International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Efficient Persistent Fault Analysis with Small Number of Chosen Plaintexts

Authors:
Fan Zhang , School of Cyber Science and Technology, College of Computer Science and Technology, Zhejiang University, Hangzhou, China, 310027; Alibaba-Zhejiang University Joint Research Institute of Frontier Technologies, Hangzhou, China, 310027
Run Huang , School of Cyber Science and Technology, College of Computer Science and Technology, Zhejiang University, Hangzhou, China, 310027; Key Laboratory of Blockchain and Cyberspace Governance of Zhejiang Province, Hangzhou, China, 310027
Tianxiang Feng , School of Cyber Science and Technology, College of Computer Science and Technology, Zhejiang University, Hangzhou, China, 310027; Alibaba-Zhejiang University Joint Research Institute of Frontier Technologies, Hangzhou, China, 310027
Xue Gong , School of Cyber Science and Technology, College of Computer Science and Technology, Zhejiang University, Hangzhou, China, 310027
Yulong Tao , Shanghai Institute of Satellite Engineering, Shanghai, China, 201109
Kui Ren , School of Cyber Science and Technology, College of Computer Science and Technology, Zhejiang University, Hangzhou, China, 310027
Xinjie Zhao , Henan Province Key Laboratory of Cyberspace Situation Awareness, Zhengzhou, China, 450001; School of Cyber Science and Technology, College of Computer Science and Technology, Zhejiang University, Hangzhou, China, 310027
Shize Guo , School of Cyber Science and Technology, College of Computer Science and Technology, Zhejiang University, Hangzhou, China, 310027
Download:
DOI: 10.46586/tches.v2023.i2.519-542
URL: https://tches.iacr.org/index.php/TCHES/article/view/10292
Search ePrint
Search Google
Abstract: In 2018, Zhang et al. introduced the Persistent Fault Analysis (PFA) for the first time, which uses statistical features of ciphertexts caused by faulty Sbox to recover the key of block ciphers. However, for most of the variants of PFA, the prior knowledge of the fault (location and value) is required, where the corresponding analysis will get more difficult under the scenario of multiple faults. To bypass such perquisite and improve the analysis efficiency for multiple faults, we propose Chosen-Plaintext based Persistent Fault Analysis (CPPFA). CPPFA introduces chosen-plaintext to facilitate PFA and can reduce the key search space of AES-128 to extremely small. Our proposal requires 256 ciphertexts, while previous state-of-the-art work still requires 1509 and 1448 ciphertexts under 8 and 16 faults, respectively, at the only cost of requiring 256 chosen plaintexts. In particular, CPPFA can be applied to the multiple faults scenarios where all fault locations, values and quantity are unknown, and the worst time complexity of CPPFA is O(28+nf ) for AES-128, where nf represents the number of faults. The experimental results show that when nf > 4, 256 pairs of plaintext-ciphertext can recover the master key of AES-128. As for LED-64, only 16 pairs of plaintext-ciphertext reduce the remaining key search space to 210.
BibTeX
@article{tches-2023-33046,
  title={Efficient Persistent Fault Analysis with Small Number of Chosen Plaintexts},
  journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
  publisher={Ruhr-Universität Bochum},
  volume={2023, Issue 2},
  pages={519-542},
  url={https://tches.iacr.org/index.php/TCHES/article/view/10292},
  doi={10.46586/tches.v2023.i2.519-542},
  author={Fan Zhang and Run Huang and Tianxiang Feng and Xue Gong and Yulong Tao and Kui Ren and Xinjie Zhao and Shize Guo},
  year=2023
}