Paper 2023/322
Differential Fault Attack on Rasta and $\text {FiLIP} _ {\text {DSM}}$
Abstract
In this paper we propose Differential Fault Attack (DFA) on two Fully Homomorphic Encryption (FHE) friendly stream ciphers Rasta and $\text {FiLIP} _ {\text {DSM}} $. Design criteria of Rasta rely on affine layers and nonlinear layers, whereas $\text {FiLIP} _ {\text {DSM}} $ relies on permutations and a nonlinear fil- ter function. Here we show that the secret key of these two ciphers can be recovered by injecting only 1 bit fault in the initial state. Our DFA on full round (# rounds = 6) Rasta with 219 block size requires only one block (i.e., 219 bits) of normal and faulty keystream bits. In the case of our DFA on FiLIP-430 (one instance of $\text {FiLIP} _ {\text {DSM}} $), we need 30000 normal and faulty keystream bits.
Metadata
- Available format(s)
-
PDF
- Category
- Attacks and cryptanalysis
- Publication info
- Published elsewhere. IEEE Transactions on Computers
- DOI
- 10.1109/TC.2023.3244629
- Keywords
- Differential Fault AttackRastaFiLIP
- Contact author(s)
-
202273001 @ iiitvadodara ac in
meenakshi kansal @ rru ac in
pierrick meaux @ uni lu
dibyendu roy @ iiitvadodara ac in - History
- 2023-03-05: approved
- 2023-03-04: received
- See all versions
- Short URL
- https://ia.cr/2023/322
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/322,
author = {R Radheshwar and Meenakshi Kansal and Pierrick Méaux and Dibyendu Roy},
title = {Differential Fault Attack on Rasta and $\text {FiLIP} _ {\text {DSM}}$},
howpublished = {Cryptology ePrint Archive, Paper 2023/322},
year = {2023},
doi = {10.1109/TC.2023.3244629},
note = {\url{https://eprint.iacr.org/2023/322}},
url = {https://eprint.iacr.org/2023/322}
}
