A Comprehensive Study of Algebraic Fault Analysis on PRINCE  

作　　者：ZHANG Fan ZHAO Xinjie GUO Shize SHEN Jizhong HUANG Jing HU Zijie 

机构地区：[1]College of Information Science and Electrical Engineering,Zhejiang University [2]The Institute of North Electronic Equipment [3]System Control Department of No.61541 Unit

出　　处：《China Communications》2015年第7期127-141,共15页中国通信（英文版）

基　　金：supported in part by the Major State Basic Research Development Program (973 Plan) of China under thegrant 2013CB338004;the National Natural Science Foundation of China under the grants 61173191, 61271124, 61272491, 61309021, 61472357;by the Zhejiang Provincial Natural Science Foundation of China under the grant LY13F010001;by the Fundamental Research Funds for the Central Universities under the grant 2015QNA5005

摘　　要：PRINCE is a 64-bit lightweight block cipher with a 128-bit key published at ASIACRYPT 2012. Assuming one nibble fault is injected, previous different fault analysis(DFA) on PRINCE adopted the technique from DFA on AES and current results are different. This paper aims to make a comprehensive study of algebraic fault analysis(AFA) on PRINCE. How to build the equations for PRINCE and faults are explained. Extensive experiments are conducted. Under nibble-based fault model, AFA with three or four fault injections can succeed within 300 seconds with a very high probability. Under other fault models such as byte-based, half word-based, word-based fault models, the faults become overlapped in the last round and previous DFAs are difficult to work. Our results show that AFA can still succeed to recover the full master key. To evaluate security of PRINCE against fault attacks, we utilize AFA to calculate the reduced entropy of the secret key for given amount of fault injections. The results can interpret and compare the efficiency of previous work. Under nibble-based fault model, the master key of PRINCE can be reduced to 29.69 and 236.10 with 3 and 2 fault injections on average, respectively.PRINCE is a 64-bit lightweight block cipher with a 128-bit key published at ASIACRYPT 2012. Assuming one nibble fault is injected, previous different fault analysis（DFA） on PRINCE adopted the technique from DFA on AES and current results are different. This paper aims to make a comprehensive study of algebraic fault analysis（AFA） on PRINCE. How to build the equations for PRINCE and faults are explained. Extensive experiments are conducted. Under nibble-based fault model, AFA with three or four fault injections can succeed within 300 seconds with a very high probability. Under other fault models such as byte-based, half word-based, word-based fault models, the faults become overlapped in the last round and previous DFAs are difficult to work. Our results show that AFA can still succeed to recover the full master key. To evaluate security of PRINCE against fault attacks, we utilize AFA to calculate the reduced entropy of the secret key for given amount of fault injections. The results can interpret and compare the efficiency of previous work. Under nibble-based fault model, the master key of PRINCE can be reduced to 29.69 and 236.10 with 3 and 2 fault injections on average, respectively.

关 键 词：algebraic fault analysis PRINCE Crypto Mini SAT 

分 类 号：TN918.4[电子电信—通信与信息系统]