Fault analysis of the KATAN family of block ciphers

Authors:
Shekh Faisal Abdul-Latip;Mohammad Reza Reyhanitabar;Willy Susilo;Jennifer Seberry
Affiliations:
Centre for Computer and Inf. Security Research, School of Computer Science and Software Eng., Univ. of Wollongong, Australia and Information Security and Digital Forensics Lab (INSFORLAB), Faculty ...;Centre for Computer and Information Security Research, School of Computer Science and Software Engineering, University of Wollongong, Australia;Centre for Computer and Information Security Research, School of Computer Science and Software Engineering, University of Wollongong, Australia;Centre for Computer and Information Security Research, School of Computer Science and Software Engineering, University of Wollongong, Australia
Venue:
ISPEC'12 Proceedings of the 8th international conference on Information Security Practice and Experience
Year:
2012

Citing 10
Cited 1

Self-testing/correcting with applications to numerical problems

STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
Differential Fault Analysis of Secret Key Cryptosystems

CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Optical Fault Induction Attacks

CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Differential Fault Analysis of Trivium

Fast Software Encryption
Floating Fault Analysis of Trivium

INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
Cube Attacks on Tweakable Black Box Polynomials

EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
KATAN and KTANTAN -- A Family of Small and Efficient Hardware-Oriented Block Ciphers

CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
On the importance of checking cryptographic protocols for faults

EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Extended cubes: enhancing the cube attack by extracting low-degree non-linear equations

Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Fault analysis of the KATAN family of block ciphers

ISPEC'12 Proceedings of the 8th international conference on Information Security Practice and Experience

Fault analysis of the KATAN family of block ciphers

ISPEC'12 Proceedings of the 8th international conference on Information Security Practice and Experience

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper, we investigate the security of the KATAN family of block ciphers against differential fault attacks. KATAN consists of three variants with 32, 48 and 64-bit block sizes, called KATAN32, KATAN48 and KATAN64, respectively. All three variants have the same key length of 80 bits. We assume a single-bit fault injection model where the adversary is supposed to be able to corrupt a single random bit of the internal state of the cipher and this fault injection process can be repeated (by resetting the cipher); i.e., the faults are transient rather than permanent. First, we determine suitable rounds for effective fault injections by analyzing distributions of low-degree (mainly, linear and quadratic) polynomial equations obtainable using the cube and extended cube attack techniques. Then, we show how to identify the exact position of faulty bits within the internal state by precomputing difference characteristics for each bit position at a given round and comparing these characteristics with ciphertext differences (XOR of faulty and non-faulty ciphertexts) during the online phase of the attack. The complexity of our attack on KATAN32 is 259 computations and about 115 fault injections. For KATAN48 and KATAN64, the attack requires 255 computations (for both variants), while the required number of fault injections is 211 and 278, respectively.