Protecting block ciphers against differential fault attacks without re-keying

In this article, we propose a new method to protect block cipher implementations against Differential Fault Attacks (DFA). Our strategy, so-called “Tweak-in-Plaintext”, ensures that an uncontrolled value ('tweak-in') is inserted into some part of the block cipher plaintext, thus effectivel...

Full description

Saved in:
Bibliographic Details
Main Authors: Baksi, Anubhab, Bhasin, Shivam, Breier, Jakub, Khairallah, Mustafa, Peyrin, Thomas
Other Authors: School of Computer Science and Engineering
Format: Conference or Workshop Item
Language:English
Published: 2019
Subjects:
Online Access:https://hdl.handle.net/10356/88761
http://hdl.handle.net/10220/47670
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-88761
record_format dspace
spelling sg-ntu-dr.10356-887612023-02-28T19:17:11Z Protecting block ciphers against differential fault attacks without re-keying Baksi, Anubhab Bhasin, Shivam Breier, Jakub Khairallah, Mustafa Peyrin, Thomas School of Computer Science and Engineering School of Physical and Mathematical Sciences 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) Temasek Laboratories Enctyption Ciphers DRNTU::Engineering::Computer science and engineering In this article, we propose a new method to protect block cipher implementations against Differential Fault Attacks (DFA). Our strategy, so-called “Tweak-in-Plaintext”, ensures that an uncontrolled value ('tweak-in') is inserted into some part of the block cipher plaintext, thus effectively rendering DFA much harder to perform. Our method is extremely simple yet presents many advantages when compared to previous solutions proposed at AFRICACRYPT 2010 or CARDIS 2015. Firstly, we do not need any Tweakable block cipher, nor any related-key security assumption (we do not perform any re-keying). Moreover, performance for lightweight applications is improved, and we do not need to send any extra data. Finally, our scheme can be directly used with standard block ciphers such as AES or PRESENT. Experimental results show that the throughput overheads, for incorporating our scheme into AES-128, range between ≈ 5% to ≈ 26.9% for software, and between ≈ 3.1% to ≈ 25% for hardware implementations; depending on the tweak-in size. NRF (Natl Research Foundation, S’pore) Accepted version 2019-02-14T09:02:32Z 2019-12-06T17:10:24Z 2019-02-14T09:02:32Z 2019-12-06T17:10:24Z 2018 Conference Paper Baksi, A., Bhasin, S., Breier, J., Khairallah, M., & Peyrin, T. (2018). Protecting block ciphers against differential fault attacks without re-keying. 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). doi:10.1109/HST.2018.8383913 https://hdl.handle.net/10356/88761 http://hdl.handle.net/10220/47670 10.1109/HST.2018.8383913 206872 en © 2018 Institute of Electrical and Electronics Engineers (IEEE). All rights reserved. This paper was published in 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) and is made available with permission of Institute of Electrical and Electronics Engineers (IEEE). 4 p. application/pdf
institution Nanyang Technological University
building NTU Library
continent Asia
country Singapore
Singapore
content_provider NTU Library
collection DR-NTU
language English
topic Enctyption
Ciphers
DRNTU::Engineering::Computer science and engineering
spellingShingle Enctyption
Ciphers
DRNTU::Engineering::Computer science and engineering
Baksi, Anubhab
Bhasin, Shivam
Breier, Jakub
Khairallah, Mustafa
Peyrin, Thomas
Protecting block ciphers against differential fault attacks without re-keying
description In this article, we propose a new method to protect block cipher implementations against Differential Fault Attacks (DFA). Our strategy, so-called “Tweak-in-Plaintext”, ensures that an uncontrolled value ('tweak-in') is inserted into some part of the block cipher plaintext, thus effectively rendering DFA much harder to perform. Our method is extremely simple yet presents many advantages when compared to previous solutions proposed at AFRICACRYPT 2010 or CARDIS 2015. Firstly, we do not need any Tweakable block cipher, nor any related-key security assumption (we do not perform any re-keying). Moreover, performance for lightweight applications is improved, and we do not need to send any extra data. Finally, our scheme can be directly used with standard block ciphers such as AES or PRESENT. Experimental results show that the throughput overheads, for incorporating our scheme into AES-128, range between ≈ 5% to ≈ 26.9% for software, and between ≈ 3.1% to ≈ 25% for hardware implementations; depending on the tweak-in size.
author2 School of Computer Science and Engineering
author_facet School of Computer Science and Engineering
Baksi, Anubhab
Bhasin, Shivam
Breier, Jakub
Khairallah, Mustafa
Peyrin, Thomas
format Conference or Workshop Item
author Baksi, Anubhab
Bhasin, Shivam
Breier, Jakub
Khairallah, Mustafa
Peyrin, Thomas
author_sort Baksi, Anubhab
title Protecting block ciphers against differential fault attacks without re-keying
title_short Protecting block ciphers against differential fault attacks without re-keying
title_full Protecting block ciphers against differential fault attacks without re-keying
title_fullStr Protecting block ciphers against differential fault attacks without re-keying
title_full_unstemmed Protecting block ciphers against differential fault attacks without re-keying
title_sort protecting block ciphers against differential fault attacks without re-keying
publishDate 2019
url https://hdl.handle.net/10356/88761
http://hdl.handle.net/10220/47670
_version_ 1759853730959720448