Figure 1.
Fault at penultimate round (
-
Previous Article
Generic constructions of MDS Euclidean self-dual codes via GRS codes
- AMC Home
- This Issue
-
Next Article
The weight recursions for the 2-rotation symmetric quartic Boolean functions
doi: 10.3934/amc.2022035
Online First
Online First articles are published articles within a journal that have not yet been assigned to a formal issue. This means they do not yet have a volume number, issue number, or page numbers assigned to them, however, they can still be found and cited using their DOI (Digital Object Identifier). Online First publication benefits the research community by making new scientific discoveries known as quickly as possible.
Readers can access Online First articles via the “Online First” tab for the selected journal.
Differential faultt attack on DEFAULT
| 1. | Department of Mathematics, Indian Institute of Technology Madras, Chennai, India |
| 2. | Department of Computer Science and Engineering, Indian Institute of Technology Jammu, Jammu |
Block cipher DEFAULT has been proposed as a differential fault analysis immune cipher at Asiacrypt 2021. In this paper, we consider the initial version of DEFAULT with no permutation involved in the last round and show that one can find the key in this version with complexity $ 2^{16} $ by injecting 112 faults. However, our idea does not work for the modified version of the cipher (where a key scheduling algorithm is involved).
Mathematics Subject Classification:
Primary: 94A60.
Citation:
Chandan Dey, Sumit Kumar Pandey, Tapabrata Roy, Santanu Sarkar.
Differential faultt attack on DEFAULT. Advances in Mathematics of Communications, doi: 10.3934/amc.2022035
![]()
References:
| [1] |
A. Baksi, Classical and physical security of symmetric key cryptographic algorithms, IFIP/IEEE 29th International Conference on Very Large Scale Integration (VLSI-SoC), Singapore, 2021.
doi: 10.1109/VLSI-SoC53125.2021.9606988. |
| [2] |
A. Baksi, S. Bhasin, J. Breier, M. Khairallah, T. Peyrin, S. Sarkar and S. M. Sim, DEFAULT: Cipher level resistance against differential fault attack, in Advances in Cryptology - ASIACRYPT 2021, Lecture Notes in Comput. Sci., 13091, Springer, 2021,124–156.
doi: 10.1007/978-3-030-92075-3_5. |
| [3] |
S. Banik, S. K. Pandey, T. Peyrin, Y. Sasaki, S. M. Sim and Y. Todo, GIFT: {A} small present, in Cryptographic Hardware and Embedded Systems - CHES 2017, Lecture Notes in Comput. Sci., 10529, Springer, 2017,321–345.
doi: 10.1007/978-3-319-66787-4_16. |
| [4] |
C. Beierle, G. Leander, A. Moradi and S. Rasoolzadeh,
CRAFT: Lightweight tweakable block cipher with efficient protection against DFA attacks, IACR Trans. Symmetric Cryptol., 2019 (2019), 5-45.
doi: 10.46586/tosc.v2019.i1.5-45. |
| [5] |
E. Biham and A. Shamir, Differential fault analysis of secret key cryptosystems, in Advances in Cryptology - CRYPTO '97, Lecture Notes in Comput. Sci., 1294, Springer, 1997,513–525.
doi: 10.1007/BFb0052259. |
| [6] |
D. Boneh, R. A. DeMillo and R. J. Lipton, On the importance of checking cryptographic protocols for faults (extended abstract), in Advances in Cryptology - EUROCRYPT '97 (Konstanz), Lecture Notes in Comput. Sci., 1233, Springer, Berlin, 1997, 37–51.
doi: 10.1007/3-540-69053-0_4. |
| [7] |
M. Nageler, C. Dobraunig and M. Eichlseder, Information-combining differential fault attacks on DEFAULT, IACR Cryptol. ePrint Arch., (2021). Available from: https://eprint.iacr.org/2021/1374.pdf. |
| [8] |
G. Piret and J.-J. Quisquater, A differential fault attack technique against SPN structures, with application to the AES and KHAZAD, in Cryptographic Hardware and Embedded Systems - CHES 2003, Lecture Notes in Comput. Sci., 2779, Springer, 2003, 77–88.
doi: 10.1007/978-3-540-45238-6_7. |
| [9] |
D. Saha, D. Mukhopadhyay and D. Roy Chowdhury, A diagonal fault attack on the advanced encryption standard., IACR Cryptol. ePrint Arch., (2009). Available from: https://eprint.iacr.org/2009/581.pdf. |
| [10] |
T. Simon, L. Batina, J. Daemen, V. Grosso, P. M. C. Massolino, K. Papagiannopoulos, F. Regazzoni and and N. Samwel, Friet: An authenticated encryption scheme with built-in fault detection, in Advances in Cryptology - EUROCRYPT 2020, Lecture Notes in Comput. Sci., 12105, Springer, Cham, 2020,581–611.
