A New Version of the Stream Cipher SNOW
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
Differential Fault Analysis of Secret Key Cryptosystems
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Linear Cryptanalysis of Bluetooth Stream Cipher
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Cryptanalysis of Block Ciphers with Overdefined Systems of Equations
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Optical Fault Induction Attacks
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
On the importance of checking cryptographic protocols for faults
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Extending the resynchronization attack
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
Impossible fault analysis of RC4 and differential fault analysis of RC4
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
The conditional correlation attack: a practical attack on bluetooth encryption
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
ICISS'07 Proceedings of the 3rd international conference on Information systems security
Differential fault analysis of Sosemanuk
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
The ANF of the composition of addition and multiplication mod 2n
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Secret key leakage from public key perturbation of DLP-Based cryptosystems
Cryptography and Security
Fault analysis study of the block cipher FOX64
Multimedia Tools and Applications
| Hi-index | 0.00 |
Fault attacks are powerful cryptanalytic tools that are applicable to many types of cryptosystems. Recently, general techniques have been developed which can be used to attack many standard constructions of stream ciphers based on LFSR's. Some more elaborated methods have been invented to attack RC4. These fault attacks are not applicable in general to combiners with memory. In this paper, techniques are developed that specifically allow to attack this class of stream ciphers. These methods are expected to work against any LFSR-based construction that uses only a small memory and few input bits in its output function. In particular, efficient attacks are described against the stream cipher E0 used in Bluetooth, either by inducing faults in the memory or in one of its LFSR's. In both cases, the outputs derived from the faulty runs finally allow to describe the secret key by a system of linear equations. Computer simulations showed that inducing 12 faults sufficed in most cases if about 2500 output bits were available. Another specific fault attack is developed against the stream cipher SNOW 2.0, whose output function has a 64-bit memory. Similar to E0, the secret key is finally the solution of a system of linear equations. We expect that one fault is enough if about 212 output words are known.