Baksi, Anubhab, Bhasin, Shivam, Breier, Jakub, Khairallah, Mustafa, Peyrin, Thomas, Sarkar, Sumanta and Sim, Siang Meng (2021) DEFAULT : cipher level resistance against differential fault attack. In: Asiacrypt 2021 : the 27th Annual International Conference on the Theory and Application of Cryptology and Information Security, Virtual, 6-10 Dec 2021. Published in: Lecture Notes in Computer Science, 13091 ISSN 0302-9743. doi:10.1007/978-3-030-92075-3_5

Preview

PDF WRAP-DEFAULT-cipher-level-resistance-against-differential-fault-attack-Sarkar-2021.pdf - Unspecified Version - Requires a PDF viewer. Download (859Kb) | Preview

Request Changes to record.

Abstract

Differential Fault Analysis (DFA) is a well known cryptanalytic tech- nique that exploits faulty outputs of an encryption device. Despite its popularity and similarity with the classical Differential Analysis (DA), a thorough analysis explaining DFA from a designer’s point-of-view is missing in the literature. To the best of our knowledge, no DFA immune block cipher at an algorithmic level has been proposed so far. Furthermore, all known DFA countermeasures somehow depend on the device/protocol or on the implementation such as duplication/comparison. As all of these are outside the scope of the cipher designer, we focus on designing a primitive which can protect from DFA on its own. We present the first concept of cipher level DFA resistance which does not rely on any device/protocol related assumption, nor does it depend on any form of duplication. Our construction is simple, software/hardware friendly and DFA security scales up with the state size. It can be plugged before and/or after (almost) any symmetric key cipher and will ensure a non-trivial search complexity against DFA. One key component in our DFA protection layer is an SBox with linear structures. Such SBoxes have never been used in cipher design as they generally perform poorly against differential attacks. We argue that they in fact represent an interesting trade-off between good cryptographic properties and DFA resistance. As a proof of concept, we construct a DFA protecting layer, named DEFAULT-LAYER, as well as a full-fledged block cipher DEFAULT. Our solutions compare favorably to the state-of-the-art, offering advantages over the sophisticated duplication based solutions like impeccable circuits/CRAFT or infective countermeasures.

Item Type:	Conference Item (Paper)
Subjects:	Q Science > QA Mathematics > QA76 Electronic computers. Computer science. Computer software Z Bibliography. Library Science. Information Resources > Z004 Books. Writing. Paleography
Divisions:	Faculty of Science, Engineering and Medicine > Science > Computer Science
Library of Congress Subject Headings (LCSH):	Data encryption (Computer science), Cryptography, Computer security, Fault-tolerant computing, Ciphers
Journal or Publication Title:	Lecture Notes in Computer Science
Publisher:	Springer
ISSN:	0302-9743
Official Date:	2021
Dates:	Date Event 2021 Available 20 September 2021 Accepted
Volume:	13091
DOI:	10.1007/978-3-030-92075-3_5
Status:	Peer Reviewed
Publication Status:	Published
Publisher Statement:	© IACR 2021. This article is the final version submitted by the author(s) to the IACR and to Springer-Verlag on Sep 20 2021. The version published by Springer-Verlag is available at https://www.springer.com/gp/computer-science/lncs
Access rights to Published version:	Restricted or Subscription Access
Conference Paper Type:	Paper
Title of Event:	Asiacrypt 2021 : the 27th Annual International Conference on the Theory and Application of Cryptology and Information Security
Type of Event:	Conference
Location of Event:	Virtual
Date(s) of Event:	6-10 Dec 2021
Related URLs:	Publisher Organisation

Request changes or add full text files to a record

Repository staff actions (login required)

View Item

Downloads