ARIA密码的积分故障分析

doi:10.11959/j.issn.1000-436x.2019033

Abstract

Abstract:

ARIA is a Korean standard block cipher,which is flexible to provide security for software and hardware implementation.Since its introduction,some research of fault analysis is devoted to attacking the last two rounds of ARIA.It is an open problem to know whether provoking faults at some former rounds of ARIA allowed recovering the secret key.An answer was given to solve this problem by showing a novel integral differential fault analysis on two rounds earlier of ARIA.The mathematical analysis and simulating experiments show that the attack can successfully recover its secret key by fault injections.The results in this study describe that the integral fault analysis is a strong threaten to the security of ARIA.The results are beneficial to the analysis of the same type of other block ciphers.

Key words: crypt analysis, block cipher, ARIA cipher, integral fault analysis

CLC Number:

TP309.7

Yu SHEN,Wei LI,Dawu GU,Yixin WU,Shan CAO,Ya LIU,Zhiqiang LIU,Zhihong ZHOU. Integral fault analysis of the ARIA cipher[J]. Journal on Communications, 2019, 40(2): 164-173.

Figures/Tables 10

References 25

[1]	ALIOTO M , SHAHGHASEMI M . The Internet of things on its edge:trends toward its tipping point[J]. IEEE Consumer Electronics Magazines, 2018,7(1): 77-87.
[2]	BAKER T , UGLJANIN E , FACI N ,et al. Everything as a resource:foundations and illustration through Internet-of-things[J]. Computers in Industry, 2018,94(1): 62-74.
[3]	KWON D , KIM J , PARK S ,et al. New block cipher:ARIA[C]// International Conference of Information Security and Cryptology. 2003: 432-445.
[4]	BIRYUKOV A , CANNIERE D C , LANO J ,et al. Security and performance analysis of ARIA[J]. Internal Report,KU Leuven ESAT/SCD-COSIC, 2004: 1-55.
[5]	LI P , SUN B , LI C . Integral cryptanalysis of ARIA[C]// International Conference of Information Security and Cryptology. 2009: 1-14.
[6]	LIU Z , GU D , LIU Y ,et al. Linear cryptanalysis of ARIA block cipher[C]// International Conference of Information and Communications Security, 2011: 242-254.
[7]	LI Y , WU W , ZHANG L . Integral attacks on reduced-round ARIA block cipher[C]// International Conference of Information Security,Practice and Experience. 2010: 19-29.
[8]	WU W , ZHANG W , FENG D . Impossible differential cryptanalysis of reduced–round ARIA and Camellia[J]. Journal of Computer Science and Technology, 2007,22(3): 449-456.
[9]	HESS E , JANSSEN N , MEYER B ,et al. Information leakage attacks against smart card implementations of cryptographic algorithms and countermeasures–a survey[C]// International Conference on Research in Smart Cards. 2000: 55-64.
[10]	JOYE M , QUISQUATER J J , YEN S M ,et al. Observability analysis-detecting when improved cryptosystems fail[C]// The Cryptographer's Track at the RSA Conference on Topics in Cryptology. 2002: 17-29.
[11]	KELSEY J , SCHNEIER B , WAGNER D ,et al. Side channel cryptanalysis of product ciphers[C]// European Symposium on Research in Computer Security. 1998: 97-110.
[12]	LIN I C , CHANG C C . Security enhancement for digital signature schemes with fault tolerance in RSA[J]. Information Sciences, 2007,177(19): 4031-4039.
[13]	BIHAM E , SHAMIR A . Differential fault analysis of secret key cryptosystems[C]// Annual International Cryptology Conference. 1997: 513-525.
[14]	BONEH D , DEMILLO R A , LIPTON R J . On the importance of checking cryptographic protocols for faults[C]// International Conference on Theory and Application of Cryptographic Techniques. 1997: 37-51.
[15]	BONEH D , DEMILLO R A , LIPTON R J . On the importance of eliminating errors in cryptographic computations[J]. Journal of Cryptology, 2001,14(2): 101-119.
[16]	BIEHL I , MEYER B , MULLER V . Differential fault attacks on elliptic curve cryptosystems[C]// International Cryptology Conference on Advances in Cryptology. 2000: 131-146.
[17]	FISCHER W , REUTER C A . Differential fault analysis on Gr?stl[C]// Workshop on Fault Diagnosis and Tolerance in Cryptography. 2012: 44-54.
[18]	HEMME L , HOFFMANN L . Differential fault analysis on the SHA1 compression function[C]// Workshop on Fault Diagnosis and Tolerance in Cryptography. 2011: 54-62.
[19]	HOCH J J , SHAMIR A . Fault analysis of stream ciphers[C]// International Workshop on Cryptographic Hardware and Embedded Systems. 2004: 240-253.
[20]	LI W , GU D , LI J . Differential fault analysis on the ARIA algorithm[J]. Information Sciences, 2008,178(19): 3727-3737.
[21]	PARK J H , HA J C . Improved differential fault analysis on block cipher ARIA[C]// International Workshop on Information Security Applications. 2012: 82-95.
[22]	KIM H C . Differential fault analysis of ARIA in multi-byte fault models[J]. Journal of Systems and Software, 2012,85(9): 2096-2103.
[23]	PHAN R C W , YEN M . Amplifying side-channel attacks with techniques from block cipher cryptanalysis[J]. International Conference on Smart Card Research and Advanced Applications, 2006: 135-150.
[24]	DAEMEN J , KNUDSEN L R , RIJMEN V . The block cipher square[C]// International Workshop on Fast Software Encryption. 1997: 149-165.
[25]	LIDL R , NIEDERREITER H . Finite fields[M]. Cambridge: Cambridge University PressPress, 1997.

