通信学报 ›› 2020, Vol. 41 ›› Issue (4): 143-149.doi: 10.11959/j.issn.1000-436x.2020077

• 学术论文 • 上一篇    下一篇

FeW的差分故障攻击

谢敏,李嘉琪,田峰   

  1. 西安电子科技大学综合业务网理论及关键技术国家重点实验室,陕西 西安 710071
  • 修回日期:2020-03-23 出版日期:2020-04-25 发布日期:2020-04-30
  • 作者简介:谢敏(1976- ),女,湖南桃源人,博士,西安电子科技大学副教授,主要研究方向为编码与密码|李嘉琪(1993- ),男,陕西榆林人,西安电子科技大学硕士生,主要研究方向为分组密码算法的分析|田峰(1995- ),男,河南安阳人,西安电子科技大学硕士生,主要研究方向为分组密码算法的分析
  • 基金资助:
    国家重点研发计划基金资助项目(2018YFE0126000);国家自然科学基金资助项目(U1636209);陕西省重点研发计划基金资助项目(2019ZDLGY13-07);陕西省重点研发计划基金资助项目(2019ZDLGY13-04)

Differential fault attack on FeW

Min XIE,Jiaqi LI,Feng TIAN   

  1. State Key Laboratory of Integrated Services Networks,Xidian University,Xi’an 710071,China
  • Revised:2020-03-23 Online:2020-04-25 Published:2020-04-30
  • Supported by:
    The National Key Research and Development Program of China(2018YFE0126000);The National Natural Science Foundation of China(U1636209);The Key Research and Development Program of Shaanxi Province(2019ZDLGY13-07);The Key Research and Development Program of Shaanxi Province(2019ZDLGY13-04)

摘要:

为了评估轻量级分组密码算法FeW的安全性,提出并讨论了一种针对FeW算法的差分故障攻击方法。该方法采用单字节随机故障模型,选择在 FeW 算法的最后一轮右侧引入单字节随机故障,利用线性扩散函数的特点获取差分信息,并基于S盒差分分布统计规律实现密钥恢复。实验结果表明,平均47.73次和79.55次故障注入可以分别完全恢复FeW-64-80和FeW-64-128的主密钥,若在恢复密钥过程中加入2<sup>10</sup>的穷举计算,所需平均故障注入次数分别降至24.90和41.50。该方法可以有效地攻击FeW算法。

关键词: FeW算法, 轻量级分组密码, 差分故障攻击, 单字节故障模型

Abstract:

In order to evaluate the security of the lightweight block cipher FeW,a differential fault attack method was proposed and discussed using a single byte random fault model.In this method,a single byte random fault was introduced on the right side of the last round of FeW to recover the key based on the statistical characteristics of S-box difference distribution,and the difference information was obtained using the characteristics of the linear diffusion function.The experiment results show that the complete key recovery can be achieved with an average of 47.73 and 79.55 fault injections for FeW-64-80 and FeW-64-128 respectively.If 2<sup>10</sup>exhaustive calculations are added to the key recovery process,the number of average fault injections required can be reduced to 24.90 and 41.50.This attack is effective on FeW.

Key words: FeW algorithm, lightweight block cipher, differential fault attack, single byte fault model

中图分类号: 

No Suggested Reading articles found!