Optical Fault Induction Attacks
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Related-Key Chosen IV Attacks on Grain-v1 and Grain-128
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
HST '09 Proceedings of the 2009 IEEE International Workshop on Hardware-Oriented Security and Trust
A framework for chosen IV statistical analysis of stream ciphers
INDOCRYPT'07 Proceedings of the cryptology 8th international conference on Progress in cryptology
Chosen IV statistical analysis for key recovery attacks on stream ciphers
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
Analysis of Grain's initialization algorithm
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
Breaking Grain-128 with dynamic cube attacks
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Fault analysis of grain-128 by targeting NFSR
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
Grain-128a: a new version of Grain-128 with optional authentication
International Journal of Wireless and Mobile Computing
Optically enhanced position-locked power analysis
CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
An experimentally verified attack on full grain-128 using dedicated reconfigurable hardware
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
A differential fault attack on the grain family of stream ciphers
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
A differential fault attack on MICKEY 2.0
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
Hi-index | 0.00 |
The 32-bit MAC of Grain-128a is a linear combination of the first 64 and then the alternative keystream bits. In this paper we describe a successful differential fault attack on Grain-128a, in which we recover the Secret Key by observing the correct and faulty MACs of certain chosen messages. The attack works due to certain properties of the Boolean functions and corresponding choices of the taps from the LFSR. We present methods to identify the fault locations and then construct a set of linear equations to obtain the contents of the LFSR and the NFSR. Our attack requires less than 211 fault injections and invocations of less than 212 MAC generation routines.