1,197 research outputs found
Hard Fault Analysis of Trivium
Fault analysis is a powerful attack to stream ciphers. Up to now,
the major idea of fault analysis is to simplify the cipher system by
injecting some soft faults. We call it soft fault analysis. As a
hardware--oriented stream cipher, Trivium is weak under soft fault
analysis.
In this paper we consider another type of fault analysis of stream
cipher, which is to simplify the cipher system by injecting some
hard faults. We call it hard fault analysis. We present the
following results about such attack to Trivium. In Case 1 with the
probability not smaller than 0.2396, the attacker can obtain 69 bits
of 80--bits--key. In Case 2 with the probability not smaller than
0.2291, the attacker can obtain all of 80--bits--key. In Case 3 with
the probability not smaller than 0.2291, the attacker can partially
solve the key. In Case 4 with non--neglectable probability, the
attacker can obtain a simplified cipher, with smaller number of
state bits and slower non--linearization procedure. In Case 5 with
non--neglectable probability, the attacker can obtain another
simplified cipher. Besides, these 5 cases can be checked out by
observing the key--stream
Floating Fault analysis of Trivium under Weaker Assumptions
Trivium is a hardware-oriented stream cipher, and one of the finally chosen ciphers by eSTREAM project. Michal Hojsik and Bohuslav Rudolf presented an effective attack to Trivium, named floating fault analysis, at INDOCRYPT 2008. Their attack makes use of the fault injection and the fault float. In this paper, we present an improvement of this attack. Our attack is under following weaker and more practical assumptions.The fault injection can be made for the state at a random time.The positions of the fault bits are from random one of 3 NFSRs, and from a random area within 8 neighboring bits.We present a checking method, by which either the injecting time and fault positions can be determined, or the state differential at a known time can be determined. Each of these two determinations is enough for floating attack. After the determination, the attacker can averagely obtain 67.167 additional linear equations from 82 original quadratic equations, and obtain 66 additional quadratic equations from 66 original cubic equations
Fault Attack on FPGA implementations of Trivium Stream Cipher
This article presents the development of an experimental
system to introduce faults in Trivium stream ciphers
implemented on FPGA. The developed system has made possible
to analyze the vulnerability of these implementations against
fault attacks. The developed system consists of a mechanism
that injects small pulses in the clock signal, and elements that
analyze if a fault has been introduced, the number of faults
introduced and its position in the inner state. The results obtained
demonstrate the vulnerability of these implementations against
fault attacks. As far as we know, this is the first time that
experimental results of fault attack over Trivium are presented.Ministerio de EconomÃa y Competitividad TEC2010-16870Ministerio de EconomÃa y Competitividad TEC2013-45523- RMinisterio de EconomÃa y Competitividad CSIC 201550E039
Fault Injection on FPGA implementations of Trivium Stream Cipher using Clock Attacks
Ministerio de EconomÃa y Competitividad TEC2010-16870Ministerio de EconomÃa y Competitividad TEC2013-45523-RMinisterio de EconomÃa y Competitividad CSIC 201550E03
A Security Analysis of IoT Encryption: Side-channel Cube Attack on Simeck32/64
Simeck, a lightweight block cipher has been proposed to be one of the
encryption that can be employed in the Internet of Things (IoT) applications.