Metrics

Recommended 0

No Suggested Reading articles found!

算法	故障分析	故障模型	首次故障导入轮数
文献[20,21]算法	差分故障分析	字节	第11轮
文献[22]算法	差分故障分析	多字节	第11轮
本文算法	积分故障分析	字节	第9～10轮

算法	分组长度/bit	密钥长度/bit	轮数/轮
ARIA-128	128	128	12
ARIA-192	128	192	14
ARIA-256	128	256	16

A_l-2中的非零差分字节	A_l-1中的非零差分字节
0	3，4，6，8，9，13，14
1	2，5，7，8，9，12，15
2	1，4，6，10，11，12，15
3	0，5，7，10，11，13，14
4	0，2，5，8，11，14，15
5	1，3，4，9，10，14，15
6	0，2，7，9，10，12，13
7	1，3，6，8，11，12，13
8	0，1，4，7，10，13，15
9	0，1，5，6，11，12，14
10	2，3，5，6，8，13，15
11	2，3，4，7，9，12，14
12	1，2，6，7，9，11，12
13	0，3，6，7，8，10，13
14	0，3，4，5，9，11，14
15	1，2，4，5，8，10，15

活动字节	3个平衡字节的组合
0	{6,9,15}
1	{7,8,14}
2	{4,11,13}
3	{5,10,12}
4	{2,11,13}
5	{3,10,12}
6	{0,9,15}
7	{7,8,14}
8	{1,7,14}
9	{0,6,15}
10	{3,5,12}
11	{2,4,14}
12	{3,5,10}
13	{2,4,11}
14	{1,7,8}
15	{0,6,9}

集合	准确性					可靠性
集合	G₁	G₂	G₃	G₄	G₅	G₁	G₂	G₃	G₄	G₅
1	8.08	8.16	8.09	8.11	8.96	0	0	0	0	0
2	0.72	0.60	0.45	0.72	0.80	94.0%	96.0%	97.5%	93.5%	93.0%
3	0	0	0	0	0	100%	100%	100%	100%	100%

