PRESENT代数故障攻击的改进与评估

doi:10.11959/j.issn.1000-436x.2016165

Abstract

Abstract:

An enhanced algebraic fault analysis on PRESENT was proposed.Algebraic cryptanalysis was introduced to build the algebraic equations for both the target cipher and faults.The equation set of PRESENT was built reversely in order to accelerate the solving speed.An algorithm of estimating the reduced key entropy for given amount of fault injec-tions was proposed,which can evaluate the resistance of PRESENT against fault attacks under different fault models.Fi-nally,extensive glitch-based fault attacks were conducted on an 8-bit smart card PRESENT implemented on a smart card.The best results show that only one fault injection was required for the key recovery,this is the best result of fault attacks on PRESENT in terms of the data complexity.

Key words: algebraic cryptanalysis, lightweight block cipher, fault attack,satisfiability solving, clock glitch

Jing HUANG,Xin-jie ZHAO,Fan ZHANG,Shi-ze GUO,Ping ZHOU,Hao CHEN,Jian YANG. Improvement and evaluation for algebraic fault attacks on PRESENT[J]. Journal on Communications, 2016, 37(8): 144-156.

Figures/Tables 17

References 27

[1]	BOGDANOV A , KNUDSEN L R , LEANDER G , et al. PRESENT:an ul-tra-lightweight block cipher[C]// CHES 2007. c2007:450-466.
[2]	BOGDANOV A , LEANDER G , PAARC , et al. Hash functions and RFID tags:mind the gap[C]// CHES 2008. Washington,DC,USA c2008:283-299.
[3]	WANG M . cryptanalysis of reduced-round PRESENT[C]// AFRICACRYPT 2008. Casablanca,Morocco c2008:283-299.
[4]	BLONDEAU C , NYBERG K . New links between differential and linear cryptanalysis[C]// EUROCRYPT 2013. Athens,Greece c2013:388-404.
[5]	BLONDEAU C , NYBERG K . Links between truncated differential and multidimensional linear properties of block ciphers and underlying attack complexities[C]// EUROCRYPT 2014. Athens,Greece c2014:165-182.
[6]	NAKAHARA J , SEPEHRDAD P , ZHANG B , et al. Linear (hull) and algebraic cryptanalysis of the block cipher PRESENT[C]// CANS 2009. Ishikawa,Japan c2009:58-75.
[7]	CHO J Y . Linear cryptanalysis of reduced-round PRESENT[C]// CT-RSA 2010. San Francisco,CA,USA c2010:302-317.
[8]	ALBRECHT M , CID C . Algebraic techniques in differential crypt-analysis[C]// FSE 2009. Leuven,Belgium c2009:193-208.
[9]	BLONDEAU C , PEYRIN T , WANG L . Known-key distinguisher on full PRESENT[EB/OL]. , 2015.
[10]	ZHANG J , GU D W , GUO Z . Differential power cryptanalysis attacks against PRESENT implementation[C]// ICACTE 2010. Chengdu,China c2010:661-665.
[11]	李浪，李仁发，李肯立 , 等. 轻量级 PRESENT 加密算法功耗攻击研究[J]. 计算机应用研究， 2014，31(3):843-845. LI L , LI R F , LI K L , et al. Differential power analysis attacks on PRE-SENT[J]. Application Research of Computers, 2014,31(3):843-845.
[12]	RENAULD M , STANDAERT F X . Algebraic side-channel at-tacks[C]// In-scrypt 2009. Beijing,China c2010:393-410.
[13]	ZHAO X J , GUO S Z , ZHANG F , et al. Efficient Hamming weight-based side-channel cube attacks on PRESENT[J]. The Journal of Systems and Software, 2013,86: 728-743.
[14]	LI J , GU D W . Differential fault analysis on PRESENT[C]// CHNA-CRYPT 2009. Guang Zhou,China c2009:3-13.
[15]	WANG G , WANG S . Differential fault analysis on present key sched-ule[C]// CIS 2010. Nanning,China c2010:362-366.
[16]	ZHAO X J , GUO S Z , ZHANG F , et al. Fault-propagate pattern based DFA on PRESENT and PRINT cipher[J]. Wuhan University Journal of Natural Sciences, 2012,17(6): 485-493.
[17]	GU D W , LI J R , LI S . Differential fault analysis on light-weight block ciphers with statistical cryptanalysis techniques[C]// FDTC 2012. Leuven,Belgium c2012:27-33.
[18]	吴克辉，赵新杰，王韬 , 等. PRESENT密码代数故障攻击[J]. 计算机应用研究， 2012，33(8):85-92. WU K H , ZHAO X J , WANG T . Algebraic fault attack on PRE-SENT[J]. Journal on Communications, 2012,33(8):85-92.
[19]	JEONG K , LEE Y , SUNG J , et al. Improved differential fault analysis on PRESENT-80/128[J]. International Journal of Computer Mathe-matics, 2013,90(12): 2553-2563.
[20]	KLOSE D . PRESENT implementation[EB/OL]. , 2011.
[21]	郭世泽，王韬，赵新杰 . 密码旁路分析原理与方法[M]. 北京: 科学出版社, 2014. GUO S Z , WANG T , ZHAO X J , et al. Principles and methodologies of side-channel analysis in cryptography[M]. Beijing,China: Science Press, 2014.
[22]	ZHAO X J , GUO S Z , ZHANG F , et al. Improving and evaluating differen-tial fault analysis on LED with algebraic techniques[C]// FDTC 2013. Santa Barbara,CA,USA c2013:41-51.
[23]	KUMAR R , JOVANOVIC P , BURLESON W P , et al. Parametric trojans for fault-injection attacks on cryptographic hardware[C]// FDTC 2014. Busan,Korea c2014:18-28.
[24]	DEHBAOUI A , MIRBAHA A P , MORO N , et al. Electromagnetic glitch on the aes round counter[C]// COSADE 2013. Paris,France c2013:17-31.
[25]	LI Y , HAYASHI Y , MATSUBARA A , et al. Yet another fault-based leakage in non-uniform faulty ciphertexts[C]// FPS 2013. La Rochelle,France c2013:272-287.
[26]	LI Y , SAKIYAMA K , GOMISAWA S , et al. Fault sensitivity analy-sis[C]// CHES 2010. Santa Barbara,California,USA c2010:320-334.
[27]	MORADI A , MISCHKE O , PAAR C , et al. On the power of fault sensitivity analysis and collision side-channel attacks in a combined setting[C]// CHES 2011. Nara,Japan c2011:292-311.

