Differential fault analysis on SMS4 using a single fault. (English) Zbl 1260.94042
Summary: Differential fault analysis (DFA) attack is a powerful cryptanalytic technique that could be used to retrieve the secret key by exploiting computational errors in the encryption (decryption) procedure. In this paper, we propose a new DFA attack on SMS4 using a single fault. We show that if a random byte fault is induced into either the second, third, or fourth word register at the input of the \(28\)-th round, the \(128\)-bit key could be recovered with an exhaustive search of \(22.11\) bits on average. The proposed attack makes use of the characteristic of the cipher’s structure and its round function. Furthermore, it can be tailored to any block cipher employing a similar structure and an SPN-style round function as that of SMS4.
MSC:
| 94A60 | Cryptography |
References:
| [1] | Boneh, Dan; DeMillo, Richard A.; Lipton, Richard J., On the importance of checking cryptographic protocols for faults, (EUROCRYPT’97. EUROCRYPT’97, LNCS, vol. 1233 (1997), Springer), 37-51 |
| [2] | Biham, Eli; Shamir, Adi, Differential fault analysis of secret key cryptosystems, (CRYPTO 1997. CRYPTO 1997, LNCS, vol. 1294 (1997), Springer), 513-525 · Zbl 0886.94010 |
| [3] | Biham, Eli; Shamir, Adi, Differential cryptanalysis of DES-like cryptosystems, Journal of Cryptology, 4, 3-72 (1991) · Zbl 0729.68017 |
| [4] | Choy, Jiali; Yap, Huihui; Khoo, Khoongming, An analysis of the compact XSL attack on BES and embedded SMS4, (CANS 2009. CANS 2009, LNCS, vol. 5888 (2009), Springer), 103-118 |
| [5] | Diffie, Whitfield; Ledin, George, SMS4 encryption algorithm for wireless networks, (English version of Ref. [22]), Cryptology ePrint Archive, report 2008/329, available through |
| [6] | Etrog, Jonathan; Robshaw, Matt J. B., The cryptanalysis of reduced-round SMS4, (SAC 2008. SAC 2008, LNCS, vol. 5381 (2009), Springer), 51-65 · Zbl 1256.94047 |
| [7] | Erickson, Jeremy; Ding, Jintai; Christensen, Chris, Algebraic cryptanalysis of SMS4: Gröbner basis attack and SAT attack compared, (ICISC 2009. ICISC 2009, LNCS, vol. 5984 (2010), Springer), 73-86 · Zbl 1305.94045 |
| [8] | Ji, Wen; Hu, Lei, New description of SMS4 by an embedding over \(GF(2^8)\), (Indocrypt 2007. Indocrypt 2007, LNCS, vol. 4859 (2007), Springer), 238-251 · Zbl 1153.94397 |
| [9] | Liu, Fen; Ji, Wen; Hu, Lei; Ding, Jintai; Lv, Shuwang; Pyshkin, Andrei; Weinmann, Ralf-Philipp, Analysis of the SMS4 block cipher, (ACISP 2007. ACISP 2007, LNCS, vol. 4586 (2007), Springer), 158-170 · Zbl 1213.94121 |
| [10] | Li, Wei; Gu, Dawu, An improved method of differential fault analysis on the SMS4 cryptosystem, (ISDPE 2007 (2007), IEEE Computer Society), 175-180 |
| [11] | Li, Wei; Gu, Dawu, Differential fault analysis on the SMS4 cipher by inducing faults to the key schedule, Chinese Journal on Communications, 29, 10, 135-142 (2008) |
| [12] | Wei Li, personal communications, February, 2010.; Wei Li, personal communications, February, 2010. |
| [13] | Li, Ruilin; Sun, Bing; Li, Chao; You, Jianxiong, Differential fault analysis on SMS4 using a single fault, Cryptology ePrint Archive, report 2010/063, available through · Zbl 1260.94042 |
| [14] | Lu, Jiqiang, Attacking reduced-round versions of the SMS4 block cipher in the Chinese WAPI standard, (ICICS 2007. ICICS 2007, LNCS, vol. 4861 (2007), Springer), 306-318 |
| [15] | Mukhopadhyay, Debdeep, An improved fault based attack of the advanced encryption standard, (Africacrypt 2009. Africacrypt 2009, LNCS, vol. 5580 (2009)), 421-434 · Zbl 1246.94036 |
| [16] | Piret, Gilles; Quisquater, Jean-Jacques, A differential fault attack technique against SPN structures, with application to the AES and KHAZAD, (CHES 2003. CHES 2003, LNCS, vol. 2779 (2003), Springer), 77-88 · Zbl 1274.94107 |
| [17] | Toz, Deniz; Dunkelman, Orr, Analysis of two attacks on reduced-round versions of the SMS4, (ICICS 2008. ICICS 2008, LNCS, vol. 5308 (2008), Springer), 141-156 |
| [18] | Takahashi, Junko; Fukunaga, Toshinori, Improved differential fault analysis on CLEFIA, (FDTC 2008 (2008), IEEE Computer Society), 25-34 · Zbl 1356.94084 |
| [19] | Zhang, Lei; Wu, Wenling, Differential fault analysis on SMS4, Chinese Journal of Computers, 29, 9, 1596-1602 (2006) |
| [20] | Zhang, Lei; Zhang, Wentao; Wu, Wenling, Cryptanalysis of reduced-round SMS4 block cipher, (ACISP 2008. ACISP 2008, LNCS, vol. 5107 (2008), Springer), 216-229 · Zbl 1279.94128 |
| [21] | Zhang, Wentao; Wu, Wenling; Feng, Dengguo; Su, Bozhan, Some new observations on the SMS4 block cipher in the Chinese WAPI standard, (ISPEC 2009. ISPEC 2009, LNCS, vol. 5451 (2009), Springer), 324-335 |
| [22] | Specification of SMS4, Block cipher for WLAN products-SMS4, available through |
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. In some cases that data have been complemented/enhanced by data from zbMATH Open. This attempts to reflect the references listed in the original paper as accurately as possible without claiming completeness or a perfect matching.
