Cryptology ePrint Archive: Report 2009/333

Hard Fault Analysis of Trivium

Yupu Hu and Fengrong Zhang and Yiwei Zhang

Abstract: Fault analysis is a powerful attack to stream ciphers. Up to now, the major idea of fault analysis is to simplify the cipher system by injecting some soft faults. We call it soft fault analysis. As a hardware--oriented stream cipher, Trivium is weak under soft fault analysis. In this paper we consider another type of fault analysis of stream cipher, which is to simplify the cipher system by injecting some hard faults. We call it hard fault analysis. We present the following results about such attack to Trivium. In Case 1 with the probability not smaller than 0.2396, the attacker can obtain 69 bits of 80--bits--key. In Case 2 with the probability not smaller than 0.2291, the attacker can obtain all of 80--bits--key. In Case 3 with the probability not smaller than 0.2291, the attacker can partially solve the key. In Case 4 with non--neglectable probability, the attacker can obtain a simplified cipher, with smaller number of state bits and slower non--linearization procedure. In Case 5 with non--neglectable probability, the attacker can obtain another simplified cipher. Besides, these 5 cases can be checked out by observing the key--stream.

Category / Keywords: secret-key cryptography / Side--channel analysis, fault analysis, stream cipher, Trivium

Date: received 7 Jul 2009

Contact author: yphu at mail xidian edu cn

Available format(s): PDF | BibTeX Citation

Version: 20090709:090930 (All versions of this report)

Short URL: ia.cr/2009/333

Discussion forum: Show discussion | Start new discussion