Improved differential fault attack on MICKEY 2.0

In this paper we describe several ideas related to differential fault attack (DFA) on MICKEY 2.0, a stream cipher from eStream hardware profile. Using the standard assumptions for fault attacks, we first show that if the adversary can induce random single bit faults in the internal state of the ciph...

Full description

Saved in:
Bibliographic Details
Published inJournal of cryptographic engineering Vol. 5; no. 1; pp. 13 - 29
Main Authors Banik, Subhadeep, Maitra, Subhamoy, Sarkar, Santanu
Format Journal Article
LanguageEnglish
Published Berlin/Heidelberg Springer Berlin Heidelberg 01.04.2015
Subjects
Circuits and Systems
Communications Engineering
Computer Communication Networks
Computer Science
Cryptology
Data Structures and Information Theory
Networks
Operating Systems
Regular Paper
eStream
MICKEY 2.0
Fault attacks
Stream cipher
Online AccessGet full text

Cover

More Information
Summary:In this paper we describe several ideas related to differential fault attack (DFA) on MICKEY 2.0, a stream cipher from eStream hardware profile. Using the standard assumptions for fault attacks, we first show that if the adversary can induce random single bit faults in the internal state of the cipher, then by injecting around 2 16.7 faults and performing 2 32.5 computations on an average, it is possible to recover the entire internal state of MICKEY at the beginning of the key-stream generation phase. We further consider the scenario where the fault may affect more than one (at most three) neighboring bits and in that case we require around 2 18.4 faults on an average to mount the DFA. We further show that if the attacker can solve multivariate equations (say, using SAT solvers) then the attack can be carried out using around 2 14.7 faults in the single-bit fault model and 2 16.06 faults for the multiple-bit scenario
ISSN:2190-8508
2190-8516
DOI:10.1007/s13389-014-0083-9