Paper 2020/425

Friet: An Authenticated Encryption Scheme with Built-in Fault Detection

Thierry Simon, Lejla Batina, Joan Daemen, Vincent Grosso, Pedro Maat Costa Massolino, Kostas Papagiannopoulos, Francesco Regazzoni, and Niels Samwel


In this work we present a duplex-based authenticated encryption scheme Friet based on a new permutation called Friet-P. We designed Friet-P with a novel approach for cryptographic permutations and block ciphers that takes fault-attack resistance into account and that we introduce in this paper. In this method, we build a permutation $f_C$ to be embedded in a larger one, $f$ . First, we define $f$ as a sequence of steps that all abide a chosen error-correcting code $C$, i.e., that map $C$-codewords to $C$-codewords. Then, we embed $f_C$ in $f$ by first encoding its input to an element of $C$, applying $f$ and then decoding back from $C$. This last step detects a fault when the output of $f$ is not in $C$. We motivate the design of the permutation we use in Friet and report on performance in soft- and hardware. We evaluate the fault-detection capabilities of the software and simulated hardware implementations with attacks. Finally, we perform a leakage evaluation. Our code is available at

Available format(s)
Secret-key cryptography
Publication info
A minor revision of an IACR publication in EUROCRYPT 2020
design of cryptographic primitivesfault injection countermeasuresside channel attacklightweight implementations
Contact author(s)
thierry simon 13 @ gmail com
2020-05-12: revised
2020-04-15: received
See all versions
Short URL
Creative Commons Attribution


      author = {Thierry Simon and Lejla Batina and Joan Daemen and Vincent Grosso and Pedro Maat Costa Massolino and Kostas Papagiannopoulos and Francesco Regazzoni and Niels Samwel},
      title = {Friet: An Authenticated Encryption Scheme with Built-in Fault Detection},
      howpublished = {Cryptology ePrint Archive, Paper 2020/425},
      year = {2020},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.