Fault Space Transformation: A Generic Approach to Counter Differential Fault Analysis and Differential Fault Intensity Analysis on AES-Like Block Ciphers.

on AES-like block ciphers. ... Classical fault attacks such as Differential Fault Analysis (DFA) as well as biased fault attacks such as the Differential Fault Intensity Analysis (DFIA) have been a major threat to cryptosystems in recent ... The authors would like to acknowledge the Information Security and Education Awareness (ISEA) projec and the Institute Seed Grant (NGI) for partial funding of the work. P.P. ...

doi:10.1109/tifs.2016.2646638 fatcat:n3gft4xljbdsxmpz2lapjgk5oq

In particular, the paper focuses on a linear tweak based and a non-linear tweak based version of a recently proposed block cipher DRECON. ... Side channel analysis and active fault analysis are now major threats to even mathematically robust cryptographic algorithms that are otherwise resistant to classical cryptanalysis. ... as Differential Fault Analysis (DFA) and Differential Fault Intensity Analysis (DFIA) on cryptographic devices have raised serious security issues. ...

doi:10.1109/vlsid.2016.58 dblp:conf/vlsid/PatranabisRM16 fatcat:nhbgmuzg75bznmnr56apv2qu64

In this paper, we propose an automation for evaluating the exploitability status of fault instances from block ciphers, mainly in the context of Differential Fault Analysis (DFA) attacks. ... As a proof-of-concept, we reconstruct some known attack examples on AES and PRESENT using the framework and finally analyze a recently proposed cipher GIFT [BPP+17] for the first time. ... We are also grateful to the anonymous reviewers for their insightful comments and suggestions. ...

doi:10.13154/tches.v2018.i2.242-276 dblp:journals/tches/SahaMD18 fatcat:sbosttvpazflzmxb7xn2lt5o24

DOAJ OJS

Implementation approaches at two levels were adopted to provide a proof of concept: a board level and a Multiprocessor System-on-Chip (MPSoC) level. ... To detect faults in the nodes, a fault management scheme specifically designed to support the cooperative task-oriented distributed computing concept is proposed and employed, which is referred to as Adaptive ... ) Optional RC4(AES in 802.11i) AES Block Cipher(CTR, counter mode) EO Stream Cipher Topology Infrastructure/ Ad hoc Infrastructure/A d hoc Star/ Mesh/Cluster Tree Point-to-point, point-to ...

doi:10.1016/j.asr.2016.08.017 fatcat:szoac6aiwvbs3d2dyh5smxsgqa

Cryptographic circuits are employed to protect these data from unauthorized access and manipulation. Fault-based attacks are a relatively new threat to system integrity. ... In the recent years, a large number of fault-based attacks and countermeasures to protect cryptographic circuits against them have been developed. ... Fault-based analysis approaches have been published for block ciphers [27] , [28] , stream ciphers [29] , [30] and asymmetric ciphers [31] , [32] . ...

doi:10.1109/ddecs.2013.6549781 dblp:conf/ddecs/PolianK13 fatcat:463ms2z3draxdkuox4i72ib7fi

Our evaluation of VPsec demonstrates its efficacy in countering fault attacks, as well as its ability to retain the performance benefits of VP on cryptographic workloads, such as OpenSSL, and non-cryptographic ... We present Value Prediction for Security (VPsec), a novel hardware-only framework to counter fault attacks in modern microprocessors, while preserving the performance benefits of Value Prediction (VP.) ... In general, not all vulnerable locations in a block cipher are equal from a fault attack perspective [24] . ...

doi:10.3390/cryptography2040027 fatcat:gm6zkl7kcngwbibolka76rv53a

DOAJ

at http://doi.org/10. 1007/978-3-662-53140-2_11 and includes mathematical foundations, a generalization of the DCA attack and the treatment of differential fault attacks. © International Association for ... We introduce the differential computation analysis (DCA) attack which is the software counterpart of the differential power * This is an extended version of the article published by Springer-Verlag available ... In 2008, the cryptanalytic results for WB-DES and WB-AES were generalized to any substitution linear-transformation (SLT) cipher [63] . ...

doi:10.1007/s00145-019-09315-1 fatcat:23twlwuwuzgi7isnyh2uonu3v4

We show how this approach can be applied to 3-bit, 4-bit, and 5-bit S-boxes and the AES S-box. ... Although this approach may lead to a higher implementation cost due to the fine-grained detection needed, it can be used to protect arbitrary circuits and can be generalized to cover multi-fault SIFA. ... BMVIT, BMWFW, Styria and Carinthia. ...

doi:10.13154/tches.v2020.i3.508-543 dblp:journals/tches/DaemenDEGMP20 fatcat:hccwbufl3benbouluvzgsq5riu

DOAJ OJS

While scaling is generally thought of as beneficial to the resulting implementations, this does not hold for secure electronic design. ... This seminar facilitated the discussion between security experts at different abstraction levels in order to uncover the links between scaling and the resulting security. ... We would like to evaluate the physical security of crypto across integration and technology. We consider two cases: 1. cache attacks ,2. fault injection attacks. ...

