Paper 2019/697
Breaking ACORN with a Single Fault
Elena Dubrova
Abstract
Assuring security of the Internet of Things (IoT) is much more challenging than assuring security of centralized environments, like the cloud. A reason for this is that IoT devices are often deployed in domains that are remotely managed and monitored. Thus, their physical security cannot be guaranteed as reliably as physical security of data centers. Some believe that physical security becomes less important if all data processed and stored within a device is encrypted. However, an attacker with a physical access to a device implementing an encryption algorithm may be able to extract the encryption key and decrypt data. As a demonstration, in this paper we attack ACORN stream cipher, a finalist of CESAR competition for authenticated encryption. By injecting a single stuck-at-0 fault into ACORN's implementation, we reduce its non-linear feedback function to a linear one. Since this obviously makes ACORN weaker, many known attacks can be applied to break it. We apply an algebraic attack which recovers the key from $2^{15.34}$ keystream bits using $2^{35.46}$ operations.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Preprint. MINOR revision.
- Keywords
- Physical securityfault attackalgebraic attackACORNstream cipher
- Contact author(s)
- dubrova @ kth se
- History
- 2019-06-13: received
- Short URL
- https://ia.cr/2019/697
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2019/697, author = {Elena Dubrova}, title = {Breaking {ACORN} with a Single Fault}, howpublished = {Cryptology {ePrint} Archive, Paper 2019/697}, year = {2019}, url = {https://eprint.iacr.org/2019/697} }