doi: 10.1007/978-3-030-45721-1_21. |
show all references
References:
| [1] |
A. Baksi, Classical and physical security of symmetric key cryptographic algorithms, IFIP/IEEE 29th International Conference on Very Large Scale Integration (VLSI-SoC), Singapore, 2021.
doi: 10.1109/VLSI-SoC53125.2021.9606988. |
| [2] |
A. Baksi, S. Bhasin, J. Breier, M. Khairallah, T. Peyrin, S. Sarkar and S. M. Sim, DEFAULT: Cipher level resistance against differential fault attack, in Advances in Cryptology - ASIACRYPT 2021, Lecture Notes in Comput. Sci., 13091, Springer, 2021,124–156.
doi: 10.1007/978-3-030-92075-3_5. |
| [3] |
S. Banik, S. K. Pandey, T. Peyrin, Y. Sasaki, S. M. Sim and Y. Todo, GIFT: {A} small present, in Cryptographic Hardware and Embedded Systems - CHES 2017, Lecture Notes in Comput. Sci., 10529, Springer, 2017,321–345.
doi: 10.1007/978-3-319-66787-4_16. |
| [4] |
C. Beierle, G. Leander, A. Moradi and S. Rasoolzadeh,
CRAFT: Lightweight tweakable block cipher with efficient protection against DFA attacks, IACR Trans. Symmetric Cryptol., 2019 (2019), 5-45.
doi: 10.46586/tosc.v2019.i1.5-45. |
| [5] |
E. Biham and A. Shamir, Differential fault analysis of secret key cryptosystems, in Advances in Cryptology - CRYPTO '97, Lecture Notes in Comput. Sci., 1294, Springer, 1997,513–525.
doi: 10.1007/BFb0052259. |
| [6] |
D. Boneh, R. A. DeMillo and R. J. Lipton, On the importance of checking cryptographic protocols for faults (extended abstract), in Advances in Cryptology - EUROCRYPT '97 (Konstanz), Lecture Notes in Comput. Sci., 1233, Springer, Berlin, 1997, 37–51.
doi: 10.1007/3-540-69053-0_4. |
| [7] |
M. Nageler, C. Dobraunig and M. Eichlseder, Information-combining differential fault attacks on DEFAULT, IACR Cryptol. ePrint Arch., (2021). Available from: https://eprint.iacr.org/2021/1374.pdf. |
| [8] |
G. Piret and J.-J. Quisquater, A differential fault attack technique against SPN structures, with application to the AES and KHAZAD, in Cryptographic Hardware and Embedded Systems - CHES 2003, Lecture Notes in Comput. Sci., 2779, Springer, 2003, 77–88.
doi: 10.1007/978-3-540-45238-6_7. |
| [9] |
D. Saha, D. Mukhopadhyay and D. Roy Chowdhury, A diagonal fault attack on the advanced encryption standard., IACR Cryptol. ePrint Arch., (2009). Available from: https://eprint.iacr.org/2009/581.pdf. |
| [10] |
T. Simon, L. Batina, J. Daemen, V. Grosso, P. M. C. Massolino, K. Papagiannopoulos, F. Regazzoni and and N. Samwel, Friet: An authenticated encryption scheme with built-in fault detection, in Advances in Cryptology - EUROCRYPT 2020, Lecture Notes in Comput. Sci., 12105, Springer, Cham, 2020,581–611.
doi: 10.1007/978-3-030-45721-1_21. |
Table 1.
