Differential Fault Analysis of SHA-3 Under Relaxed Fault Models

Luo, Pei; Fei, Yunsi; Zhang, Liwei; Ding, A. Adam

doi:10.1007/s41635-017-0011-4

Cited by 7 publications

(7 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Attacks do exist, but only simulated ones: [23] show that differential fault analysis (DFA) can be used to recover the complete state in around 80 faults on average, if the attacker is able to inject single-bit faults in the input of the penultimate round (i.e., θ 22 i ), though they rely on brute-forcing the last few bits. According to [24] (itself an extension of [25]), this is around 500 single-bit random faults for the whole state. [24] generalize the attack to a single-byte fault model, recovering the state in around 120 random faults.…”

Section: B Attacking Sha-3 In Practicementioning

confidence: 99%

Genetic Algorithm-Based Electromagnetic Fault Injection

Maldini

Samwel

Picek

et al. 2018

2018 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC)

View full text Add to dashboard Cite

Electromagnetic fault injection (EMFI) is a powerful active attack, requiring minimal modifications of the device under attack while having excellent penetration capabilities. The number of possible parameter combinations when characterizing an attack is usually huge, rendering exhaustive search impossible. In this work we present a novel evolutionary algorithm for optimizing the parameters for EM fault injection, which outperforms previous search methods for EMFI. The cryptographic device under attack is treated as a black box, with only a few very general assumptions on its inner workings. We test our evolutionary algorithm by attacking SHA-3 where we are able to obtain 40 times more faulty measurements and 20 times more distinct fault measurements than the random search. When coupled with the algebraic fault attack, we get 25% more exploitable faults per individual measurement.

show abstract

Section: B Attacking Sha-3 In Practicementioning

confidence: 99%

Genetic Algorithm-Based Electromagnetic Fault Injection

Maldini

Samwel

Picek

et al. 2018

2018 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC)

View full text Add to dashboard Cite

show abstract

“…These types of attacks are also called side-channel attacks. One example of a side-channel attack is differential fault analysis (DFA), which is commonly used with cryptographic hash functions [128]- [131]. The principle of the attack is to push errors or faults with unforeseen environmental conditions into the cryptographic implementation to reveal its internal state.…”

Section: A Lwchf Cryptographic Propertiesmentioning

confidence: 99%

Lightweight Cryptographic Hash Functions: Design Trends, Comparative Study, and Future Directions

et al. 2022

View full text Add to dashboard Cite

The emergence of the Internet of Things (IoT) has enabled billions of devices that collect large amounts of data to be connected. Therefore, IoT security has fundamental requirements. One critical aspect of IoT security is data integrity. Cryptographic hash functions are cryptographic primitives that provide data integrity services. However, due to the limitations of IoT devices, existing cryptographic hash functions are not suitable for all IoT environments. As a result, researchers have proposed various lightweight cryptographic hash function algorithms. In this paper, we discuss advanced lightweight cryptographic hash functions for highly constrained devices, categorize design trends, analyze cryptographic aspects and cryptanalytic attacks, and present a comparative analysis of different hardware and software implementations. In the final section of this paper, we highlight present research challenges and suggest future research topics related to the design of lightweight cryptographic hash functions.

show abstract

“…The authors show that differential fault analysis (DFA) can be used to recover the complete state in around 80 faults on average if the attacker is able to inject single-bit faults in the input of the penultimate round (i.e., θ 22 i ), though they rely on brute-forcing the last few bits. According to [16] (itself an extension of [15]), this is around 500 singlebit random faults for the whole state. The work in [16] generalizes the attack to a single-byte fault model, recovering the state in around 120 random faults.…”

Section: Sha-3 Attack In Practicementioning

confidence: 99%

“…According to [16] (itself an extension of [15]), this is around 500 singlebit random faults for the whole state. The work in [16] generalizes the attack to a single-byte fault model, recovering the state in around 120 random faults. Algebraic fault analysis (AFA) seems more promising.…”

Section: Sha-3 Attack In Practicementioning

confidence: 99%

See 1 more Smart Citation

Optimizing Electromagnetic Fault Injection with Genetic Algorithms

Maldini

Samwel

Picek

et al. 2019

Automated Methods in Cryptographic Fault Analysis

View full text Add to dashboard Cite

Article 25fa pilot End User AgreementThis publication is distributed under the terms of Article 25fa of the Dutch Copyright Act (Auteurswet) with explicit consent by the author. Dutch law entitles the maker of a short scientific work funded either wholly or partially by Dutch public funds to make that work publicly available for no consideration following a reasonable period of time after the work was first published, provided that clear reference is made to the source of the first publication of the work.This publication is distributed under The Association of Universities in the Netherlands (VSNU) 'Article 25fa implementation' pilot project. In this pilot research outputs of researchers employed by Dutch Universities that comply with the legal requirements of Article 25fa of the Dutch Copyright Act are distributed online and free of cost or other barriers in institutional repositories. Research outputs are distributed six months after their first online publication in the original published version and with proper attribution to the source of the original publication.You are permitted to download and use the publication for personal purposes. All rights remain with the author(s) and/or copyrights owner(s) of this work. Any use of the publication other than authorised under this licence or copyright law is prohibited.If you believe that digital publication of certain material infringes any of your rights or (privacy) interests, please let the Library know, stating your reasons. In case of a legitimate complaint, the Library will make the material inaccessible and/or remove it from the website.

show abstract

Differential Fault Analysis of SHA-3 Under Relaxed Fault Models

Cited by 7 publications

References 26 publications

Genetic Algorithm-Based Electromagnetic Fault Injection

Genetic Algorithm-Based Electromagnetic Fault Injection

Lightweight Cryptographic Hash Functions: Design Trends, Comparative Study, and Future Directions

Optimizing Electromagnetic Fault Injection with Genetic Algorithms

Contact Info

Product

Resources

About