Paper 2016/709

Differential Fault Analysis of SHA3-224 and SHA3-256

Pei Luo, Yunsi Fei, Liwei Zhang, and A. Adam Ding

Abstract

The security of SHA-3 against different kinds of attacks are of vital importance for crypto systems with SHA-3 as the security engine. In this paper, we look into the differential fault analysis of SHA-3, and this is the first work to conquer SHA3-224 and SHA3-256 using differential fault analysis. Comparing with one existing related work, we relax the fault models and make them realistic for different implementation architectures. We analyze fault propagation in SHA-3 under such single-byte fault models, and propose to use fault signatures at the observed output for analysis and secret retrieval. Results show that the proposed method can effectively identify the injected single-byte faults, and then recover the whole internal state of the input of last round $\chi$ operation ($\chi^{22}_i$) for both SHA3-224 and SHA3-256.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Minor revision. The Fault Diagnosis and Tolerance in Cryptography (FDTC) workshop, 2016
Keywords
SHA-3KeccakFault attacks
Contact author(s)
silenceluo @ gmail com
History
2016-07-18: received
Short URL
https://ia.cr/2016/709
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/709,
      author = {Pei Luo and Yunsi Fei and Liwei Zhang and A.  Adam Ding},
      title = {Differential Fault Analysis of SHA3-224 and SHA3-256},
      howpublished = {Cryptology ePrint Archive, Paper 2016/709},
      year = {2016},
      note = {\url{https://eprint.iacr.org/2016/709}},
      url = {https://eprint.iacr.org/2016/709}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.