DEFAULT permutation
| 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | |
| 0 | 33 | 66 | 99 | 96 | 1 | 34 | 67 | 64 | 97 | 2 | 35 | 32 | 65 | 98 | 3 | 4 | 37 | 70 | 103 | 100 | 5 | 38 | 71 | 68 | 101 | |
| 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | |
| 6 | 39 | 36 | 69 | 102 | 7 | 8 | 41 | 74 | 107 | 104 | 9 | 42 | 75 | 72 | 105 | 10 | 43 | 40 | 73 | 106 | 11 | 12 | 45 | 78 | 111 | |
| 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | |
| 108 | 13 | 46 | 79 | 76 | 109 | 14 | 47 | 44 | 77 | 110 | 15 | 16 | 49 | 82 | 115 | 112 | 17 | 50 | 83 | 80 | 113 | 18 | 51 | 48 | 81 | |
| 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | |
| 114 | 19 | 20 | 53 | 86 | 119 | 116 | 21 | 54 | 87 | 84 | 117 | 22 | 55 | 52 | 85 | 118 | 23 | 24 | 57 | 90 | 123 | 120 | 25 | 58 | 91 | |
| 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | |||
| 88 | 121 | 26 | 59 | 56 | 89 | 122 | 27 | 28 | 61 | 94 | 127 | 124 | 29 | 62 | 95 | 92 | 125 | 30 | 63 | 60 | 93 | 126 | 31 |
| 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | |
| 0 | 33 | 66 | 99 | 96 | 1 | 34 | 67 | 64 | 97 | 2 | 35 | 32 | 65 | 98 | 3 | 4 | 37 | 70 | 103 | 100 | 5 | 38 | 71 | 68 | 101 | |
| 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | |
| 6 | 39 | 36 | 69 | 102 | 7 | 8 | 41 | 74 | 107 | 104 | 9 | 42 | 75 | 72 | 105 | 10 | 43 | 40 | 73 | 106 | 11 | 12 | 45 | 78 | 111 | |
| 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | |
| 108 | 13 | 46 | 79 | 76 | 109 | 14 | 47 | 44 | 77 | 110 | 15 | 16 | 49 | 82 | 115 | 112 | 17 | 50 | 83 | 80 | 113 | 18 | 51 | 48 | 81 | |
| 78 | 79 | 80 | 81 | 82 | 83 | 84 | 85 | 86 | 87 | 88 | 89 | 90 | 91 | 92 | 93 | 94 | 95 | 96 | 97 | 98 | 99 | 100 | 101 | 102 | 103 | |
| 114 | 19 | 20 | 53 | 86 | 119 | 116 | 21 | 54 | 87 | 84 | 117 | 22 | 55 | 52 | 85 | 118 | 23 | 24 | 57 | 90 | 123 | 120 | 25 | 58 | 91 | |
| 104 | 105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | 123 | 124 | 125 | 126 | 127 | |||
| 88 | 121 | 26 | 59 | 56 | 89 | 122 | 27 | 28 | 61 | 94 | 127 | 124 | 29 | 62 | 95 | 92 | 125 | 30 | 63 | 60 | 93 | 126 | 31 |
Table 2.
DEFAULT round constants
| Cipher | Round constants | # of rounds |
| DEFAULT-LAYER | 1, 3, 7, 15, 31, 62, 61, 59, 55, 47, 30, 60, 57, 51, 39, 14, 29, 58, 53, 43, 22, 44, 24, 48, 33, 2, 5, 11 | 28 |
| DEFAULT-CORE | 1, 3, 7, 15, 31, 62, 61, 59, 55, 47, 30, 60, 57, 51, 39, 14, 29, 58, 53, 43, 22, 44, 24, 48 | 24 |
| Cipher | Round constants | # of rounds |
| DEFAULT-LAYER | 1, 3, 7, 15, 31, 62, 61, 59, 55, 47, 30, 60, 57, 51, 39, 14, 29, 58, 53, 43, 22, 44, 24, 48, 33, 2, 5, 11 | 28 |
| DEFAULT-CORE | 1, 3, 7, 15, 31, 62, 61, 59, 55, 47, 30, 60, 57, 51, 39, 14, 29, 58, 53, 43, 22, 44, 24, 48 | 24 |
Table 3.
Toy version's permutation
| 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | |
| 0 | 5 | 10 | 15 | 12 | 1 | 6 | 11 | 8 | 13 | 2 | 7 | 4 | 9 | 14 | 3 |
| 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | |
| 0 | 5 | 10 | 15 | 12 | 1 | 6 | 11 | 8 | 13 | 2 | 7 | 4 | 9 | 14 | 3 |
Table 4.
