A Security Analysis of IoT Encryption: Side-channel Cube Attack on Simeck32/64

Simeck, a lightweight block cipher has been proposed to be one of the encryption that can be employed in the Internet of Things (IoT) applications. Therefore, this paper presents the security of the Simeck32/64 block cipher against side-channel cube attack. We exhibit our attack against Simeck32/64 using the Hamming weight leakage assumption to extract linearly independent equations in key bits. We have been able to find 32 linearly independent equations in 32 key variables by only considering the second bit from the LSB of the Hamming weight leakage of the internal state on the fourth round of the cipher. This enables our attack to improve previous attacks on Simeck32/64 within side-channel attack model with better time and data complexity of 2^35 and 2^11.29 respectively.Comment: 12 pages, 6 figures, 4 tables, International Journal of Computer Networks & Communication

Algebraic Fault Analysis of Katan

This paper presents a new and more realistic model for fault attacks and statistical and algebraic techniques to improve fault analysis in general. Our algebraic techniques is an adapted solver for systems of equations based on ElimLin and XSL. We use these techniques to introduce two new fault attacks on the hardware oriented block cipher Katan32 from the Katan family of block ciphers. We are able to break full Katan using $4$ faults and $2^{29.04}$ Katan evaluations with a theoretical statistical fault attack and $7.19$ faults in $2^{27.2}$ Katan evaluations with a tested algebraic one. This is a great improvement over the existing fault attacks which need $115$ and $140$ faults respectively. Furthermore, our algebraic attack can be executed on a normal computer

Survey on Lightweight Primitives and Protocols for RFID in Wireless Sensor Networks

The use of radio frequency identification (RFID) technologies is becoming widespread in all kind of wireless network-based applications. As expected, applications based on sensor networks, ad-hoc or mobile ad hoc networks (MANETs) can be highly benefited from the adoption of RFID solutions. There is a strong need to employ lightweight cryptographic primitives for many security applications because of the tight cost and constrained resource requirement of sensor based networks. This paper mainly focuses on the security analysis of lightweight protocols and algorithms proposed for the security of RFID systems. A large number of research solutions have been proposed to implement lightweight cryptographic primitives and protocols in sensor and RFID integration based resource constraint networks. In this work, an overview of the currently discussed lightweight primitives and their attributes has been done. These primitives and protocols have been compared based on gate equivalents (GEs), power, technology, strengths, weaknesses and attacks. Further, an integration of primitives and protocols is compared with the possibilities of their applications in practical scenarios

Fault Analysis of the KTANTAN Family of Block Ciphers: A Revisited Work of Fault Analysis of the KATAN Family of Block Ciphers

This paper investigates the security of the KTANTAN block cipher against differential fault analysis. This attack is considered to be first side channel analysis of KTANTAN in the literature. KTANTAN is a relative to the KATAN block cipher. Therefore, the previous fault analysis on KATAN family of block cipher is revisited. Similar to KATAN, KTANTAN has three variants namely KTANTAN32, KTANTAN48 and KTANTAN64. The inner structure of KTANTAN is similar to KATAN except the key schedule algorithms. KATAN has been practically broken by using fault analysis, employing a transient single-bit fault model, with the assumption is that the attacker is able to inject faults randomly into the internal state of the cipher. The attack is empowerd by extended cube method similarly as applied on KATAN. The complexity of this attack is $2^{74}$ for KTANTAN32 and $2^{76}$ for both KTANTAN48 and KTANTAN64. Furthermore, based on the obtained results, this paper concludes that KTANTAN is more robust against fault analysis compared to KATAN

Automated Dynamic Cube Attack on Block Ciphers: Cryptanalysis of SIMON and KATAN

A few work has ever been performed in cryptanalysis of block ciphers using cube attacks. This paper presents a new framework for an efficient key recovery attack on block ciphers based on cube technique. In this method, a cube tester is positioned at the middle of the cipher which is extended in two directions over the maximum possible upper and lower rounds, given that some subkey bits are guessed. It is shown that an automated algorithm for this dynamic cube attack on block ciphers can be realized. Furthermore, we show its effectiveness on two lightweight block ciphers KATAN and SIMON. Our results shows that this method can break 117 and 152 out of 254 rounds of KATAN-32 in non-full-codebook and full-codebook attack scenarios, respectively. In the case of SIMON32/64, we succeed to cryptanalyse 16 and 18 out of 32 rounds, by the same scenarios. Both results show that although this method does not outperform all the existing attacks on these two ciphers, it can absolutely compete with the well-established and mature methods of cryptanalysis of block ciphers, such as linear, differential and meet in the middle attack families

Enhanced Hardware Security Using Charge-Based Emerging Device Technology

The emergence of hardware Trojans has largely reshaped the traditional view that the hardware layer can be blindly trusted. Hardware Trojans, which are often in the form of maliciously inserted circuitry, may impact the original design by data leakage or circuit malfunction. Hardware counterfeiting and IP piracy are another two serious issues costing the US economy more than $200 billion annually. A large amount of research and experimentation has been carried out on the design of these primitives based on the currently prevailing CMOS technology. However, the security provided by these primitives comes at the cost of large overheads mostly in terms of area and power consumption. The development of emerging technologies provides hardware security researchers with opportunities to utilize some of the otherwise unusable properties of emerging technologies in security applications. In this dissertation, we will include the security consideration in the overall performance measurements to fully compare the emerging devices with CMOS technology. The first approach is to leverage two emerging devices (Silicon NanoWire and Graphene SymFET) for hardware security applications. Experimental results indicate that emerging device based solutions can provide high level circuit protection with relatively lower performance overhead compared to conventional CMOS counterpart. The second topic is to construct an energy-efficient DPA-resilient block cipher with ultra low-power Tunnel FET. Current-mode logic is adopted as a circuit-level solution to countermeasure differential power analysis attack, which is mostly used in the cryptographic system. The third investigation targets on potential security vulnerability of foundry insider\u27s attack. Split manufacturing is adopted for the protection on radio-frequency (RF) circuit design

Improved Side Channel Cube Attacks on PRESENT

The paper presents several improved side channel cube attacks on PRESENT based on single bit leakage model. Compared with the previous study of Yang et al in CANS 2009 [30], based on the same model of single bit leakage in the 3rd round, we show that: if the PRESENT cipher structure is unknown, for the leakage bit 0, 32-bit key can be recovered within $2^{7.17}$ chosen plaintexts; if the cipher structure is known, for the leakage bit 4,8,12, 48-bit key can be extracted by $2^{11.92}$ chosen plaintexts, which is less than $2^{15}$ in [30]; then, we extend the single bit leakage model to the 4th round, based on the two level “divide and conquer” analysis strategy, we propose a sliding window side channel cube attack on PRESENT, for the leakage bit 0, about $2^{15.14}$ chosen plaintexts can obtain 60-bit key; in order to obtain more key bits, we propose an iterated side channel cube attack on PRESENT, about $2^{8.15}$ chosen plaintexts can obtain extra 12 equivalent key bits, so overall $2^{15.154}$ chosen plaintexts can reduce the PRESENT-80 key searching space to $2^{8}$; finally, we extend the attack to PRESENT-128, about $2^{15.156}$ chosen plaintexts can extract 85 bits key, and reduce the PRESENT-128 key searching space to $2^{43}$. Compared with the previous study of Abdul-Latip et al in ASIACCS 2011 [31] based on the Hamming weight leakage model, which can extract 64-bit key of PRESENT-80/128 by $2^{13}$ chosen plaintexts, our attacks can extract more key bits, and have certain advantages over [31]