Differential Fault Attack on the Stream Cipher LIZARD

MA Zhen; TIAN Tian; QI Wenfeng

doi:10.1049/cje.2021.04.007

Volume 30 Issue 3

May 2021

Turn off MathJax

Article Contents

Article Navigation > Chinese Journal of Electronics > 2021 > 30(3): 534-541

MA Zhen, TIAN Tian, QI Wenfeng, “Differential Fault Attack on the Stream Cipher LIZARD,” Chinese Journal of Electronics, vol. 30, no. 3, pp. 534-541, 2021, doi: 10.1049/cje.2021.04.007

Citation:

MA Zhen, TIAN Tian, QI Wenfeng, “Differential Fault Attack on the Stream Cipher LIZARD,” Chinese Journal of Electronics, vol. 30, no. 3, pp. 534-541, 2021, doi: 10.1049/cje.2021.04.007

MA Zhen, TIAN Tian, QI Wenfeng, “Differential Fault Attack on the Stream Cipher LIZARD,” Chinese Journal of Electronics, vol. 30, no. 3, pp. 534-541, 2021, doi: 10.1049/cje.2021.04.007

Citation:

MA Zhen, TIAN Tian, QI Wenfeng, “Differential Fault Attack on the Stream Cipher LIZARD,” Chinese Journal of Electronics, vol. 30, no. 3, pp. 534-541, 2021, doi: 10.1049/cje.2021.04.007

PDF( 308 KB)

Differential Fault Attack on the Stream Cipher LIZARD

doi: 10.1049/cje.2021.04.007

National Digital Switching System Engineering Technological Research Center, P.O. Box 407, 62 Kexue Road, Zhengzhou, 450001, China

Funds:

This work is supported by the National Natural Science Foundation of China (No.61521003, No.61672533, No. 61602510).

Received Date: 2017-11-27

Abstract

Abstract

n this paper, we try to give a security evaluation of LIZARD stream cipher in regard to fault attacks, which, to the best of our knowledge, is the first fault analysis on LIZARD. We design a differential engine of LIZARD to track the differential trail of the keystreams. It is shown that the distributions of the keystream differences are heavily biased. Utilizing this characteristic, we propose an improved method to identify the fault location for LIZARD whose success probability approaches 1. Then we use the fault-free keystream and faulty keystreams to generate system of equations in internal state variables and solve it by SAT solver. The result shows that with 100 keystream bits, only 6 different faults are needed to recover the internal state. Finally, the comparison between LIZARD and Grain v1 shows that LIZARD is more resistable than Grain v1 in regard to fault attacks.
- Cryptanalysis,
- stream cipher,
- fault attack,
- SAT solver,
- LIZARD

FullText(HTML)

References(20)

References

M. Hamann, M. Krause and W. Meier. “LIZARD - A lightweight stream cipher for power-constrained devices”. IACR Transactions on Symmetric Cryptology, Tokyo, Japan, pp. 45–79, March 2017.

M. Hamann and M. Krause. “Stream cipher operation modes with improved security against generic collision attacks”. http://eprint.iacr.org/2015/757, 2017-4-24.

E. Biham and A. Shamir. “Differential fault analysis of secret key cryptosystems”. Proc. of Advances in Cryptology — CRYPTO ’97, Santa Barbara, California, USA, pp. 513-525, August 1997.

D. Boneh, R. A. DeMillo and R. J. Lipton. “On the importance of checking cryptographic protocols for faults”. Proc. of Advances in Cryptology — EUROCRYPT ’ 97, Konstanz, Germany, pp. 37-51, May 1997.

J. J. Hoch and A. Shamir. “Fault Analysis of Stream Ciphers”. Proc. of Cryptographic Hardware and Embedded Systems - CHES 2004, MA, USA, pp. 1-20, August 2004.

S.P. Skorobogatov. “Optically enhanced position-locked power analysis”. Proc. of Cryptographic Hardware and Embedded Systems - CHES 2006, Yokohama, Japan, pp. 61-75, October 2006.

S.P. Skorobogatov and R. J. Anderson. “Optical fault induction attacks”. Proc. of Cryptographic Hardware and Embedded Systems - CHES 2002, San Francisco Bay, USA, pp. 2-12, August 2002.

A. Barenghi, L. Breveglieri and I. Koren, et al. “Fault injection attacks on cryptographic devices: theory, practice, and countermeasures”. Proc. of IEEE, pp. 3053-3055, November 2012.

S. Banik and S. Maitra. “Improved differential fault attack on MICKEY 2.0”. Journal of Cryptographic Engineering, Vol. 5, No. 1, pp.13-29, 2005.

M. Hojsík and B. Rudolf. “Differential fault analysis of Trivium”. Proc. of FSE 2008, Lausanne, Switzerland, pp. 158- 172, February 2008.

M. Hojsík and B. Rudolf. “Floating fault analysis of trivium”. Proc. of Progress in Cryptology - INDOCRYPT 2008, Kharagpur, India, pp. 239-250, December 2008.

Y. Hu, J. Gao, Q. Liu. et al. “Fault analysis of Trivium”. Designs, Codes and Cryptography, Vol. 62, No. 3, pp. 289- 311, 2012.

S. Banik, S. Maitra and S. Sarkar. “A differential fault attack on the Grain family of stream ciphers”. Proc. of Cryptographic Hardware and Embedded Systems - CHES 2012, Leuven, Belgium, pp. 122-139, September 2012.

S. Banik, S. Maitra and S. Sarkar. “A differential fault attack on the Grain family under reasonable assumptions”. Proc. of Progress in Cryptology - INDOCRYPT 2012, Chennai, India, pp. 191-208, December 2011.

S. Sarkar, S. Banik and S. Maitra. “Differential fault attack against Grain family with very few faults and minimal assumptions”. IEEE Transactions on Computers, Vol. 64, No. 6, pp. 1647-1657, 2015.

M. Soos. “Cryptominisat-2.9.6”, http://www.msoos.org/cryptminisat2/, 2017-4-24.

C. Ye, T. Tian. “Multi-bit differential fault analysis of Grain v1”. Journal of Cryptologic Research, Vol. 3, No. 3, pp. 258- 269, 2016.

B. Zhang, Z. Li., D. Feng, et al. “Near collision attack on the Grain v1 stream cipher”. Proc. of Fast Software Encryption 2013, London, UK, pp. 518-538, March 2014.

A. Berzati, C. Canovas, G. Castagnos, et al. “Fault analysis of Grain-128”. Proc. of IEEE International Workshop on Hardware-Oriented Security and Trust 2009, pp. 7-14, 2009.

S. Karmakar, and D. Roy Chowdhury. “Fault analysis of Grain-128 by targeting NFSR”. Proc. of International Conference on Progress in Cryptology in Africa 2011, Dakar, Senegal, pp. 298-315, July 2011.

Relative Articles

Supplements(0)

Cited By

Proportional views