Differential Fault Analysis on Stream Cipher MUGI

被引：1

作者：

Takahashi, Junko ^{[1
,2
]}

Fukunaga, Toshinori ^{[3
]}

Sakiyama, Kazuo ^{[2
]}

机构：

[1] NTT Corp, NTT Informat Sharing Platform Labs, Musashino, Tokyo 1808585, Japan

[2] Univ Electrocommun, Chofu, Tokyo 1828585, Japan

[3] NTT Corp, Technol Planning Dept, Tokyo 1008116, Japan

来源：

IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS COMMUNICATIONS AND COMPUTER SCIENCES | 2012年 / E95A卷 / 01期

关键词：

fault analysis; differential fault analysis (DFA); stream cipher; side-channel analysis; MUGI; ADVANCED ENCRYPTION STANDARD; AES; ATTACK; RABBIT; PART;

D O I：

10.1587/transfun.E95.A.242

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

This paper proposes a differential fault analysis on the stream cipher MUGI, which uses two kinds of update functions of an intermediate state. MUGI was proposed by Hitachi, Ltd. in 2002 and is specified as ISO/IEC 18033-4 for keystream generation. Differential fault analysis (DFA) is a type of fault analysis, which is considered to be a serious threat against secure devices such as smart cards. DFA on MUGI was first proposed at ICISC 2010 [25]; however, the attack condition for the successful attack such as the position into which the fault is injected was restricted. In this paper, we extend the attack methods which are more practical, based on a one-byte and a multi-byte fault models using the relationship between two kinds of update functions that are mutually dependent. In the proposed attack, the attacker can know the position affected by the fault injection even if he has no control of the timing of the fault injection. As a result, a 128-bit secret key can be recovered using 13 pairs of correct and faulty outputs on average.

引用

页码：242 / 251

页数：10

共 50 条

[1] Fault Analysis on Stream Cipher MUGI
Takahashi, Junko
Fukunaga, Toshinori
Sakiyama, Kazuo
INFORMATION SECURITY AND CRYPTOLOGY - ICISC 2010, 2011, 6829 : 420 - +
[2] Differential fault analysis on the stream cipher LEX
Zhang, Zhong-Ya
Guan, Jie
Shanghai Jiaotong Daxue Xuebao/Journal of Shanghai Jiaotong University, 2012, 46 (06): : 865 - 869
[3] Rekeying issues in the MUGI stream cipher
Henricksen, M
Dawson, E
SELECTED AREAS IN CRYPTOGRAPHY, 2006, 3897 : 175 - 188
[4] A weakness of the linear part of stream cipher MUGI
Golic, JD
FAST SOFTWARE ENCRYPTION, 2004, 3017 : 178 - 192
[5] A weakness of the linear part of stream cipher MUGI
Golić, Jovan Dj.
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2004, 3017 : 178 - 192
[6] Differential Fault Attack on the Stream Cipher LIZARD
MA Zhen
TIAN Tian
QI Wenfeng
ChineseJournalofElectronics, 2021, 30 (03) : 534 - 541
[7] Differential Fault Attack on the Stream Cipher LIZARD
Ma Zhen
Tian Tian
Qi Wenfeng
CHINESE JOURNAL OF ELECTRONICS, 2021, 30 (03) : 534 - 541
[8] Differential Distinguishing attack on the Shannon Stream Cipher Based on Fault Analysis
Hassanzadeh, Mehdi M.
Parker, Matthew G.
Helleseth, Tor
Salehani, Y. Esmaeili
Abyaneh, Mohammad R. Sohizadeh
2008 INTERNATIONAL SYMPOSIUM ON TELECOMMUNICATIONS, VOLS 1 AND 2, 2008, : 671 - +
[9] An Improved Differential Fault Attack on the Stream Cipher Espresso
Das, Debendranath
Ghatak, Anirban
Gupta, Indivar
Karati, Sabyasachi
Mandal, Arindam
PROGRESS IN CRYPTOLOGY-INDOCRYPT 2024, PT II, 2025, 15496 : 73 - 89
[10] Differential analysis of stream cipher Phelix
Guan, J. (guanjie007@163.com), 1600, Shanghai Jiaotong University (47):

← 1 2 3 4 5 →