Cryptology ePrint Archive: Report 2017/1073

One Plus One is More than Two: A Practical Combination of Power and Fault Analysis Attacks on PRESENT and PRESENT-like Block Ciphers

Sikhar Patranabis and Jakub Breier and Debdeep Mukhopadhyay and Shivam Bhasin

Abstract: We present the first practically realizable side-channel assisted fault attack on PRESENT, that can retrieve the last round key efficiently using single nibble faults. The attack demonstrates how side-channel leakage can allow the adversary to precisely determine the fault mask resulting from a nibble fault injection instance. We first demonstrate the viability of such an attack model via side-channel analysis experiments on top of a laser-based fault injection setup, targeting a PRESENT-80 implementation on an ATmega328P microcontroller. Subsequently, we present a differential fault analysis (DFA) exploiting the knowledge of the output fault mask in the target round to recover multiple last round key nibbles independently and in parallel. Both analytically and through experimental evidence, we show that the combined attack can recover the last round key of PRESENT with 4 random nibble fault injections in the best case, and around 7-8 nibble fault injections in the average case. Our attack sheds light on a hitherto unexplored vulnerability of PRESENT and PRESENT-like block ciphers that use bit-permutations instead of maximum distance separable (MDS) layers for diffusion.

Category / Keywords: implementation / DFA, DPA, PRESENT, combined attacks, fault attacks, side-channel analysis, bit-permutation

Original Publication (in the same form): FDTC 2017

Date: received 5 Nov 2017

Contact author: sikhar patranabis at iitkgp ac in

Available format(s): PDF | BibTeX Citation

Version: 20171110:152517 (All versions of this report)

Short URL: ia.cr/2017/1073

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]