Paper 2017/1073

One Plus One is More than Two: A Practical Combination of Power and Fault Analysis Attacks on PRESENT and PRESENT-like Block Ciphers

Sikhar Patranabis, Jakub Breier, Debdeep Mukhopadhyay, and Shivam Bhasin

Abstract

We present the first practically realizable side-channel assisted fault attack on PRESENT, that can retrieve the last round key efficiently using single nibble faults. The attack demonstrates how side-channel leakage can allow the adversary to precisely determine the fault mask resulting from a nibble fault injection instance. We first demonstrate the viability of such an attack model via side-channel analysis experiments on top of a laser-based fault injection setup, targeting a PRESENT-80 implementation on an ATmega328P microcontroller. Subsequently, we present a differential fault analysis (DFA) exploiting the knowledge of the output fault mask in the target round to recover multiple last round key nibbles independently and in parallel. Both analytically and through experimental evidence, we show that the combined attack can recover the last round key of PRESENT with 4 random nibble fault injections in the best case, and around 7-8 nibble fault injections in the average case. Our attack sheds light on a hitherto unexplored vulnerability of PRESENT and PRESENT-like block ciphers that use bit-permutations instead of maximum distance separable (MDS) layers for diffusion.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. FDTC 2017
Keywords
DFADPAPRESENTcombined attacksfault attacksside-channel analysisbit-permutation
Contact author(s)
sikhar patranabis @ iitkgp ac in
History
2017-11-10: received
Short URL
https://ia.cr/2017/1073
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2017/1073,
      author = {Sikhar Patranabis and Jakub Breier and Debdeep Mukhopadhyay and Shivam Bhasin},
      title = {One Plus One is More than Two: A Practical Combination of Power and Fault Analysis Attacks on PRESENT and PRESENT-like Block Ciphers},
      howpublished = {Cryptology ePrint Archive, Paper 2017/1073},
      year = {2017},
      note = {\url{https://eprint.iacr.org/2017/1073}},
      url = {https://eprint.iacr.org/2017/1073}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.