Cryptology ePrint Archive: Report 2020/597

Bitstream Modification of Trivium

Kalle Ngo and Elena Dubrova and Michail Moraitis

Abstract: In this paper we present a bitstream modification attack on the Trivium cipher, an international standard under ISO/IEC 29192-3. By changing the content of three LUTs in the bitstream, we reduce the non-linear state updating function of Trivium to a linear one. This makes it possible to recover the key from 288 keystream bits using at most $2^{19.41}$ operations. We also propose a countermeasure against bitstream modification attacks which obfuscates the bitstream using dummy and camouflaged LUTs which look legitimate to the attacker. We present an algorithm for injecting dummy LUTs directly into the bitstream without causing any performance or power penalty.

Category / Keywords: secret-key cryptography / FPGA, reverse engineering, bitstream modification, fault injection, stream cipher, Trivium

Date: received 20 May 2020

Contact author: kngo at kth se, dubrova@kth se, micmor@kth se

Available format(s): PDF | BibTeX Citation

Version: 20200522:151335 (All versions of this report)

Short URL: ia.cr/2020/597


[ Cryptology ePrint archive ]