Paper 2023/682

Divide and Rule: DiFA - Division Property Based Fault Attacks on PRESENT and GIFT

Anup Kumar Kundu, Indian Statistical Institute Kolkata
Shibam Ghosh, University Of Haifa Israel
Dhiman Saha, Indian Institute of Technology Bhilai
Mostafizar Rahman, Indian Statistical Institute Kolkata
Abstract

The division property introduced by Todo in Crypto 2015 is one of the most versatile tools in the arsenal of a cryptanalyst which has given new insights into many ciphers primarily from an algebraic perspective. On the other end of the spectrum we have fault attacks which have evolved into the deadliest of all physical attacks on cryptosystems. The current work aims to combine these seemingly distant tools to come up with a new type of fault attack. We show how fault invariants are formed under special input division multi-sets and are independent of the fault injection location. It is further shown that the same division trail can be exploited as a multi-round Zero-Sum distinguisher to reduce the key-space to practical limits. As a proof of concept division trails of PRESENT and GIFT are exploited to mount practical key-recovery attacks based on the random nibble fault model. For GIFT-64, we are able to recover the unique master-key with 30 nibble faults with faults injected at rounds 21 and 19. For PRESENT-80, DiFA reduces the key-space from $2^{80}$ to $2^{16}$ with 15 faults in round 25 while for PRESENT-128, the unique key is recovered with 30 faults in rounds 25 and 24. This constitutes the best fault attacks on these ciphers in terms of fault injection rounds. We also report an interesting property pertaining to fault induced division trails which shows its inapplicability to attack GIFT-128. Overall, the usage of division trails in fault based cryptanalysis showcases new possibilities and reiterates the applicability of classical cryptanalytic tools in physical attacks.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Published elsewhere. Applied Cryptography and Network Security 2023
Keywords
Fault AttacksDivision PropertyPRESENTGIFT
Contact author(s)
anupkundumath @ gmail com
sghosh03 @ campus haifa ac il
dhiman @ iitbhilai ac in
mrahman454 @ gmail com
History
2023-05-15: approved
2023-05-13: received
See all versions
Short URL
https://ia.cr/2023/682
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/682,
      author = {Anup Kumar Kundu and Shibam Ghosh and Dhiman Saha and Mostafizar Rahman},
      title = {Divide and Rule: {DiFA} - Division Property Based Fault Attacks on {PRESENT} and {GIFT}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/682},
      year = {2023},
      url = {https://eprint.iacr.org/2023/682}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.