TY - JOUR
T1 - Efficient DFA on SPN-based block ciphers and its application to the LED block cipher
AU - Ueno, Rei
AU - Homma, Naofumi
AU - Aoki, Takafumi
N1 - Publisher Copyright:
Copyright © 2015 The Institute of Electronics, Information and Communication Engineers.
PY - 2015/1/1
Y1 - 2015/1/1
N2 - This paper presents an efficient method for differential fault analysis (DFA) on substitution-permutation network (SPN)-based block ciphers. A combination of a permutation cancellation and an algebraic key filtering technique makes it possible to reduce the computational cost of key filtering significantly and therefore perform DFAs with new fault models injected at an earlier round, which defeats conventional countermeasures duplicating or recalculating the rounds of interest. In this paper, we apply the proposed DFA to the LED block cipher. Whereas existing DFAs employ fault models injected at the 30th round, the proposed DFA first employs a fault model injected at the 29th round. We demonstrate that the proposed DFA can obtain the key candidates with only one pair of correct and faulty ciphertexts in about 2.1 h even from the 29th round fault model and the resulting key space is reduced to 24.04
AB - This paper presents an efficient method for differential fault analysis (DFA) on substitution-permutation network (SPN)-based block ciphers. A combination of a permutation cancellation and an algebraic key filtering technique makes it possible to reduce the computational cost of key filtering significantly and therefore perform DFAs with new fault models injected at an earlier round, which defeats conventional countermeasures duplicating or recalculating the rounds of interest. In this paper, we apply the proposed DFA to the LED block cipher. Whereas existing DFAs employ fault models injected at the 30th round, the proposed DFA first employs a fault model injected at the 29th round. We demonstrate that the proposed DFA can obtain the key candidates with only one pair of correct and faulty ciphertexts in about 2.1 h even from the 29th round fault model and the resulting key space is reduced to 24.04
KW - Differential fault analysis
KW - Fault injection attack
KW - LED block cipher
KW - Lightweight cryptography
KW - Substitutionpermutation network
UR - http://www.scopus.com/inward/record.url?scp=84924544982&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84924544982&partnerID=8YFLogxK
U2 - 10.1587/transfun.E98.A.182
DO - 10.1587/transfun.E98.A.182
M3 - Article
AN - SCOPUS:84924544982
SN - 0916-8508
VL - E98A
SP - 182
EP - 191
JO - IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
JF - IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
IS - 1
ER -