Paper 2017/717
Fault Attacks on XEX Mode with Application to certain Authenticated Encryption Modes
Hassan Qahur Al Mahri, Leonie Simpson, Harry Bartlett, Ed Dawson, and Kenneth Koon-Ho Wong
Abstract
The XOR-Encrypt-XOR (XEX) block cipher mode was introduced by Rogaway in 2004. XEX mode uses nonce-based secret masks $(L)$ that are distinct for each message. The existence of secret masks in XEX mode prevents the application of conventional fault attack techniques, such as differential fault analysis. This work investigates other types of fault attacks against XEX mode that either eliminate the effect of the secret masks or retrieve their values. Either of these outcomes enables existing fault attack techniques to then be applied to recover the secret key. To estimate the success rate and feasibility, we ran simulations for ciphertext-only fault attacks against 128-bit AES in XEX mode. The paper discusses also the relevance of the proposed fault attacks to certain authenticated encryption modes based on XEX, such as OCB2, OTR, COPA, SHELL and ElmD. Finally, we suggest effective countermeasures to provide resistance to these fault attacks.
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. Springer International Publishing AG 2017
- DOI
- 10.1007/978-3-319-60055-0_15
- Keywords
- side channel analysisfault attackauthenticated encryptionblock cipher modeXEX
- Contact author(s)
- hassan mahri @ hdr qut edu au
- History
- 2017-07-27: received
- Short URL
- https://ia.cr/2017/717
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2017/717,
author = {Hassan Qahur Al Mahri and Leonie Simpson and Harry Bartlett and Ed Dawson and Kenneth Koon-Ho Wong},
title = {Fault Attacks on {XEX} Mode with Application to certain Authenticated Encryption Modes},
howpublished = {Cryptology {ePrint} Archive, Paper 2017/717},
year = {2017},
doi = {10.1007/978-3-319-60055-0_15},
url = {https://eprint.iacr.org/2017/717}
}
