Differential Power Analysis of Stream Ciphers

Fischer, Wieland; Gammel, Berndt M.; Kniffler, Oliver; Velten, Jorg

doi:10.1007/11967668_17

Cited by 45 publications

(38 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Side-channel analysis of stream ciphers [1] is a class of novel attacks by combining physical and mathematical methods, including fault analysis [2], power analysis [3], timing analysis, etc. In the class of side-channel analysis, fault analysis is a powerful attack.…”

Section: A Background and Results Of Our Workmentioning

confidence: 99%

Hard fault analysis of Trivium

Zhang

2013

Information Sciences

View full text Add to dashboard Cite

Abstract-Fault analysis is a powerful attack to stream ciphers. Up to now, the major idea of fault analysis is to simplify the cipher system by injecting some soft faults. We call it soft fault analysis. As a hardware-oriented stream cipher, Trivium is weak under soft fault analysis.In this paper we consider another type of fault analysis of stream cipher, which is to simplify the cipher system by injecting some hard faults. We call it hard fault analysis. We present the following results about such attack to Trivium. In Case 1 with the probability not smaller than 0.2396, the attacker can obtain 69 bits of 80-bits-key. In Case 2 with the probability not smaller than 0.2291, the attacker can obtain all of 80-bits-key. In Case 3 with the probability not smaller than 0.2291, the attacker can partially solve the key. In Case 4 with non-neglectable probability, the attacker can obtain a simplified cipher, with smaller number of state bits and slower non-linearization procedure. In Case 5 with non-neglectable probability, the attacker can obtain another simplified cipher. Besides, these 5 cases can be checked out by observing the keystream.

show abstract

Section: A Background and Results Of Our Workmentioning

confidence: 99%

Hard fault analysis of Trivium

Zhang

2013

Information Sciences

View full text Add to dashboard Cite

show abstract

“…Hence, nothing can be said about the general vulnerability. However, a secure implementation against power-analysis attacks usually leads to a high overhead in the area and power consumption [21] which commonly depends on the number of flip-flops used [29]. Therefore, the resources required for a secure implementation even increase the necessity of developing a stream cipher solutions which require as few flipflops as possible.…”

Section: Security Discussionmentioning

confidence: 99%

On Lightweight Stream Ciphers with Shorter Internal States

Armknecht

Mikhalev

2015

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. To be resistant against certain time-memory-data-tradeoff (TMDTO) attacks, a common rule of thumb says that the internal state size of a stream cipher should be at least twice the security parameter. As memory gates are usually the most area and power consuming components, this implies a sever limitation with respect to possible lightweight implementations. In this work, we revisit this rule. We argue that a simple shift in the established design paradigm, namely to involve the fixed secret key not only in the initialization process but in the keystream generation phase as well, enables stream ciphers with smaller area size for two reasons. First, it improves the resistance against the mentioned TMDTO attacks which allows to choose smaller state sizes. Second, one can make use of the fact that storing a fixed value (here: the key) requires less area size than realizing a register of the same length. We demonstrate the feasibility of this approach by describing and implementing a concrete stream cipher Sprout which uses significantly less area than comparable existing lightweight stream ciphers.

show abstract

“…They have attracted much attention since the beginning of the eSTREAM project in 2004. Although there is vast literature about DPA on implementations of block ciphers and public key algorithms, only few publications can be found about DPA attacks on stream ciphers ( [2], [3], [4], [8], [13], [14]). …”

Section: Introductionmentioning

confidence: 99%

“…It was first reported by Kocher et al in 1998 that the power consumption of a smart card could reveal the secret key of the cryptographic algorithm [1]. DPA is a well-known and thoroughly studied threat for implementations of block ciphers (DES and AES), public key algorithms (RSA) and recently stream ciphers (Grain and Trivium [4]). …”

Section: Introductionmentioning

confidence: 99%

On DPA-Resistive Implementation of FSR-based Stream Ciphers using SABL Logic Styles

Atani

Mirzakuchaki

Atani

et al. 2008

INT J COMPUT COMMUN

View full text Add to dashboard Cite

Abstract:The threat of DPA attacks is of crucial importance when designing cryptographic hardware. This contribution discusses the DPA-resistant implementation of two eS-TREAM finalists using SABL logic styles. Particularly, two Feedback Shift Register (FSR) based stream ciphers, Grain v.1 and Trivium are designed in both BSim3 130nm and typical 350nm technologies and simulated by HSpice software. Circuit simulations and statistical power analysis show that DPA resistivity of SABL implementation of both stream ciphers has a major improvement. The paper presents the tradeoffs involved in the circuit design and the design for performance issues.

show abstract

Differential Power Analysis of Stream Ciphers

Cited by 45 publications

References 7 publications

Hard fault analysis of Trivium

Hard fault analysis of Trivium

On Lightweight Stream Ciphers with Shorter Internal States

On DPA-Resistive Implementation of FSR-based Stream Ciphers using SABL Logic Styles

Contact Info

Product

Resources

About