Integral fault analysis of the ARIA cipher

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 10

References 25

Related Articles 15

Metrics

Recommended 0

[1]	Bin HU, Xiao TAN, Senpeng WANG. SAT-based differential automatic search algorithm using divide-and-conquer strategy and its applications [J]. Journal on Communications, 2023, 44(4): 137-144.
[2]	Shaoyu DU. Improved integral attack——random linear distinguish and key recovery attack [J]. Journal on Communications, 2023, 44(4): 145-153.
[3]	Zhengbin LIU, Yongqiang LI, Chaoxi ZHU. Fast algorithm to search for the minimum number of active S-boxes of block cipher [J]. Journal on Communications, 2023, 44(1): 118-128.
[4]	Manman LI, Shaozhen CHEN. Improved meet-in-the-middle attack on reduced-round Kiasu-BC algorithm [J]. Journal on Communications, 2022, 43(7): 41-48.
[5]	Zilong JIANG, Chenhui JIN. Impossible differential cryptanalysis of Saturnin algorithm [J]. Journal on Communications, 2022, 43(3): 53-62.
[6]	Min XIE,Jiaqi LI,Feng TIAN. Differential fault attack on FeW [J]. Journal on Communications, 2020, 41(4): 143-149.
[7]	Xiaonian WU,Yingxin LI,Yongzhuang WEI,Yaping SUN. Impossible differential distinguisher analysis of GRANULE and MANTRA algorithm [J]. Journal on Communications, 2020, 41(1): 94-101.
[8]	Min XIE,Feng TIAN,Jiaqi LI. Related-key impossible boomerang cryptanalysis on TWINE [J]. Journal on Communications, 2019, 40(9): 184-192.
[9]	Yang GAO,Yong-juan WANG,Lei WANG,Tao WANG. Improvement Differential fault attack on TWINE [J]. Journal on Communications, 2017, 38(Z2): 178-184.
[10]	Min XIE,Yan-li MU. Related-key impossible boomerang cryptanalysis on LBlock [J]. Journal on Communications, 2017, 38(5): 66-71.
[11]	Jie CUI,Hai-feng ZUO,Hong ZHONG. Biclique cryptanalysis on lightweight block ciphers I-PRESENT-80 and I-PRESENT-128 [J]. Journal on Communications, 2017, 38(11): 13-23.
[12]	Min WANG,Zhen WU,Jin-tao RAO,Hang LING. Round reduction-based fault attack on SM4 algorithm [J]. Journal on Communications, 2016, 37(Z1): 98-103.
[13]	Yong-juan WANG,Quan-yu2 REN,Shi-yi ZHANG. Differential fault attack on lightweight block cipher Klein [J]. Journal on Communications, 2016, 37(Z1): 111-115.
[14]	Jing HUANG,Xin-jie ZHAO,Fan ZHANG,Shi-ze GUO,Ping ZHOU,Hao CHEN,Jian YANG. Improvement and evaluation for algebraic fault attacks on PRESENT [J]. Journal on Communications, 2016, 37(8): 144-156.
[15]	IRong-jia L,INChen-hui J. Meet-in-the-middle attacks on FOX block cipher [J]. Journal on Communications, 2016, 37(8): 185-190.

集合	准确性					可靠性
集合	G₁	G₂	G₃	G₄	G₅	G₁	G₂	G₃	G₄	G₅
1	11.31	11.37	11.34	11.28	11.35	0	0	0	0	0
2	11.13	11.19	11.16	11.10	11.17	0	0	0	0	0
3	10.81	10.86	10.81	10.85	10.87	0	0	0	0	0
4	10.44	10.43	10.38	10.42	10.39	0	0	0	0	0
5	9.95	9.95	9.95	9.89	9.98	0	0	0	0	0
6	9.39	9.42	9.43	9.40	9.40	0	0	0	0	0
7	8.81	8.88	8.81	8.80	8.87	0	0	0	0	0
8	8.23	8.24	8.22	8.15	8.27	0	0	0	0	0
9	7.55	7.55	7.56	7.54	7.51	0	0	0	0	0
10	6.92	6.91	6.89	6.90	6.89	0	0	0	0	0
11	6.25	6.26	6.23	6.24	6.14	0	0	0	0	0
12	5.52	5.57	5.52	5.58	5.45	0	0	0	0	0
13	4.78	4.77	4.77	4.81	4.76	0	0	0	0	0
14	3.94	3.93	3.92	3.95	3.94	0	0	0	0	0
15	2.83	2.82	2.81	2.84	2.83	0	0	0	0	0
16	0	0	0	0	0	100%	100%	100%	100%	100%