Therefore, this paper presents the security of the Simeck32/64 block cipher
against side-channel cube attack. We exhibit our attack against Simeck32/64
using the Hamming weight leakage assumption to extract linearly independent
equations in key bits. We have been able to find 32 linearly independent
equations in 32 key variables by only considering the second bit from the LSB
of the Hamming weight leakage of the internal state on the fourth round of the
cipher. This enables our attack to improve previous attacks on Simeck32/64
within side-channel attack model with better time and data complexity of 2^35
and 2^11.29 respectively.Comment: 12 pages, 6 figures, 4 tables, International Journal of Computer
Networks & Communication
Floorplanning as a practical countermeasure against clock fault attack in Trivium stream cipher
The fault injection in ciphers operation is a very
successful mechanism to attack them. The inclusion of elements
of protection against this kind of attacks is more and more
necessary. These mechanisms are usually based on introducing
redundancy, which leads to a greater consumption of resources
or a longer processing time. This article presents how the
introduction of placement restrictions on ciphers can make it
difficult to inject faults by altering the clock signal. It is therefore
a countermeasure that neither increases the consumption of
resources nor the processing time. This mechanism has been
tested on FPGA implementations of the Trivium cipher. Several
tests have been performed on a Spartan 3E device from Xilinx
and the experimental measurements have been carried out with
ChipScope Pro. The tests showed that an adequate floorplanning
is a good countermeasure against these kind of attacks.Ministerio de EconomÃa y Competitividad TEC2013-45523-RMinisterio de EconomÃa y Competitividad TEC2016-80549-RMinisterio de EconomÃa y Competitividad CSIC 201550E03
Diseño de circuitos integrados y seguridad de circuitos criptográficos frente a ataques
Muchos sistemas electrónicos incorporan dispositivos criptográficos que implementan algoritmos que cifran la información almacenada. Pero aun cuando los algoritmos sean muy seguros, estos dispositivos pueden llegar a revelar cierta información debido a su implementación fÃsica, mediante el empleo de los llamados ataques laterales. Estos ataques hacen uso de información obtenida durante del funcionamiento del circuito para obtener información sobre la clave utilizada. Por lo tanto, hay que cuidar la implementación fÃsica de los dispositivos criptográficos, para minimizar la posibilidad de pérdida de información mediante estos ataques.
En nuestras lÃneas de investigación estamos trabajando en analizar la vulnerabilidad de implementaciones de circuitos criptográficos, fundamentalmente cifradores de clave privada, frente a ataques laterales pasivos y activos. Estos ataques obtienen información de la clave almacenada mediante la medida de magnitudes fÃsicas como el consumo de potencia o la radiación electromagnética durante el funcionamiento del circuito o alterando las condiciones de funcionamiento para introducirles fallos y comparar las salidas sin y con fallos.
En esta comunicación presentamos un breve resumen del estado del arte en los ataques laterales sobre implementaciones hardware de cifradores, algunos de los temas en los que estamos trabajando y algunos resultados obtenidos por nuestro grupo de investigación.Many electronic systems include devices that implement cryptographic algorithms that encrypt stored information. But even if the algorithms are very safe, these devices can reveal some information because of its physical implementation, through the use of so-called side channel attacks. These attacks make use of information obtained during the operation of the circuit to obtain information of the used key. Therefore, we must take care of the physical implementation of cryptographic devices to minimize the possibility of loss of information through these types of attacks. In our research we are working on analyzing the vulnerability of implementations of cryptographic circuits, mainly private key ciphers, against side channel attacks, passive and active. These attacks obtain key information stored by measuring physical quantities such as power consumption or electromagnetic radiation during operation of the circuit, or altering the operating conditions to introduce faults and compare the output with and without faults.
In this paper we present a brief summary of the state of art of side channel attacks on ciphers hardware implementations, some of the topics we are working and some results obtained by our research group.Junta de AndalucÃa CRIPTO-BIO (Diseño Microelectrónico para Autenticación Cripto-Biométrica)Ministerio de Ciencia y TecnologÃa (España) P08-TIC3674, CITIES (Circuitos Integrados para transmisión de información especialmente segura)Ministerio de EconomÃa y Competitividad (España) TEC2010-16870 y CESAR (Circuitos microelectrónicos seguros frente a ataques laterales) y TEC2013-45523-
Encryption AXI Transaction Core for Enhanced FPGA Security
The current hot topic in cyber-security is not constrained to software layers. As attacks on electronic circuits have become more usual and dangerous, hardening digital System-on-Chips has become crucial. This article presents a novel electronic core to encrypt and decrypt data between two digital modules through an Advanced eXtensible Interface (AXI) connection. The core is compatible with AXI and is based on a Trivium stream cipher. Its implementation has been tested on a Zynq platform. The core prevents unauthorized data extraction by encrypting data on the fly. In addition, it takes up a small area—242 LUTs—and, as the core’s AXI to AXI path is fully combinational, it does not interfere with the system’s overall performance, with a maximum AXI clock frequency of 175 MHz.This work has been supported within the fund for research groups of the Basque university system IT1440-22 by the Department of Education and within the PILAR ZE-2020/00022 and COMMUTE ZE-2021/00931 projects by the Hazitek program, both of the Basque Government, the latter also by the Ministerio de Ciencia e Innovación of Spain through the Centro para el Desarrollo Tecnológico Industrial (CDTI) within the project IDI-20201264 and IDI-20220543 and through the Fondo Europeo de Desarrollo Regional 2014–2020 (FEDER funds)
- …