Comparison of Attack Complexities with changing number of faults for initial version of DEFAULT
| Round | Number of Faults | Attack Complexity |
| Last Round | 64 | |
| Last two rounds | 80 | |
| Last two rounds | 96 | |
| Last two rounds | 112 |
| Round | Number of Faults | Attack Complexity |
| Last Round | 64 | |
| Last two rounds | 80 | |
| Last two rounds | 96 | |
| Last two rounds | 112 |
| [1] |
Nishant Sinha. Internal state recovery of Espresso stream cipher using conditional sampling resistance and TMDTO attack. Advances in Mathematics of Communications, 2021, 15 (3) : 539-556. doi: 10.3934/amc.2020081 |
| [2] |
Tian Ma, Shouhong Wang. Block structure and block stability of two-dimensional incompressible flows. Discrete and Continuous Dynamical Systems - B, 2006, 6 (1) : 169-184. doi: 10.3934/dcdsb.2006.6.169 |
| [3] |
Yinghui Dong, Guojing Wang. The dependence of assets and default threshold with thinning-dependence structure. Journal of Industrial and Management Optimization, 2012, 8 (2) : 391-410. doi: 10.3934/jimo.2012.8.391 |
| [4] |
David Gómez-Ullate, Niky Kamran, Robert Milson. Structure theorems for linear and non-linear differential operators admitting invariant polynomial subspaces. Discrete and Continuous Dynamical Systems, 2007, 18 (1) : 85-106. doi: 10.3934/dcds.2007.18.85 |
| [5] |
Xiaofeng Ren. Shell structure as solution to a free boundary problem from block copolymer morphology. Discrete and Continuous Dynamical Systems, 2009, 24 (3) : 979-1003. doi: 10.3934/dcds.2009.24.979 |
| [6] |
David L. Russell. Coefficient identification and fault detection in linear elastic systems; one dimensional problems. Mathematical Control and Related Fields, 2011, 1 (3) : 391-411. doi: 10.3934/mcrf.2011.1.391 |
| [7] |
Fang Chen, Ning Gao, Yao- Lin Jiang. On product-type generalized block AOR method for augmented linear systems. Numerical Algebra, Control and Optimization, 2012, 2 (4) : 797-809. doi: 10.3934/naco.2012.2.797 |
| [8] |
Edward S. Canepa, Alexandre M. Bayen, Christian G. Claudel. Spoofing cyber attack detection in probe-based traffic monitoring systems using mixed integer linear programming. Networks and Heterogeneous Media, 2013, 8 (3) : 783-802. doi: 10.3934/nhm.2013.8.783 |
| [9] |
Jingwen Wu, Jintao Hu, Hongjiong Tian. Functionally-fitted block $ \theta $-methods for ordinary differential equations. Discrete and Continuous Dynamical Systems - S, 2020, 13 (9) : 2603-2617. doi: 10.3934/dcdss.2020164 |
| [10] |
Qiang Du, M. D. Gunzburger, L. S. Hou, J. Lee. Analysis of a linear fluid-structure interaction problem. Discrete and Continuous Dynamical Systems, 2003, 9 (3) : 633-650. doi: 10.3934/dcds.2003.9.633 |
| [11] |
Irene Márquez-Corbella, Edgar Martínez-Moro. Algebraic structure of the minimal support codewords set of some linear codes. Advances in Mathematics of Communications, 2011, 5 (2) : 233-244. doi: 10.3934/amc.2011.5.233 |
| [12] |
Emine Kaya, Eugenio Aulisa, Akif Ibragimov, Padmanabhan Seshaiyer. A stability estimate for fluid structure interaction problem with non-linear beam. Conference Publications, 2009, 2009 (Special) : 424-432. doi: 10.3934/proc.2009.2009.424 |
| [13] |
Pablo Neme, Jorge Oviedo. A note on the lattice structure for matching markets via linear programming. Journal of Dynamics and Games, 2021, 8 (1) : 61-67. doi: 10.3934/jdg.2021001 |
| [14] |
Emine Kaya, Eugenio Aulisa, Akif Ibragimov, Padmanabhan Seshaiyer. FLUID STRUCTURE INTERACTION PROBLEM WITH CHANGING THICKNESS NON-LINEAR BEAM Fluid structure interaction problem with changing thickness non-linear beam. Conference Publications, 2011, 2011 (Special) : 813-823. doi: 10.3934/proc.2011.2011.813 |
| [15] |
Yuan Guo, Xiaofei Gao, Desheng Li. Structure of the set of bounded solutions for a class of nonautonomous second order differential equations. Communications on Pure and Applied Analysis, 2010, 9 (6) : 1607-1616. doi: 10.3934/cpaa.2010.9.1607 |
| [16] |
T. Caraballo, J. A. Langa, J. Valero. Structure of the pullback attractor for a non-autonomous scalar differential inclusion. Discrete and Continuous Dynamical Systems - S, 2016, 9 (4) : 979-994. doi: 10.3934/dcdss.2016037 |
| [17] |
Beatris Adriana Escobedo-Trujillo, José Daniel López-Barrientos. Nonzero-sum stochastic differential games with additive structure and average payoffs. Journal of Dynamics and Games, 2014, 1 (4) : 555-578. doi: 10.3934/jdg.2014.1.555 |
| [18] |
Beatris Adriana Escobedo-Trujillo, Alejandro Alaffita-Hernández, Raquiel López-Martínez. Constrained stochastic differential games with additive structure: Average and discount payoffs. Journal of Dynamics and Games, 2018, 5 (2) : 109-141. doi: 10.3934/jdg.2018008 |
| [19] |
Elimhan N. Mahmudov. Optimal control of evolution differential inclusions with polynomial linear differential operators. Evolution Equations and Control Theory, 2019, 8 (3) : 603-619. doi: 10.3934/eect.2019028 |
| [20] |
Vu Hoang Linh, Volker Mehrmann. Spectral analysis for linear differential-algebraic equations. Conference Publications, 2011, 2011 (Special) : 991-1000. doi: 10.3934/proc.2011.2011.991 |
2021 Impact Factor: 1.015
Tools
Metrics
Other articles
by authors
[Back to Top]