Anubhab Baksi, S. Bhasin, J. Breier, Mustafa Khairallah, Thomas Peyrin
{"title":"保护分组密码不受差分错误攻击而无需重新输入密钥","authors":"Anubhab Baksi, S. Bhasin, J. Breier, Mustafa Khairallah, Thomas Peyrin","doi":"10.1109/HST.2018.8383913","DOIUrl":null,"url":null,"abstract":"In this article, we propose a new method to protect block cipher implementations against Differential Fault Attacks (DFA). Our strategy, so-called “Tweak-in-Plaintext”, ensures that an uncontrolled value ('tweak-in') is inserted into some part of the block cipher plaintext, thus effectively rendering DFA much harder to perform. Our method is extremely simple yet presents many advantages when compared to previous solutions proposed at AFRICACRYPT 2010 or CARDIS 2015. Firstly, we do not need any Tweakable block cipher, nor any related-key security assumption (we do not perform any re-keying). Moreover, performance for lightweight applications is improved, and we do not need to send any extra data. Finally, our scheme can be directly used with standard block ciphers such as AES or PRESENT. Experimental results show that the throughput overheads, for incorporating our scheme into AES-128, range between χ 5% to χ 26.9% for software, and between χ 3.1% to χ 25% for hardware implementations; depending on the tweak-in size.","PeriodicalId":6574,"journal":{"name":"2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","volume":"34 1","pages":"191-194"},"PeriodicalIF":0.0000,"publicationDate":"2018-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"15","resultStr":"{\"title\":\"Protecting block ciphers against differential fault attacks without re-keying\",\"authors\":\"Anubhab Baksi, S. Bhasin, J. Breier, Mustafa Khairallah, Thomas Peyrin\",\"doi\":\"10.1109/HST.2018.8383913\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In this article, we propose a new method to protect block cipher implementations against Differential Fault Attacks (DFA). Our strategy, so-called “Tweak-in-Plaintext”, ensures that an uncontrolled value ('tweak-in') is inserted into some part of the block cipher plaintext, thus effectively rendering DFA much harder to perform. Our method is extremely simple yet presents many advantages when compared to previous solutions proposed at AFRICACRYPT 2010 or CARDIS 2015. Firstly, we do not need any Tweakable block cipher, nor any related-key security assumption (we do not perform any re-keying). Moreover, performance for lightweight applications is improved, and we do not need to send any extra data. Finally, our scheme can be directly used with standard block ciphers such as AES or PRESENT. Experimental results show that the throughput overheads, for incorporating our scheme into AES-128, range between χ 5% to χ 26.9% for software, and between χ 3.1% to χ 25% for hardware implementations; depending on the tweak-in size.\",\"PeriodicalId\":6574,\"journal\":{\"name\":\"2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)\",\"volume\":\"34 1\",\"pages\":\"191-194\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-04-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"15\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/HST.2018.8383913\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/HST.2018.8383913","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Protecting block ciphers against differential fault attacks without re-keying
In this article, we propose a new method to protect block cipher implementations against Differential Fault Attacks (DFA). Our strategy, so-called “Tweak-in-Plaintext”, ensures that an uncontrolled value ('tweak-in') is inserted into some part of the block cipher plaintext, thus effectively rendering DFA much harder to perform. Our method is extremely simple yet presents many advantages when compared to previous solutions proposed at AFRICACRYPT 2010 or CARDIS 2015. Firstly, we do not need any Tweakable block cipher, nor any related-key security assumption (we do not perform any re-keying). Moreover, performance for lightweight applications is improved, and we do not need to send any extra data. Finally, our scheme can be directly used with standard block ciphers such as AES or PRESENT. Experimental results show that the throughput overheads, for incorporating our scheme into AES-128, range between χ 5% to χ 26.9% for software, and between χ 3.1% to χ 25% for hardware implementations; depending on the tweak-in size.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
