Cryptology ePrint Archive: Report 2017/088

A Differential Fault Attack on Plantlet

Subhamoy Maitra, Akhilesh Siddhanti

Abstract: Lightweight stream ciphers have received serious attention in the last few years. The present design paradigm considers very small state (less than twice the key size) and use of the secret key bits during pseudo-random stream generation. One such effort, Sprout, had been proposed two years back and it was broken almost immediately. After carefully studying these attacks, a modified version named Plantlet has been designed very recently. While the designers of Plantlet do not provide any analysis on fault attack, we note that Plantlet is even weaker than Sprout in terms of Differential Fault Attack (DFA). Our investigation, following the similar ideas as in the analysis against Sprout, shows that we require only around 4 faults to break Plantlet by DFA in a few hours time. While fault attack is indeed difficult to implement and our result does not provide any weakness of the cipher in normal mode, we believe that these initial results will be useful for further understanding of Plantlet.

Category / Keywords: Cryptanalysis, Fault Attack, Plantlet, Stream Cipher

Date: received 3 Feb 2017, last revised 4 Feb 2017

Contact author: subho at isical ac in

Available format(s): PDF | BibTeX Citation

Version: 20170210:150723 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]