doi:10.4230/dagrep.6.8.65 dblp:journals/dagstuhl-reports/BatinaBSS16 fatcat:qya6rznvonbi7pfic7ocbxwkea

The random generation step is founded on the public key sharing and a changing point G. Then, the AES-CTR is performed to these sequences using arbitrary keys for image encryption. ... In the cryptographic system, we have proposed to take advantage of the Elliptic Curve Random Generator to generate a sequence of arbitrary numbers based on the curve. ... The goal of this work is to perform authentication and encryption using a Cipher Block Chaining Message Authentication code protocol (CCMP) and a counter (CTR) protocol. ...

doi:10.5772/intechopen.95511 fatcat:mxhaj4ntend4nlvwn4wtpaofd4

Open Access

analysis, statistical fault attack (SFA), fault sensitivity analysis, or differential fault intensity analysis (DFIA). ... The vast majority of the literature on fault attacks focuses on the ability of fault attacks to change an intermediate value to a faulty one, such as differential fault analysis (DFA), collision fault ... Fault Space Transformation Fault Space Transformation (FST), is a novel fault countermeasure proposed by Patranabis et al. [PCMC17] . ...

doi:10.13154/tches.v2018.i3.547-572 dblp:journals/tches/DobraunigEKMMP18 fatcat:35zuujcdbrervfgexlnumuvazu

DOAJ OJS

We explain the purpose and advantage of SimpliFI, describe automation of the simulation framework, and apply SimpliFI on a BRISC-V embedded processor running an AES application. ... We present SimpliFI, a simulation methodology to test fault attacks on embedded software using a hardware simulation of the processor running the software. ... Differential Fault Analysis (DFA) attacks on AES have been shown to be effective for a number of points in the algorithm. ...

doi:10.3390/cryptography5020015 fatcat:zjo6ea5tenc43ezyro4ircilyi

DOAJ

Progresses over the last 10 years have improved their capabilities to the point where they can hold a complete System on a Chip (SoC) and thus become an attractive platform for an increasing number of ... In this chapter, we take another look at them and review a number of important recent results related to security IPs and IP security in modern reconfigurable devices. ... key generation, and a block cipher used for symmetric encryption and software authentication. ...

doi:10.1007/978-1-4614-7915-4_9 fatcat:bp2upohaffe4nl5qlx3gykrncm

AES [15, 37] is maybe one of the most elegant balance between efficiency and security for a 128-bit block size. ... This is comparable to the fastest stream ciphers and notably faster than the best known implementations of most block ciphers on the same processor. ... Acknowledgments We would like to thank Olivier Brique, Jérôme Perrine and Corinne Le Buhan Jordan for their kind support during this work. ...

doi:10.1007/978-3-642-03317-9_17 fatcat:ryfw6dnmdfbuxbihqjc4o3pfzy

This observation raises interesting challenges for developing block ciphers with better properties regarding leakage-resilience. ... In practice, pseudorandom functions are among the most important such primitives, because they are stateless and do not require a secure initialization as, e.g. stream ciphers. ... In addition, there is a simple and general trick to increase the amount of bytes to guess after the MixColumns transform. Namely, one just has to switch the order of MixColumns and AddRoundKey. ...

doi:10.1007/978-3-642-33027-8_12 fatcat:zcsby2htsjezvhzithkrgkinca

Fault Space Transformation: A Generic Approach to Counter Differential Fault Analysis and Differential Fault Intensity Analysis on AES-Like Block Ciphers

Preserved Fulltext

Using Tweaks to Design Fault Resistant Ciphers

Preserved Fulltext

ExpFault: An Automated Framework for Exploitable Fault Characterization in Block Ciphers

Preserved Fulltext

Survey and future directions of fault-tolerant distributed computing on board spacecraft

Preserved Fulltext

Fault-based attacks on cryptographic hardware

Preserved Fulltext

Improving Performance and Mitigating Fault Attacks Using Value Prediction

Preserved Fulltext

White-Box Cryptography: Don't Forget About Grey-Box Attacks

Preserved Fulltext

Protecting against Statistical Ineffective Fault Attacks

Preserved Fulltext

Foundations of Secure Scaling (Dagstuhl Seminar 16342)

Preserved Fulltext

Hybrid Encryption Model Based on Advanced Encryption Standard and Elliptic Curve Pseudo Random [chapter]

Preserved Fulltext

SIFA: Exploiting Ineffective Fault Inductions on Symmetric Cryptography

Preserved Fulltext

SimpliFI: Hardware Simulation of Embedded Software Fault Attacks

Preserved Fulltext

A Survey of Recent Results in FPGA Security and Intellectual Property Protection [chapter]

Preserved Fulltext

Revisiting the IDEA Philosophy [chapter]

Preserved Fulltext

Towards Super-Exponential Side-Channel Security with Efficient Leakage-Resilient PRFs [chapter]

Preserved Fulltext