Volume 27 Issue 6
Turn off MathJax
Article Contents
Article Navigation >  Chinese Journal of Electronics  > 2018  >  27(6): 1277-1282
FENG Jingyi, CHEN Hua, GAO Si, et al., “Fault Analysis on a New Block Cipher DBlock with at Most Two Fault Injections,” Chinese Journal of Electronics, vol. 27, no. 6, pp. 1277-1282, 2018, doi: 10.1049/cje.2018.09.003
Citation: FENG Jingyi, CHEN Hua, GAO Si, et al., “Fault Analysis on a New Block Cipher DBlock with at Most Two Fault Injections,” Chinese Journal of Electronics, vol. 27, no. 6, pp. 1277-1282, 2018, doi: 10.1049/cje.2018.09.003
shu

Fault Analysis on a New Block Cipher DBlock with at Most Two Fault Injections

doi: 10.1049/cje.2018.09.003
  • 1.

    Trusted Computing and Information Assurance Laboratory, Institute of Software Chinese Academy of Sciences, Beijing 100190, China;

  • 2.

    University of Chinese Academy of Sciences, Beijing 100080, China

Funds:  This work is supported by the National Basic Research Program of China (973 Program) (No.2013CB338002).
  • Received Date: 2016-04-14
  • Rev Recd Date: 2016-09-18
  • Publish Date: 2018-11-10
    Abstract
  • DBlock is a new family of block ciphers proposed by Wu et al. in Science China in 2015, which consists of three variants specified as DBlock-128/192/256. DBlock-n employs a 20-round Feistel-type structure with n-bit block size and n-bit key size. We propose the first fault analysis on DBlock and show that no more than 2 pairs of correct/faulty ciphertexts are needed to retrieve the master key. In the attack, a byte-oriented fault is injected in round 16, and three properties including differential distribution of the Sbox, bijection nature of the linear function and Feistel-type key scheduling are fully utilized to distinguish between the correct and wrong keys. A fault position guessing strategy based on known intermediates is adopted, which efficiently makes the known-fault attack apply to the random fault model. The experimental results show that, with a pair of ciphertexts, 11.820-bit exhaustive search is needed to derive the whole 128-bit key on average. With 2 pairs of ciphertexts, the unique key can be determined within 6.5 minutes.
    • FullText(HTML)
  • loading
    • References(15)
  • D. Boneh, R.A. DeMillo and R.J. Lipton, “On the importance of checking cryptographic protocols for faults”, Advances in Cryptology-EUROCRYPT 97, Vol.1233 of Lecture Notes in Computer Science, pp.37-51, 1997.
    E. Biham and A. Shamir, “Differential fault analysis of secret key cryptosystems”, Advances in Cryptology-CRYPTO 97, Vol.1294 of Lecture Notes in Computer Science, pp.513-525, 1997.
    G. Piret and J.J. Quisquater, “A differential fault attack technique against spn structures, with application to the aes and khazad”, Proc. of Cryptographic Hardware and Embedded Systems-CHES 2003, Vol.2779 of Lecture Notes in Computer Science, pp.77-88, 2003.
    C. Chen and S. Yen, “Differential fault analysis on AES key schedule and some countermeasures”, Information Security and Privacy, Vol.2727 of Lecture Notes in Computer Science, pp.118-129, 2003.
    P. Dusart, G. Letourneux and O. Vivolo, “Differential fault analysis on AES”, Applied Cryptography and Network SecurityACNS 2003, Lecture Notes in Computer Science, Vol.2846 pp.293-306, 2003.
    L. Hemme, “A differential fault attack against early rounds of (triple-) DES”, Proc. of Cryptographic Hardware and Embedded Systems-CHES 2004, Lecture Notes in Computer Science, Vol.3156, pp.254-267, 2004.
    H. Chen, W. Wu and D. Feng, “Differential fault analysis on CLEFIA”, Information and Communications Security, Vol.4861 of Lecture Notes in Computer Science, pp.284-295, 2007.
    Y. Zhou, W. Wu, N. Xu, et al., “Differential fault attack on camellia”, Chinese Journal of Electronics, Vol.18, No.1, pp.13-19, 2009.
    I. Biehl, B. Meyer and V. Müller, “Differential fault attacks on elliptic curve cryptosystems”, Advances in CryptologyCRYPTO 2000, Lecture Notes in Computer Science, Vol.1880, pp.131-146, 2000.
    E. Biham, L. Granboulan and P.Q. Nguyên, “Impossible fault analysis of RC4 and differential fault analysis of RC4”, Proc. of Fast Software Encryption-FSE 2005, Lecture Notes in Computer Science, Vol.3557, pp.359-367, 2005.
    M. Hojsík and B. Rudolf, “Differential fault analysis of trivium”, Proc. of Fast Software Encryption-FSE 2008, Lecture Notes in Computer Science, Vol.5086, pp.158-172, 2008.
    W. Wu, L. Zhang and X. Yu, “The DBlock family of block ciphers”, Science China Information Sciences, Vol.58, No.3, pp.1-14, 2015.
    E. Biham and A. Shamir, “Differential cryptanalysis of DES-like cryptosystems”, Journal of Cryptology, Vol.4, No.1, pp.3-72, 1991.
    R. Li, B. Sun, C. Li, et al., “Differential fault analysis on SMS4 using a single fault”, Information Processing Letters, Vol.111, No.4, pp.156-163, 2011.
    R. Li and C. Jin, “Meet-in-the-middle attacks on 10-round AES-256”, Designs, Codes and Cryptography, Vol.80, No.3, pp.459-471, 2016.
    • Relative Articles
    • Supplements(0)
    • Cited By
  • 加载中

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索
    Get Citation
    PDF
    XML

    Article Metrics

    Article views (700) PDF downloads(200) Cited by()
    Proportional views
    Related

    Links

    IEEE CJE Homepage CNKI Chinese Institute of Electronics Journal of Semiconductors
    E-mail Alert RSS

    Chinese Journal of Electronics

    (Bimonthly)

    ISSN    1022-4653CN  10-1284/TN

    eISSN  2075-5597CODEN CHJEEW

    CJE QR CODE

    CIE QR CODE

    Copyright © Editorial Office of Chinese Journal of Electronics | 京ICP备12041980号-1 | Supported by: Beijing Renhe Information Technology Co. Ltd  

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return