Protecting block ciphers against differential fault attacks without re-keying

2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) Pub Date : 2018-04-01 DOI:10.1109/HST.2018.8383913

Anubhab Baksi, S. Bhasin, J. Breier, Mustafa Khairallah, Thomas Peyrin

{"title":"Protecting block ciphers against differential fault attacks without re-keying","authors":"Anubhab Baksi, S. Bhasin, J. Breier, Mustafa Khairallah, Thomas Peyrin","doi":"10.1109/HST.2018.8383913","DOIUrl":null,"url":null,"abstract":"In this article, we propose a new method to protect block cipher implementations against Differential Fault Attacks (DFA). Our strategy, so-called “Tweak-in-Plaintext”, ensures that an uncontrolled value ('tweak-in') is inserted into some part of the block cipher plaintext, thus effectively rendering DFA much harder to perform. Our method is extremely simple yet presents many advantages when compared to previous solutions proposed at AFRICACRYPT 2010 or CARDIS 2015. Firstly, we do not need any Tweakable block cipher, nor any related-key security assumption (we do not perform any re-keying). Moreover, performance for lightweight applications is improved, and we do not need to send any extra data. Finally, our scheme can be directly used with standard block ciphers such as AES or PRESENT. Experimental results show that the throughput overheads, for incorporating our scheme into AES-128, range between χ 5% to χ 26.9% for software, and between χ 3.1% to χ 25% for hardware implementations; depending on the tweak-in size.","PeriodicalId":6574,"journal":{"name":"2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","volume":"34 1","pages":"191-194"},"PeriodicalIF":0.0000,"publicationDate":"2018-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/HST.2018.8383913","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 15

Abstract

In this article, we propose a new method to protect block cipher implementations against Differential Fault Attacks (DFA). Our strategy, so-called “Tweak-in-Plaintext”, ensures that an uncontrolled value ('tweak-in') is inserted into some part of the block cipher plaintext, thus effectively rendering DFA much harder to perform. Our method is extremely simple yet presents many advantages when compared to previous solutions proposed at AFRICACRYPT 2010 or CARDIS 2015. Firstly, we do not need any Tweakable block cipher, nor any related-key security assumption (we do not perform any re-keying). Moreover, performance for lightweight applications is improved, and we do not need to send any extra data. Finally, our scheme can be directly used with standard block ciphers such as AES or PRESENT. Experimental results show that the throughput overheads, for incorporating our scheme into AES-128, range between χ 5% to χ 26.9% for software, and between χ 3.1% to χ 25% for hardware implementations; depending on the tweak-in size.

查看原文本刊更多论文

保护分组密码不受差分错误攻击而无需重新输入密钥

在本文中，我们提出了一种保护分组密码实现免受差分故障攻击(DFA)的新方法。我们的策略，所谓的“明文调整”，确保将不受控制的值(“调整”)插入到块密码明文的某些部分，从而有效地使DFA更难执行。我们的方法非常简单，但与之前在2010年AFRICACRYPT或2015年CARDIS提出的解决方案相比，具有许多优势。首先，我们不需要任何可调整的分组密码，也不需要任何相关密钥安全假设(我们不执行任何重新密钥)。此外，轻量级应用程序的性能得到了改进，我们不需要发送任何额外的数据。最后，我们的方案可以直接与AES或PRESENT等标准分组密码一起使用。实验结果表明，将我们的方案纳入AES-128的吞吐量开销在软件实现的χ 5%至χ 26.9%之间，在硬件实现的χ 3.1%至χ 25%之间;取决于调整的大小。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)

自引率

0.00%

发文量