The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
Cet article décrit une attaque par analyse de fautes différentielles (DFA) contre CLEFIA. L'attaque proposée peut être appliquée à CLEFIA avec toutes les clés prises en charge : clés de 128, 192 et 256 bits. DFA est un type d’attaque par canal secondaire. Cette attaque permet de récupérer des clés secrètes en injectant des fautes dans un dispositif sécurisé lors du calcul de l'algorithme cryptographique et en comparant le texte chiffré correct avec celui défectueux. CLEFIA est un chiffrement par blocs de 128 bits avec des clés de 128, 192 et 256 bits développé par Sony Corporation en 2007. CLEFIA utilise une structure Feistel généralisée avec quatre lignes de données. Nous avons développé une nouvelle méthode d'attaque qui utilise cette structure caractéristique de l'algorithme CLEFIA. Sur la base de l’attaque proposée, seules 2 paires de textes chiffrés corrects et défectueux sont nécessaires pour récupérer la clé de 128 bits, et 10.78 paires en moyenne sont nécessaires pour récupérer les clés de 192 et 256 bits. L’attaque proposée est plus efficace que toutes celles signalées précédemment. Afin de vérifier l'attaque proposée et d'estimer le temps de calcul pour récupérer la clé secrète, nous avons réalisé une simulation d'attaque à l'aide d'un PC. Les résultats de la simulation montrent que nous pouvons obtenir chaque clé secrète en trois minutes en moyenne. Ce résultat montre que nous pouvons obtenir la clé entière dans un temps de calcul réalisable.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copier
Junko TAKAHASHI, Toshinori FUKUNAGA, "Differential Fault Analysis on CLEFIA with 128, 192, and 256-Bit Keys" in IEICE TRANSACTIONS on Fundamentals,
vol. E93-A, no. 1, pp. 136-143, January 2010, doi: 10.1587/transfun.E93.A.136.
Abstract: This paper describes a differential fault analysis (DFA) attack against CLEFIA. The proposed attack can be applied to CLEFIA with all supported keys: 128, 192, and 256-bit keys. DFA is a type of side-channel attack. This attack enables the recovery of secret keys by injecting faults into a secure device during its computation of the cryptographic algorithm and comparing the correct ciphertext with the faulty one. CLEFIA is a 128-bit blockcipher with 128, 192, and 256-bit keys developed by the Sony Corporation in 2007. CLEFIA employs a generalized Feistel structure with four data lines. We developed a new attack method that uses this characteristic structure of the CLEFIA algorithm. On the basis of the proposed attack, only 2 pairs of correct and faulty ciphertexts are needed to retrieve the 128-bit key, and 10.78 pairs on average are needed to retrieve the 192 and 256-bit keys. The proposed attack is more efficient than any previously reported. In order to verify the proposed attack and estimate the calculation time to recover the secret key, we conducted an attack simulation using a PC. The simulation results show that we can obtain each secret key within three minutes on average. This result shows that we can obtain the entire key within a feasible computational time.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.E93.A.136/_p
Copier
@ARTICLE{e93-a_1_136,
author={Junko TAKAHASHI, Toshinori FUKUNAGA, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Differential Fault Analysis on CLEFIA with 128, 192, and 256-Bit Keys},
year={2010},
volume={E93-A},
number={1},
pages={136-143},
abstract={This paper describes a differential fault analysis (DFA) attack against CLEFIA. The proposed attack can be applied to CLEFIA with all supported keys: 128, 192, and 256-bit keys. DFA is a type of side-channel attack. This attack enables the recovery of secret keys by injecting faults into a secure device during its computation of the cryptographic algorithm and comparing the correct ciphertext with the faulty one. CLEFIA is a 128-bit blockcipher with 128, 192, and 256-bit keys developed by the Sony Corporation in 2007. CLEFIA employs a generalized Feistel structure with four data lines. We developed a new attack method that uses this characteristic structure of the CLEFIA algorithm. On the basis of the proposed attack, only 2 pairs of correct and faulty ciphertexts are needed to retrieve the 128-bit key, and 10.78 pairs on average are needed to retrieve the 192 and 256-bit keys. The proposed attack is more efficient than any previously reported. In order to verify the proposed attack and estimate the calculation time to recover the secret key, we conducted an attack simulation using a PC. The simulation results show that we can obtain each secret key within three minutes on average. This result shows that we can obtain the entire key within a feasible computational time.},
keywords={},
doi={10.1587/transfun.E93.A.136},
ISSN={1745-1337},
month={January},}
Copier
TY - JOUR
TI - Differential Fault Analysis on CLEFIA with 128, 192, and 256-Bit Keys
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 136
EP - 143
AU - Junko TAKAHASHI
AU - Toshinori FUKUNAGA
PY - 2010
DO - 10.1587/transfun.E93.A.136
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E93-A
IS - 1
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - January 2010
AB - This paper describes a differential fault analysis (DFA) attack against CLEFIA. The proposed attack can be applied to CLEFIA with all supported keys: 128, 192, and 256-bit keys. DFA is a type of side-channel attack. This attack enables the recovery of secret keys by injecting faults into a secure device during its computation of the cryptographic algorithm and comparing the correct ciphertext with the faulty one. CLEFIA is a 128-bit blockcipher with 128, 192, and 256-bit keys developed by the Sony Corporation in 2007. CLEFIA employs a generalized Feistel structure with four data lines. We developed a new attack method that uses this characteristic structure of the CLEFIA algorithm. On the basis of the proposed attack, only 2 pairs of correct and faulty ciphertexts are needed to retrieve the 128-bit key, and 10.78 pairs on average are needed to retrieve the 192 and 256-bit keys. The proposed attack is more efficient than any previously reported. In order to verify the proposed attack and estimate the calculation time to recover the secret key, we conducted an attack simulation using a PC. The simulation results show that we can obtain each secret key within three minutes on average. This result shows that we can obtain the entire key within a feasible computational time.
ER -