers based on Linear Feedback Shift Registers (LFSRs). The algorithm consists of two basic steps: first, to guess the initial seed value of one of the LFSRs, and then to use the resulting binary sequence in order to deduce useful information about the cipher parameters. In particular, the proposed divide-and-conquer attack is based on a combination of graph-based techniques with edit distance concepts. While the original edit distance attack requires the exhaustive search over the set of all possible initial states of the involved LFSR, this work presents a new heuristic optimization that avoids the evaluation of an important number of initial states through the identification of the most promising branches of the search graph. The strongest aspects of the proposal are the facts that the obtained results from the attack are absolutely deterministic, and that many inconsistent initial states of the target LFSRs are recognized and avoided during search.This work was supported by the Spanish Ministry of Science and Innovation and European FEDER Fund under Project TIN2008-02236/TSI as well as by CDTI (Spain)and the companies INDRA, Unin Fenosa, Tecnobit, Visual Tool, Brainstorm, SAC and Technosafe under Project Cenit-HESPERIA.Peer reviewe