Cargando…
Breaking Trivium Stream Cipher Implemented in ASIC Using Experimental Attacks and DFA
One of the best methods to improve the security of cryptographic systems used to exchange sensitive information is to attack them to find their vulnerabilities and to strengthen them in subsequent designs. Trivium stream cipher is one of the lightweight ciphers designed for security applications in...
Autores principales: | , , , , |
---|---|
Formato: | Online Artículo Texto |
Lenguaje: | English |
Publicado: |
MDPI
2020
|
Materias: | |
Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7730906/ https://www.ncbi.nlm.nih.gov/pubmed/33287234 http://dx.doi.org/10.3390/s20236909 |
_version_ | 1783621792818003968 |
---|---|
author | Potestad-Ordóñez, Francisco Eugenio Valencia-Barrero, Manuel Baena-Oliva, Carmen Parra-Fernández, Pilar Jiménez-Fernández, Carlos Jesús |
author_facet | Potestad-Ordóñez, Francisco Eugenio Valencia-Barrero, Manuel Baena-Oliva, Carmen Parra-Fernández, Pilar Jiménez-Fernández, Carlos Jesús |
author_sort | Potestad-Ordóñez, Francisco Eugenio |
collection | PubMed |
description | One of the best methods to improve the security of cryptographic systems used to exchange sensitive information is to attack them to find their vulnerabilities and to strengthen them in subsequent designs. Trivium stream cipher is one of the lightweight ciphers designed for security applications in the Internet of things (IoT). In this paper, we present a complete setup to attack ASIC implementations of Trivium which allows recovering the secret keys using the active non-invasive technique attack of clock manipulation, combined with Differential Fault Analysis (DFA) cryptanalysis. The attack system is able to inject effective transient faults into the Trivium in a clock cycle and sample the faulty output. Then, the internal state of the Trivium is recovered using the DFA cryptanalysis through the comparison between the correct and the faulty outputs. Finally, a backward version of Trivium was also designed to go back and get the secret keys from the initial internal states. The key recovery has been verified with numerous simulations data attacks and used with the experimental data obtained from the Application Specific Integrated Circuit (ASIC) Trivium. The secret key of the Trivium were recovered experimentally in 100% of the attempts, considering a real scenario and minimum assumptions. |
format | Online Article Text |
id | pubmed-7730906 |
institution | National Center for Biotechnology Information |
language | English |
publishDate | 2020 |
publisher | MDPI |
record_format | MEDLINE/PubMed |
spelling | pubmed-77309062020-12-12 Breaking Trivium Stream Cipher Implemented in ASIC Using Experimental Attacks and DFA Potestad-Ordóñez, Francisco Eugenio Valencia-Barrero, Manuel Baena-Oliva, Carmen Parra-Fernández, Pilar Jiménez-Fernández, Carlos Jesús Sensors (Basel) Article One of the best methods to improve the security of cryptographic systems used to exchange sensitive information is to attack them to find their vulnerabilities and to strengthen them in subsequent designs. Trivium stream cipher is one of the lightweight ciphers designed for security applications in the Internet of things (IoT). In this paper, we present a complete setup to attack ASIC implementations of Trivium which allows recovering the secret keys using the active non-invasive technique attack of clock manipulation, combined with Differential Fault Analysis (DFA) cryptanalysis. The attack system is able to inject effective transient faults into the Trivium in a clock cycle and sample the faulty output. Then, the internal state of the Trivium is recovered using the DFA cryptanalysis through the comparison between the correct and the faulty outputs. Finally, a backward version of Trivium was also designed to go back and get the secret keys from the initial internal states. The key recovery has been verified with numerous simulations data attacks and used with the experimental data obtained from the Application Specific Integrated Circuit (ASIC) Trivium. The secret key of the Trivium were recovered experimentally in 100% of the attempts, considering a real scenario and minimum assumptions. MDPI 2020-12-03 /pmc/articles/PMC7730906/ /pubmed/33287234 http://dx.doi.org/10.3390/s20236909 Text en © 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/). |
spellingShingle | Article Potestad-Ordóñez, Francisco Eugenio Valencia-Barrero, Manuel Baena-Oliva, Carmen Parra-Fernández, Pilar Jiménez-Fernández, Carlos Jesús Breaking Trivium Stream Cipher Implemented in ASIC Using Experimental Attacks and DFA |
title | Breaking Trivium Stream Cipher Implemented in ASIC Using Experimental Attacks and DFA |
title_full | Breaking Trivium Stream Cipher Implemented in ASIC Using Experimental Attacks and DFA |
title_fullStr | Breaking Trivium Stream Cipher Implemented in ASIC Using Experimental Attacks and DFA |
title_full_unstemmed | Breaking Trivium Stream Cipher Implemented in ASIC Using Experimental Attacks and DFA |
title_short | Breaking Trivium Stream Cipher Implemented in ASIC Using Experimental Attacks and DFA |
title_sort | breaking trivium stream cipher implemented in asic using experimental attacks and dfa |
topic | Article |
url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7730906/ https://www.ncbi.nlm.nih.gov/pubmed/33287234 http://dx.doi.org/10.3390/s20236909 |
work_keys_str_mv | AT potestadordonezfranciscoeugenio breakingtriviumstreamcipherimplementedinasicusingexperimentalattacksanddfa AT valenciabarreromanuel breakingtriviumstreamcipherimplementedinasicusingexperimentalattacksanddfa AT baenaolivacarmen breakingtriviumstreamcipherimplementedinasicusingexperimentalattacksanddfa AT parrafernandezpilar breakingtriviumstreamcipherimplementedinasicusingexperimentalattacksanddfa AT jimenezfernandezcarlosjesus breakingtriviumstreamcipherimplementedinasicusingexperimentalattacksanddfa |