Cryptographic Significance of the Carry for Ciphers Based on Integer Addition
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Differential Fault Analysis of Secret Key Cryptosystems
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
New Stream Cipher Designs
A Cache Timing Analysis of HC-256
Selected Areas in Cryptography
Differential Fault Analysis of Rabbit
Selected Areas in Cryptography
On the importance of checking cryptographic protocols for faults
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Differential fault analysis of Sosemanuk
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
A theoretical analysis of the structure of HC-128
IWSEC'11 Proceedings of the 6th International conference on Advances in information and computer security
Improved distinguishers for HC-128
Designs, Codes and Cryptography
Differential fault analysis of full LBlock
COSADE'12 Proceedings of the Third international conference on Constructive Side-Channel Analysis and Secure Design
Analysis of xorrotation with application to an HC-128 variant
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
SPACE'12 Proceedings of the Second international conference on Security, Privacy, and Applied Cryptography Engineering
Fault analysis study of the block cipher FOX64
Multimedia Tools and Applications
Optimized GPU implementation and performance analysis of HC series of stream ciphers
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
Hi-index | 0.00 |
HC-128 is a high speed stream cipher with a 128-bit secret key and a 128-bit initialization vector. It has passed all the three stages of the ECRYPT stream cipher project and is a member of the eSTREAM software portfolio. In this paper, we present a differential fault analysis attack on HC-128. The fault model in which we analyze the cipher is the one in which the attacker is able to fault a random word of the inner state of the cipher but cannot control its exact location nor its new faulted value. To perform the attack, we exploit the fact that some of the inner state words in HC-128 may be utilized several times without being updated. Our attack requires about 7968 faults and recovers the complete internal state of HC-128 by solving a set of 32 systems of linear equations over Z2 in 1024 variables.