Paper 2024/343

Partial Differential Fault Analysis on Ascon

Yang Gao, Beijing National Research Center for Information Science and Technology (BNRist), School of Integrated Circuits, Tsinghua University, Beijing, China, Key Laboratory of Network Cryptography Technology of Henan, Information Engineering University, Zhengzhou, China.
Abstract

Authenticated Encryption with Associated Data (AEAD) is a trend in applied cryptography because it combine confidentiality, integrity, and authentication into one algorithm and is more efficient than using block ciphers and hash functions separately. The Ascon algorithm, as the winner in both the CAESAR competition and the NIST LwC competition, will soon become the AEAD standard for protecting the Internet of Things and micro devices with limited computing resources. We propose a partial differential fault analysis (PDFA) technology for the Ascon algorithm, using stuck-at fault and random-nibble fault models respectively. Theoretically, after 9.9 full-round fault injections or 263 single nibble fault injections, 128-bit key can be completely recovered. In addition, we conducted the first discussion of this analysis method under different nonce configurations. In the Nonce-respect case, an average of 130 additional Tag queries are required to complete the guessing of the faulty tag, afterwards equating this case with the Nonce-misuse case. Subsequent experimental results proved the correctness of the theoretical model. Finally we discuss some countermeasures against proposed attacks, and we propose a new S-box that can be used to replace the existing S-box in ASCON to render PDFA ineffective.

Metadata
Available format(s)
-- withdrawn --
Category
Attacks and cryptanalysis
Publication info
Preprint.
Keywords
Authenticated EncryptionAsconCAESARNIST LWC competitionDifferential fault analysis
Contact author(s)
gaoyang_1279 @ outlook com
History
2024-04-08: withdrawn
2024-02-27: received
See all versions
Short URL
https://ia.cr/2024/343
License
Creative Commons Attribution-NonCommercial
CC BY-NC
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.