Metrics

Recommended 0

No Suggested Reading articles found!

轮次	w=1	w=4	w=8	w=16	w=32
29	13.77	9.42	12.34	8.24	9.64
28	41.95	28.51	34.23	32.48	29.57

攻击	算法	方法	故障模型	是否选定故障样本	样本量	密钥搜索空间
文献[14]	PRESENT-80	DFA	r=29,w=4	否	40~50	2¹⁶
文献[16]	PRESENT-80	DFA	r=29,w=4	否	8	2^14.7
文献[16]	PRESENT-128	DFA	r=29,w=4	否	16	2^22.1
文献[17]	PRESENT-80	SFA	=23~31,w=4	否	10 000	1
文献[18]	PRESENT-80	AFA	r=29,w=4	是	2	2¹⁶
文献[21]	PRESENT-80	DFA	r=28,w=16	未知	2	1.7
文献[21]	PRESENT-128	DFA	r=28,w=16	未知	3	2^22.3
本文	PRESENT-80	AFA	r=29,w=4	否	8	2^8.13
本文	PRESENT-80	AFA	r=29,w=4	是	2	1
本文	PRESENT-80	AFA	r=28,w=4	否	3	2^4.05
本文	PRESENT-80	AFA	r=28,w=8	否	2	2^8.07
本文	PRESENT-80	AFA	r=28,w=16	否	2	2^12.60
本文	PRESENT-128	AFA	r=28,w=16	否	3	2^44.91

Improvement and evaluation for algebraic fault attacks on PRESENT

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 17

References 27

Related Articles 10

Metrics

Recommended 0

[1]	Zilong JIANG, Chenhui JIN. Impossible differential cryptanalysis of Saturnin algorithm [J]. Journal on Communications, 2022, 43(3): 53-62.
[2]	Zhaocun ZHOU, Dengguo FENG. Survey on approaches of stream cipher cryptanalysis [J]. Journal on Communications, 2022, 43(11): 183-198.
[3]	Min XIE,Jiaqi LI,Feng TIAN. Differential fault attack on FeW [J]. Journal on Communications, 2020, 41(4): 143-149.
[4]	Xiaonian WU,Yingxin LI,Yongzhuang WEI,Yaping SUN. Impossible differential distinguisher analysis of GRANULE and MANTRA algorithm [J]. Journal on Communications, 2020, 41(1): 94-101.
[5]	Min XIE,Feng TIAN,Jiaqi LI. Related-key impossible boomerang cryptanalysis on TWINE [J]. Journal on Communications, 2019, 40(9): 184-192.
[6]	Yang GAO,Yong-juan WANG,Lei WANG,Tao WANG. Improvement Differential fault attack on TWINE [J]. Journal on Communications, 2017, 38(Z2): 178-184.
[7]	Min XIE,Yan-li MU. Related-key impossible boomerang cryptanalysis on LBlock [J]. Journal on Communications, 2017, 38(5): 66-71.
[8]	Jie CUI,Hai-feng ZUO,Hong ZHONG. Biclique cryptanalysis on lightweight block ciphers I-PRESENT-80 and I-PRESENT-128 [J]. Journal on Communications, 2017, 38(11): 13-23.
[9]	. Related-key impossible differential attack on a lightweight block cipher MIBS [J]. Journal on Communications, 2014, 35(2): 23-193.
[10]	Ping CHEN,Fu-cheng LIAO,Hong-ru WEI. Related-key impossible differential attack on a lightweight block cipher MIBS [J]. Journal on Communications, 2014, 35(2): 190-193.