Paper 2016/623

EnCounter: On Breaking the Nonce Barrier in Differential Fault Analysis with a Case-Study on PAEQ

Dhiman Saha and Dipanwita Roy Chowdhury


This work exploits internal differentials within a cipher in the context of Differential Fault Analysis (DFA). This in turn overcomes the nonce barrier which acts as a natural counter-measure against DFA. We introduce the concept of internal differential fault analysis which requires only one faulty ciphertext. In particular, the analysis is applicable to parallelizable ciphers that use the counter-mode. As a proof of concept we develop an internal differential fault attack called EnCounter on PAEQ which is an AES based parallelizable authenticated cipher presently in the second round of on-going CAESAR competition. The attack is able to uniquely retrieve the key of three versions of full-round PAEQ of key-sizes 64, 80 and 128 bits with complexities of about $2^{16}$, $2^{16}$ and $2^{50}$ respectively. Finally, this work addresses in detail the instance of fault analysis with varying amounts of partial state information and also presents the first analysis of PAEQ.

Available format(s)
Publication info
Published by the IACR in CHES 2016
fault analysisauthenticated encryptionPAEQinternal differentialAESQnonceAES
Contact author(s)
saha dhiman @ gmail com
drc @ cse iitkgp ernet in
2016-06-17: received
Short URL
Creative Commons Attribution


      author = {Dhiman Saha and Dipanwita Roy Chowdhury},
      title = {EnCounter: On Breaking the Nonce Barrier in Differential Fault Analysis with a Case-Study on PAEQ},
      howpublished = {Cryptology ePrint Archive, Paper 2016/623},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.