A Semi-Permanent Stuck-At Fault Analysis on AES Rijndael SBox

Fault attacks have gained particular attention in recent years as they present a severe threat to security in rapidly rising Internet-of-Things (IoT) devices. IoT devices are generally security-critical and resource-constrained. Therefore, any security protocol deployed in these devices has to satisfy several constraints such as small area footprint, low power, and memory consumption. Combinational circuit implementation of S-box is preferable over look-up table (LUT) in terms of memory consumption as the memory operations are usually the costliest part of lightweight cipher implementations. In this work, we analyze the S-box of AES against a novel fault analysis technique, Semi-Permanent Stuck-At (SPSA) fault analysis. We pinpoint hotspots in an optimized implementation of AES S-box that weaken the cryptographic properties of the S-box, leading to key recovery attacks. Our work investigates new vulnerabilities towards fault analysis in combinational circuit implementation

Combined Side-Channel and Fault Analysis Attack on Protected Grain Family of Stream Ciphers

In this paper, we first demonstrate a new Differential Power Analysis (DPA) attack technique against the Grain family of stream ciphers (Grain v1 and Grain-128) by resynchronizing the cipher multiple times with the same value of the secret \emph{key} and randomly generated different initialization vectors (IVs). Subsequently, we develop a combined side channel and fault analysis attack strategy targeting various fault attack countermeasures for the Grain cipher family. We considered clock glitch induced faults occurring in practice for a hardware implementation of the cipher to devise our novel attack technique. Our proposed combined attack strategy works well even if the \emph{useful} ciphertexts are not available to the adversary. Further, the power trace classifications of a Grain cipher implementation on SASEBO G-II standard side channel evaluation board is shown in order to validate our proposed attack against the cipher. The captured power traces were analyzed using Least Squares Support Vector Machine (LS-SVM) learning algorithm based multiclass classifiers to classify the power traces into the respective Hamming distance (HD) classes. To extract power samples with high information about HD classes, Signal-to-noise ratio (SNR) metric was chosen for feature selection. The experimental results of power trace classifications of test set showed a high success rate of $98\%$ when the five largest SNR sample instants over a clock cycle were chosen as features. Our proposed attack strategy can also be extended to other stream cipher designs based on Fibonacci configured shift registers

Security Analysis of Anti-SAT

Logic encryption protects integrated circuits (ICs) against intellectual property (IP) piracy and over- building attacks by encrypting the IC with a key. A Boolean satisfiability (SAT) based attack breaks all existing logic encryption technique within few hours. Recently, a defense mechanism known as Anti-SAT was presented that protects against SAT attack, by rendering the SAT-attack effort exponential in terms of the number of key gates. In this paper, we highlight the vulnerabilities of Anti-SAT and propose signal probability skew (SPS) attack against Anti-SAT block. SPS attack leverages the structural traces in Anti-SAT block to identify and isolate Anti-SAT block. The attack is 100% successful on all variants of Anti-SAT block. SPS attack is scalable to large circuits, as it breaks circuits with up to 22K gates within two minutes

Redefining the Transparency Order

International audience4 Agence nationale de la scurit des systmes d'information (ANSSI) Abstract. In this paper, we revisit the definition of Transparency Order (TO) from the work of Prouff (FSE 2005) that was proposed to measure the resistance of an s-box against Differential Power Analysis. We find that the definition has certain limitations. Although this work has been quite well referred in the literature, surprisingly, these limitations remained unexplored for almost a decade. We analyze the definition from scratch, modify it and finally provide a revised definition. Our simulation results confirm that the transparency order is indeed related to the resistance of the s-box against side-channel attacks. Thus (revised) TO is one of the valuable criteria to consider when designing a cryptographic algorithm

A Subset Fault Analysis of ASCON

ASCON is an authenticated encryption, selected as the first choice for a lightweight use case in the CAESAR competition in February 2019. In this work, we investigate vulnerabilities of ASCON against fault analysis. We observe that the use of 128-bit random nonce makes it resistant against many cryptanalysis techniques like differential, linear, etc. and their variants. However, XORing the key just before releasing the tag T (a public value) creates a trivial attack path. Also, the S-Box demonstrates a non-random behavior towards subset cryptanalysis. We observe that if the 3rd bit of the S-box input is set to zero, then XoR of the last two output bits is zero, with a probability of $0.625$, i.e., this characteristic is present in 10 out of 16 cases. Our subset fault analysis(SSFA) attack uses this property to retrieve the 128-bit secret key. The SSFA attack can uniquely retrieve the key of full-round ASCON with the complexity of $2^{64}$

Constrained Search for a Class of Good S-Boxes with Improved DPA Resistivity

Abstract. In FSE 2005, transparency order was proposed as a parameter for the robustness of S-boxes to Differential Power Analysis (DPA): lower transparency order implying more resistance. However most cryptographically strong Boolean functions have been found to have high transparency order. Also it is a difficult problem to search for Boolean functions which are strong cryptographically, and yet have low transparency order, the total search space for (n, n)-bit Boolean functions being as large as n2 2n. In this paper we characterize transparency order for various classes of Boolean functions by computing the upper and lower bounds of transparency order for both even and odd numbers of variables. The transparency order is defined in terms of diffusion properties of the structures of Boolean functions namely the number of bit flips in the output of the functions corresponding to the number of bit flips at the input of the function. The calculated bounds depend on the number of vectors flipping the input of S-box for which bias of probability of S-box output bit deviates from the value of 0.5. The transparency order is found to be high in the class of those Boolean functions which have larger cardinality of input differences for which the probability of output bit flip is 0.5. Also we find that instead of propagation characteristics, autocorrelation spectra of the S-box function F is a more qualifying candidate in deciding the characteristics of transparency order. The relations developed to characterize transparency order aid in our constrained random generation and search of a class of balanced 8 × 8 S-boxes with transparency order upper bounded by 7.8, nonlinearity in range (104, 110) and absolute indicator values of GAC in range (48, 88)