Random Fault Attacks on a Class of Stream Ciphers

Bartlett, Harry; Dawson, Ed; Mahri, Hassan Musallam Ahmed Qahur Al; Salam, Iftekhar; Simpson, Leonie; Wong, Kenneth Koon-Ho

doi:10.1155/2019/1680263

Cited by 11 publications

(5 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Fault attacks can pose a significant threat to a wide range of industries, including banking, defense, and critical infrastructure. They have been shown to be a powerful technique against many modern ciphers; for examples of fault attacks on stream ciphers, refer to the provided references [14,15,[15][16][17][18][19][20][21][22][23] . Fault attacks can be measured by four parameters: the fault type, duration, number, and precision [4,24] .…”

Section: Fault Attackmentioning

confidence: 99%

Improved differential fault analysis of Grain128-AEAD

Fang,

Salam,

Yau

2024

Journal of Surveillance, Security and Safety

View full text Add to dashboard Cite

The number of smart devices connected to the Internet has been constantly increasing, and as a result, lightweight cryptography (LWC) has become more important in the past decade. The Lightweight Cryptography (LWC) Project is an initiative taken by the National Institute of Standards and Technology (NIST) to standardize such LWC algorithms. Grain128-AEAD, which was submitted to the NIST LWC project, is an encryption algorithm that provides both confidentiality and integrity assurance. Third-party security analysis of the submitted ciphers is an important aspect of the evaluation of the submission to the NIST LWC project. Although several pieces of existing research, such as the bit-flipping attack, random fault attack, and deterministic random fault attack, have examined the security of Grain128-AEAD, there is still room for improvement in the fault attack models of these studies. This work aims to fill this research gap by analyzing the security margin of Grain128-AEAD against a series of improved differential fault attacks. In this study, we developed a probabilistic random fault attack and applied it to Grain128-AEAD. As an improvement of the existing research, a probabilistic approach can be applied to a more relaxed moderate control attack model. The existing moderate control model assumes the fault to be injected within any bit of a given byte, whereas the faults in our improved approach can be injected within any bits of a two-byte/four-byte segment, thereby relaxing the fault precision. The results indicate that the improved moderate control requires 388 keystreams for the two-byte model and 279 for the four-byte model to identify the target fault locations for implementing a state recovery attack. The relaxed fault attack models presented in this work are more practical to implement; hence, the findings of this research have improved the existing studies and narrowed the current research gap on the fault attack models of Grain128-AEAD. % To maintain consistency in terminology, "Grain-128AEAD" has been revised to "Grain128-AEAD" in both the abstract and the main text. Please confirm this revision.

show abstract

Section: Fault Attackmentioning

confidence: 99%

Improved differential fault analysis of Grain128-AEAD

Fang,

Salam,

Yau

2024

Journal of Surveillance, Security and Safety

View full text Add to dashboard Cite

show abstract

“…Therefore, the PLR becomes weaker, reducing the number of vehicle nodes in our traffic VANET. By comparing it with the FLIP scheme [80], the two proposed schemes offer a lower PLR. Also, with the same load conditions, the two proposed schemes (SDN) and (SPS) are better in terms of PLR compared to the Identity-Based Conditional Privacy-Preserving Authentication Scheme (IBCPA) [81].…”

Section: Figure 10 Packet Delivery Ratio (Pdr)mentioning

confidence: 99%

Toward the Design of an Efficient and Secure System Based on the Software-Defined Network Paradigm for Vehicular Networks

