Paper 2017/1074

A Practical Fault Attack on ARX-like Ciphers with a Case Study on ChaCha20

S V Dilip Kumar, Sikhar Patranabis, Jakub Breier, Debdeep Mukhopadhyay, Shivam Bhasin, Anupam Chattopadhyay, and Anubhab Baksi

Abstract

This paper presents the first practical fault attack on the ChaCha family of addition-rotation-XOR (ARX)-based stream ciphers. ChaCha has recently been deployed for speeding up and strengthening HTTPS connections for Google Chrome on Android devices. In this paper, we propose differential fault analysis attacks on ChaCha without resorting to nonce misuse. We use the instruction skip and instruction replacement fault models, which are popularly mounted on microcontroller-based cryptographic implementations. We corroborate the attack propositions via practical fault injection experiments using a laser-based setup targeting an Atmel AVR 8-bit microcontroller-based implementation of ChaCha. Each of the proposed attacks can be repeated with $100\%$ accuracy in our fault injection setup, and can recover the entire 256 bit secret key using 5-8 fault injections on an average.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. FDTC 2017
Keywords
ChaChaARX cipherLaserFault AttackInstruction SkipInstruction Replacement
Contact author(s)
sikhar patranabis @ iitkgp ac in
History
2017-11-10: received
Short URL
https://ia.cr/2017/1074
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2017/1074,
      author = {S V Dilip Kumar and Sikhar Patranabis and Jakub Breier and Debdeep Mukhopadhyay and Shivam Bhasin and Anupam Chattopadhyay and Anubhab Baksi},
      title = {A Practical Fault Attack on ARX-like Ciphers with a Case Study on ChaCha20},
      howpublished = {Cryptology ePrint Archive, Paper 2017/1074},
      year = {2017},
      note = {\url{https://eprint.iacr.org/2017/1074}},
      url = {https://eprint.iacr.org/2017/1074}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.