Fault Analysis of the KATAN Family of Block Ciphers

In this paper, we investigate the security of the KATAN family of block ciphers against differential fault attacks. KATAN consists of three variants with 32, 48 and 64-bit block sizes, called KATAN32,KATAN48 and KATAN64, respectively. All three variants have the same key length of 80 bits. We assume a single-bit fault injection model where the adversary is supposed to be able to corrupt a single random bit of the internal state of the cipher and this fault injection process can be repeated (by resetting the cipher); i.e., the faults are transient rather than permanent. First, we determine suitable rounds for effective fault injections by analyzing distributions of low-degree (mainly, linear and quadratic) polynomial equations obtainable using the cube and extended cube attack techniques. Then, we show how to identify the exact position of faulty bits within the internal state by precomputing difference characteristics for each bit position at a given round and comparing these characteristics with ciphertext differences (XOR of faulty and non-faulty ciphertexts) during the online phase of the attack. The complexity of our attack on KATAN32 is 2^59 computations and about 115 fault injections. For KATAN48 and KATAN64, the attack requires 2^55 computations (for both variants), while the required number of fault injections is 211 and 278, respectively

Algebraic Fault Analysis of Katan

This paper presents a new and more realistic model for fault attacks and statistical and algebraic techniques to improve fault analysis in general. Our algebraic techniques is an adapted solver for systems of equations based on ElimLin and XSL. We use these techniques to introduce two new fault attacks on the hardware oriented block cipher Katan32 from the Katan family of block ciphers. We are able to break full Katan using $4$ faults and $2^{29.04}$ Katan evaluations with a theoretical statistical fault attack and $7.19$ faults in $2^{27.2}$ Katan evaluations with a tested algebraic one. This is a great improvement over the existing fault attacks which need $115$ and $140$ faults respectively. Furthermore, our algebraic attack can be executed on a normal computer

A Security Analysis of IoT Encryption: Side-channel Cube Attack on Simeck32/64

Simeck, a lightweight block cipher has been proposed to be one of the encryption that can be employed in the Internet of Things (IoT) applications. Therefore, this paper presents the security of the Simeck32/64 block cipher against side-channel cube attack. We exhibit our attack against Simeck32/64 using the Hamming weight leakage assumption to extract linearly independent equations in key bits. We have been able to find 32 linearly independent equations in 32 key variables by only considering the second bit from the LSB of the Hamming weight leakage of the internal state on the fourth round of the cipher. This enables our attack to improve previous attacks on Simeck32/64 within side-channel attack model with better time and data complexity of 2^35 and 2^11.29 respectively.Comment: 12 pages, 6 figures, 4 tables, International Journal of Computer Networks & Communication

Fault Analysis of the KTANTAN Family of Block Ciphers: A Revisited Work of Fault Analysis of the KATAN Family of Block Ciphers

This paper investigates the security of the KTANTAN block cipher against differential fault analysis. This attack is considered to be first side channel analysis of KTANTAN in the literature. KTANTAN is a relative to the KATAN block cipher. Therefore, the previous fault analysis on KATAN family of block cipher is revisited. Similar to KATAN, KTANTAN has three variants namely KTANTAN32, KTANTAN48 and KTANTAN64. The inner structure of KTANTAN is similar to KATAN except the key schedule algorithms. KATAN has been practically broken by using fault analysis, employing a transient single-bit fault model, with the assumption is that the attacker is able to inject faults randomly into the internal state of the cipher. The attack is empowerd by extended cube method similarly as applied on KATAN. The complexity of this attack is $2^{74}$ for KTANTAN32 and $2^{76}$ for both KTANTAN48 and KTANTAN64. Furthermore, based on the obtained results, this paper concludes that KTANTAN is more robust against fault analysis compared to KATAN

