Cryptology ePrint Archive: Report 2017/678

Differential Fault Attack on Grain v1, ACORN v3 and Lizard

Akhilesh Anilkumar Siddhanti and Santanu Sarkar and Subhamoy Maitra and Anupam Chattopadhyay

Abstract: Differential Fault Attack (DFA) is presently a very well known technique to evaluate security of a stream cipher. This considers that the stream cipher can be weakened by injection of the fault. In this paper we study DFA on three ciphers, namely Grain v1, Lizard and ACORN v3. We show that Grain v1 (an eStream cipher) can be attacked with injection of only 5 faults instead of 10 that has been reported in 2012. For the first time, we have mounted the fault attack on Lizard, a very recent design and show that one requires only 5 faults to obtain the state. ACORN v3 is a third round candidate of CAESAR and there is only one hard fault attack on an earlier version of this cipher. However, the `hard fault' model requires a lot more assumption than the generic DFA. In this paper, we mount a DFA on ACORN v3 that requires 9 faults to obtain the state. In case of Grain v1 and ACORN v3, we can obtain the secret key once the state is known. However, that is not immediate in case of Lizard. While we have used the basic framework of DFA that appears in literature quite frequently, specific tweaks have to be explored to mount the actual attacks that were not used earlier. To the best of our knowledge, these are the best known DFA on these three ciphers.

Category / Keywords: implementation / Differential Fault Attack, Stream Cipher, Grain v1, ACORN v3, Lizard

Date: received 6 Jul 2017

Contact author: subho at isial ac in

Available format(s): PDF | BibTeX Citation

Version: 20170712:154254 (All versions of this report)

Short URL: ia.cr/2017/678

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]