Fault Analysis of Stream Ciphers

Hoch, Jonathan J.; Shamir, Adi

doi:10.1007/978-3-540-28632-5_18

Cited by 111 publications

(84 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [7], the authors discovered that by stopping one of the LFSR of A5/1, attackers can easily compromise the device. Also in [11], the authors generalize the (Phase Shift) Attack and gave an example on the Shrinking Generator.…”

Section: Timing Analysis On Absgmentioning

confidence: 99%

“…In this paper, we adapt the Phase Shift Attack in [11] and applied it on ABSG. In this attack, we clocked an additional cycle to the input stream and halt the ABSG.…”

Section: Timing Analysis On Absgmentioning

confidence: 99%

“…In [11], Hoch and Shamir considered an input fault attack on a filter function generator where one or more bits of the LFSR are complemented. In this section, we generalize the input fault attack to the ABSG where one or more bits of the input sequence to the ABSG are complemented.…”

Section: Bit Flipping Fault Analysis On Absgmentioning

confidence: 99%

“…The authors of [11] developed a phase-shift fault attack on clock controlled LFSR based stream ciphers. In our second attack, we adapt this attack and show that it can be extended on to ABSG.…”

Section: Introductionmentioning

confidence: 99%

“…In [11], the authors also developed a bit-flipping fault attack on clock controlled LFSR based stream ciphers. In our third attack, we extend this attack to ABSG.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Side Channel Attacks on Irregularly Decimated Generators

Loe

Khoo

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. We investigate three side channel attacks on ABSG, a variant of irregularly decimated generators (IDG). The three attacks are timing analysis, phase-shift fault analysis and bit-flipping fault analysis. We also modify the attacks to non side-channel cryptanalyses, but on the assumption that the key/IV mixing is not well designed. This paper hopes to provide more understanding on actual hardware implementations of IDG as cipher components. Finally, we combine our fault analysis on ABSG with linearization attack to cryptanalze DECIM, an ESTREAM candidate cipher. We manage to reduce the attack complexity from 2 80 to 2 42.5 .

show abstract

Section: Timing Analysis On Absgmentioning

confidence: 99%

“…In this paper, we adapt the Phase Shift Attack in [11] and applied it on ABSG. In this attack, we clocked an additional cycle to the input stream and halt the ABSG.…”

Section: Timing Analysis On Absgmentioning

confidence: 99%

Section: Bit Flipping Fault Analysis On Absgmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

“…In [11], the authors also developed a bit-flipping fault attack on clock controlled LFSR based stream ciphers. In our third attack, we extend this attack to ABSG.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Side Channel Attacks on Irregularly Decimated Generators

Loe

Khoo

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

Predicting and Distinguishing Attacks on RC4 Keystream Generator

Mantin

2005

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract.In this paper we analyze the statistical distribution of the keystream generator used by the stream ciphers RC4 and RC4A. Our first result is the discovery of statistical biases of the digraphs distribution of RC4/RC4A generated streams, where digraphs tend to repeat with short gaps between them. We show how an attacker can use these biased patterns to distinguish RC4 keystreams of 2 26 bytes and RC4A keystreams of 2 26.5 bytes from randomness with success rate of more than 2/3. Our second result is the discovery of a family of patterns in RC4 keystreams whose probabilities in RC4 keystreams are several times their probabilities in random streams. These patterns can be used to predict bits and words of RC4 with arbitrary advantage, e.g., after 2 45 output words a single bit can be predicted with probability of 85%, and after 2 50 output words a single byte can be predicted with probability of 82%, contradicting the unpredictability property of PRNGs.

show abstract