## Cryptology ePrint Archive: Report 2014/954

Algebraic Fault Analysis of Katan

Frank Quedenfeld

Abstract: This paper presents a new and more realistic model for fault attacks and statistical and algebraic techniques to improve fault analysis in general. Our algebraic techniques is an adapted solver for systems of equations based on ElimLin and XSL. We use these techniques to introduce two new fault attacks on the hardware oriented block cipher Katan32 from the Katan family of block ciphers. We are able to break full Katan using $4$ faults and $2^{29.04}$ Katan evaluations with a theoretical statistical fault attack and $7.19$ faults in $2^{27.2}$ Katan evaluations with a tested algebraic one. This is a great improvement over the existing fault attacks which need $115$ and $140$ faults respectively. Furthermore, our algebraic attack can be executed on a normal computer.

Category / Keywords: Katan, ElimLin, equation solving over $\F_2$, fault analysis, algebraic fault attack, filter for improved guessing, differential fault attack