A differential fault attack on grain-128a using MACs

Authors:
Subhadeep Banik;Subhamoy Maitra;Santanu Sarkar
Affiliations:
Applied Statistics Unit, Indian Statistical Institute, Kolkata, India;Applied Statistics Unit, Indian Statistical Institute, Kolkata, India;Applied Statistics Unit, Indian Statistical Institute, Kolkata, India
Venue:
SPACE'12 Proceedings of the Second international conference on Security, Privacy, and Applied Cryptography Engineering
Year:
2012

Citing 13
Cited 1

Optical Fault Induction Attacks

CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Related-Key Chosen IV Attacks on Grain-v1 and Grain-128

ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Fault analysis of GRAIN-128

HST '09 Proceedings of the 2009 IEEE International Workshop on Hardware-Oriented Security and Trust
A framework for chosen IV statistical analysis of stream ciphers

INDOCRYPT'07 Proceedings of the cryptology 8th international conference on Progress in cryptology
Chosen IV statistical analysis for key recovery attacks on stream ciphers

AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
Analysis of Grain's initialization algorithm

AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
Breaking Grain-128 with dynamic cube attacks

FSE'11 Proceedings of the 18th international conference on Fast software encryption
Fault analysis of grain-128 by targeting NFSR

AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
Grain-128a: a new version of Grain-128 with optional authentication

International Journal of Wireless and Mobile Computing
Optically enhanced position-locked power analysis

CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
Cryptanalysis of grain

FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
An experimentally verified attack on full grain-128 using dedicated reconfigurable hardware

ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
A differential fault attack on the grain family of stream ciphers

CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems

A differential fault attack on MICKEY 2.0

CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

The 32-bit MAC of Grain-128a is a linear combination of the first 64 and then the alternative keystream bits. In this paper we describe a successful differential fault attack on Grain-128a, in which we recover the Secret Key by observing the correct and faulty MACs of certain chosen messages. The attack works due to certain properties of the Boolean functions and corresponding choices of the taps from the LFSR. We present methods to identify the fault locations and then construct a set of linear equations to obtain the contents of the LFSR and the NFSR. Our attack requires less than 211 fault injections and invocations of less than 212 MAC generation routines.