Security Analysis Techniques Using Differential Relationships For Block Ciphers

The uses of block cipher has become crucial in nowadays’ computing era as well as the information security. Information must be available only for authenticated and authorized users.However,flaws and weaknesses in the cryptosystem can breach the security of stored and transmitted information.A weak key in the key schedule is well-known issues which may affect several round keys have same bits in common.Besides,information leaked from the implementation also affects the security of block ciphers.Based on the flaws and leakage,the adversary is able to assess the differential relationships in block cipher using differential cryptanalysis technique. Firstly,the existing differential cryptanalysis techniques have been evaluated.Secondly,based on the gaps that have to be filled in the existing differential cryptanalysis techniques,new frameworks of differential cryptanalysis techniques have been proposed and designed by using Pearson correlation coefficient,Hamming-weight leakage assumption and reference point.The Pearson correlation coefficient is used to determine the repeated differential properties in the key schedules.Meanwhile, reference point and Hamming-weight leakage assumption are used to assess the security of the implementation of block ciphers against side-channel cube attack and differential fault analysis.Thirdly,all proposed frameworks have been assessed.The results show that the repeated differential properties are found for AES, PRESENT and Simeck key schedules.However,AES key schedule is definitely ideal to be adopted in the design for the future cryptographic algorithm.In addition,the newly designed frameworks for side-channel differential analysis techniques have been able to reduce the attack complexities for Simeck32/64,KATAN32 and KTANTAN32 compared to previous work.In conclusion,the proposed frameworks are effective in analyzing the security of block ciphers using differential cryptanalysis techniques

Security in 1-wire system : case study : Home automation /

La automatización de viviendas es un campo de la tecnología que siempre se encuentra en crecimiento, desarrollando sistemas que reducen los costos de los dispositivos. Por esto, se ha logrado que la domótica esté al alcance de todos. Desde la aparición de productos que permiten crear tu propio sistema domótico, y la reciente popularidad que ha tenido el Internet de las cosas (IoT), la industria de la automatización de viviendas ha cambiado mucho. Tener la habilidad de controlar dispositivos a través de Internet crea numerosas vulnerabilidades al sistema, permitiendo a un atacante controlar y ver todo lo que ocurre. En este trabajo se estudia un sistema domótico que usa 1-wire como protocolo de comunicación. Originalmente, el sistema carece de seguridad. Nuestro objetivo es implementar seguridad de la información a través de la encriptación de los comandos del sistema, para así poder proveer Confidencialidad, Integridad y Disponibilidad (CIA). Los resultados muestran no sólo la implementación exitosa del módulo criptográfico dentro del sistema domótico para proveer seguridad, sino que también se demuestra que añadir este proceso no afectaría el modo en que el usuario maneja sus dispositivos.Incluye referencias bibliográfica

Enhanced Hardware Security Using Charge-Based Emerging Device Technology

The emergence of hardware Trojans has largely reshaped the traditional view that the hardware layer can be blindly trusted. Hardware Trojans, which are often in the form of maliciously inserted circuitry, may impact the original design by data leakage or circuit malfunction. Hardware counterfeiting and IP piracy are another two serious issues costing the US economy more than $200 billion annually. A large amount of research and experimentation has been carried out on the design of these primitives based on the currently prevailing CMOS technology. However, the security provided by these primitives comes at the cost of large overheads mostly in terms of area and power consumption. The development of emerging technologies provides hardware security researchers with opportunities to utilize some of the otherwise unusable properties of emerging technologies in security applications. In this dissertation, we will include the security consideration in the overall performance measurements to fully compare the emerging devices with CMOS technology. The first approach is to leverage two emerging devices (Silicon NanoWire and Graphene SymFET) for hardware security applications. Experimental results indicate that emerging device based solutions can provide high level circuit protection with relatively lower performance overhead compared to conventional CMOS counterpart. The second topic is to construct an energy-efficient DPA-resilient block cipher with ultra low-power Tunnel FET. Current-mode logic is adopted as a circuit-level solution to countermeasure differential power analysis attack, which is mostly used in the cryptographic system. The third investigation targets on potential security vulnerability of foundry insider\u27s attack. Split manufacturing is adopted for the protection on radio-frequency (RF) circuit design

Survey on Lightweight Primitives and Protocols for RFID in Wireless Sensor Networks

The use of radio frequency identification (RFID) technologies is becoming widespread in all kind of wireless network-based applications. As expected, applications based on sensor networks, ad-hoc or mobile ad hoc networks (MANETs) can be highly benefited from the adoption of RFID solutions. There is a strong need to employ lightweight cryptographic primitives for many security applications because of the tight cost and constrained resource requirement of sensor based networks. This paper mainly focuses on the security analysis of lightweight protocols and algorithms proposed for the security of RFID systems. A large number of research solutions have been proposed to implement lightweight cryptographic primitives and protocols in sensor and RFID integration based resource constraint networks. In this work, an overview of the currently discussed lightweight primitives and their attributes has been done. These primitives and protocols have been compared based on gate equivalents (GEs), power, technology, strengths, weaknesses and attacks. Further, an integration of primitives and protocols is compared with the possibilities of their applications in practical scenarios