Cryptology ePrint Archive: Report 2019/536

Protecting against Statistical Ineffective Fault Attacks

Joan Daemen and Christoph Dobraunig and Maria Eichlseder and Hannes Gross and Florian Mendel and Robert Primas

Abstract: At ASIACRYPT 2018 it was shown that Statistical Ineffective Fault Attacks (SIFA) pose a threat for many practical implementations of symmetric cryptography. In particular, countermeasures against both power analysis and fault attacks typically do not prevent straightforward SIFA attacks that require very limited knowledge about the concrete attacked implementation. Consequently, the exploration of countermeasures against SIFA that do not rely on protocols or physical protection mechanisms is of particular interest. In this paper, we explore different countermeasure strategies against SIFA. First, we thoroughly analyze the conditions for an attack to be successful. We then show that by building the implementation from invertible building blocks rather than binary gates we can create circuits where a single fault in the computation does not cancel out. This property, when combined with a typical redundancy-based countermeasure, then results in a single-fault SIFA-secure implementation. This approach can be implemented efficiently and we show how it can be applied to 3-bit, 4-bit, and 5-bit S-boxes. Additionally, we also present an alternative countermeasure strategy based on fine-grained detection. Although this approach may lead to a higher implementation cost, it can be used to protect arbitrary circuits and can be generalized to cover multi-fault SIFA.

Category / Keywords: implementation / Fault countermeasures, Implementation security, Fault attack, Masking, SFA, SIFA

Date: received 21 May 2019, last revised 27 May 2019

Contact author: cdobraunig at cs ru nl

Available format(s): PDF | BibTeX Citation

Note: e-mail update

Version: 20190527:082023 (All versions of this report)

Short URL: ia.cr/2019/536


[ Cryptology ePrint archive ]