Alaya

Sellami

2023

IEEE Access

View full text Add to dashboard Cite

The advent of Intelligent Transport Systems (ITS) has led to the appearance of vehicles increasingly connected to their environment on global road networks. Due to the strict requirements for low latency and secure interactions in a vehicular environment, the proposal of new architectures is a crucial topic for discussion. This paper aims to develop a vehicular network using several access technologies based on SDN (Software Defined Network) paradigm, to take advantage of the capacities of the various access networks and provide flexibility in their control and management. Confidentiality, integrity, and authentication are essential services to prevent an adversary from compromising the security of vehicular networks. Therefore, good security and privacy management system is necessary to ensure this protection. We represent then a hybrid SDN-VANET architecture that can address all of the challenges we mentioned earlier. We are in the process of implementing a dynamic approach to optimize the positioning of controllers according to changes in network topology due to fluctuations in road traffic. We will also detail the topology estimation service based on machine learning techniques to provide network control functions with potential insight into the future state of the network, unlocking proactive and intelligent network control. We also provide a scheme that prevents and informs about basic and compound attacks and reacts to the privacy and security conditions of the vehicular network, managing the requirements of security management systems. The simulation results showed the effectiveness of the proposed schemes in terms of message loss rates, packet delivery rates (PDR), Round Trip Time (RTT), and delays. With used our scheme, the performance of the network is improved when SDN triggers the change of the RSU entity. Such as, we notice that the average RTT is lowered by 68 ms and that the PDR remains around 94%. We also notice with the integration of the security and privacy scheme (SPS) that the performance of the network is improved, the average RTT is reduced by 51 ms and the PDR persists around 99%.

show abstract

“…functions to identify target fault registers. To illustrate the probabilistic random fault attack, consider the keystream function given by Equation (10). Assume that an adversary injects a random fault at the register s 383 14 .…”

Section: ) Attack Descriptionmentioning

confidence: 99%

“…This technique has been used to analyze the CAESAR candidates Tiaoxin-346 and AEGIS and the NIST LWC candidate TRIAD (see [9], [10], [22]). Note that in the works cited above, the impact of the fault is random but the attack still requires precise information about fault timing and location.…”

Section: ) Attack Descriptionmentioning

confidence: 99%

“…Precise control refers to an attack variant that assumes that an adversary can choose the fault location. This kind of attacks is adapted from the works of Salam et al [9], [22] and Bartlett et al [10]. Precise control means that we are able to choose a specific register R t and keep injecting a random fault e precisely to R t until z j ⊕ z j,Rt = 1.…”

Section: ) Precise Control On Fault Target Registermentioning

confidence: 99%

See 1 more Smart Citation

Random Differential Fault Attacks on the Lightweight Authenticated Encryption Stream Cipher Grain-128AEAD

et al. 2021

View full text Add to dashboard Cite

Grain-128AEAD is a lightweight authenticated encryption stream cipher and one of the finalists in the National Institute of Standards and Technology (NIST) Lightweight Cryptography (LWC) project. This paper provides an independent third-party analysis of Grain-128AEAD against fault attacks. We investigate the application of three differential fault attack models on Grain-128AEAD. All these attacks can recover the initial state of Grain-128AEAD. First, we demonstrate an attack using a bit-flipping fault that requires access to 2 7.80 faulty outputs to recover the initial state. Then, we demonstrate an attack with a more relaxed assumption of a random fault with a probabilistic approach. Our probabilistic random fault attack requires access to 2 11.60 faulty outputs and 2 10.45 fault injections to recover the initial state with a success rate over 99%. Both of the above two attacks are based on precise control on the fault target. Finally, we apply a random fault attack with a deterministic approach (can conclusively determine the random fault value) and using different precision controls. For the precise control, we use existing approaches that have been applied to other ciphers, such as Tiaoxin-346. We also propose a technique for less stringent precision models, such as moderate control and no control, which are more practical than the precise control. Our result indicates that the deterministic random fault attack with a precise control requires an average of 2 7.64 fault injections and a data complexity of 2 8.80 . The deterministic random fault attack with moderate control requires a weak assumption on the fault injection and hence, is the best attack presented in this paper; and is expected to require about 2 9.39 fault injections with a data complexity of about 2 12.98 . All the attacks discussed in this paper are verified experimentally.

show abstract

Random Fault Attacks on a Class of Stream Ciphers

Cited by 11 publications

References 11 publications

Improved differential fault analysis of Grain128-AEAD

Improved differential fault analysis of Grain128-AEAD

Toward the Design of an Efficient and Secure System Based on the Software-Defined Network Paradigm for Vehicular Networks

Random Differential Fault Attacks on the Lightweight Authenticated Encryption Stream Cipher Grain-128AEAD

Contact Info

Product

Resources

About