Cryptology ePrint Archive: Report 2020/425

Friet: An Authenticated Encryption Scheme with Built-in Fault Detection

Thierry Simon and Lejla Batina and Joan Daemen and Vincent Grosso and Pedro Maat Costa Massolino and Kostas Papagiannopoulos and Francesco Regazzoni and Niels Samwel

Abstract: In this work we present a duplex-based authenticated encryption scheme Friet based on a new permutation called Friet-P. We designed Friet-P with a novel approach for cryptographic permutations and block ciphers that takes fault-attack resistance into account and that we introduce in this paper. In this method, we build a permutation $f_C$ to be embedded in a larger one, $f$ . First, we define $f$ as a sequence of steps that all abide a chosen error-correcting code $C$, i.e., that map $C$-codewords to $C$-codewords. Then, we embed $f_C$ in $f$ by first encoding its input to an element of $C$, applying $f$ and then decoding back from $C$. This last step detects a fault when the output of $f$ is not in $C$. We motivate the design of the permutation we use in Friet and report on performance in soft- and hardware. We evaluate the fault-detection capabilities of the software and simulated hardware implementations with attacks. Finally, we perform a leakage evaluation. Our code is available at

Category / Keywords: secret-key cryptography / design of cryptographic primitives, fault injection countermeasures, side channel attack, lightweight implementations

Original Publication (with minor differences): IACR-EUROCRYPT-2020

Date: received 14 Apr 2020, last revised 12 May 2020

Contact author: thierry simon 13 at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20200512:202042 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]