Probabilistic signature based generalized framework for differential fault analysis of stream ciphers

Abstract

Differential Fault Attack (DFA) considers injection of faults and the most general set-up should take care of faults at random location and random time. Then one should be able to identify the exact location as well as the exact timing of the fault (including the multi bit ones) with the help of fault signatures. In this paper we solve the problem of DFA under a general frame-work, introducing the idea of probabilistic signatures. The method considers the Maximum Likelihood approach related to probability distributions. Our techniques subsume all the existing DFAs against the Grain family, MICKEY 2.0 and Trivium. In the process we provide improved fault attacks for all the versions of Grain family and also for MICKEY 2.0. Our generalized method successfully takes care of the cases where certain parts of the keystream bits are missing (this situation may arise for authentication purpose). In particular, we show that the unsolved problem of identifying the faults in random time for Grain 128a can be solved in this manner. Moreover, for MICKEY 2.0, our method not only provides improvement in fault identification probability but also reduces the required faults by 60 %, compared to the best known result.

Appendix A: Description of the Grain Family and MICKEY 2.0

1.1 Algebraic description of the grain family

Consider a _i ,b _i ,c _i ∈{0,1} for i ∈ {0,…,n−1}. Any cipher in the Grain family consists of an n-bit LFSR and an n-bit NFSR. The update function of the LFSR is given by the equation \(y_{t+n} = f(Y_{t}) = {\sum }_{i = 0}^{n-1} c_{i} y_{t+i}\), where Y _t = (y _t ,…,y _{t + n−1}) is an n-bit vector that denotes the LFSR state at the t ^th clock interval and f is a linear function on the LFSR state bits.

The NFSR update function is x _{t + n} = y _t + g(X _t ) = y _t + g(x _t ,…,x _{t + n−1}). Here, X _t = (x _t ,…,x _{t + n−1}) is an n-bit vector that denotes the NFSR state at the t ^th clock interval and g is a non-linear function of the NFSR state bits.

At the t ^th clock interval the 2n-bit state of the cipher is denoted by \(\mathcal {S}_{t}=(X_{t},Y_{t})\) i.e., \(\mathcal {S}_{t}=(x_{t}, \ldots , x_{t+n-1}, y_{t}, \ldots , y_{t+n-1})\).

The key-stream is produced by combining the LFSR and NFSR bits as \(z_{t} = {\sum }_{i = 0}^{n-1} b_{i} y_{t+i} + {\sum }_{i=0}^{n-1} a_{i} x_{t+i} + h(\mathcal {S}_{t})\), where h is a non-linear Boolean function, and may be degenerate on some of the variables (Table 6).

Table 6 Exact description of the three ciphers following [1, 2, 16, 17]

1.2 Key scheduling algorithm (KSA)

The Grain family uses an n-bit key K, and an m-bit initialization vector IV, with m < n. The key is loaded in the NFSR and the IV is loaded in the 0^th to the (m−1)^th bits of the LFSR. The remaining m ^th to (n−1)^th bits of the LFSR are loaded with some fixed pad P ∈ {0,1}^n−m. Then, for the first 2n clocks, the key-stream bit z _t is XOR-ed to both the LFSR and NFSR update functions.

The Grain family uses an n-bit key K, and an m-bit initialization vector IV, with m < n. The key is loaded in the NFSR and the IV is loaded in the 0^th to the (m−1)^th bits of the LFSR. The remaining m ^th to (n−1)^th bits of the LFSR are loaded with some fixed pad P ∈ {0,1}^n−m. Then, for the first 2n clocks, the key-stream bit z _t is XOR-ed to both the LFSR and NFSR update functions.

1.3 Pseudo-Random key-stream Generation Algorithm (PRGA)

After the KSA, z _t is no longer XOR-ed to the LFSR and the NFSR but it is used as the Pseudo-Random key-stream bit. Thus, during this phase, the LFSR and NFSR are updated as y _{t + n} = f(Y _t ),x _{t + n} = y _t + g(X _t ).

1.4 Brief description of MICKEY 2.0

MICKEY 2.0 uses an 80-bit key and a variable length IV, the length of which may be between 0 and 80 bits. The cipher consists of two 100 bit registers R and S that exercise mutual control over each other’s evolution. Let r ₀,r ₁,r ₂,…,r ₉₉ denote the contents of the register R and s ₀,s ₁,s ₂,…,s ₉₉ denote the contents of the register S. In order to describe the structure of the cipher and its working, let us first define the following routines.

1.4.1 Clocking register R

Let r ₀,r ₁,…,r ₉₉ be the state of the register R before clocking, and let \(r_{0}^{\prime },r_{1}^{\prime },\ldots , r_{99}^{\prime }\) be the state of the register R after clocking. Define the integer array RTAPS as follows

$$\begin{array}{@{}rcl@{}} RTAPS=\{0,1,3,4,5,6,9,12,13,16,19,20,21,22,25,28,37,38,41,42,\\ 45,46,50, 52,54,56,58,60,61,63,64,65,66,67,71,72,79,80,\\ 81,82,87,88,89,90, 91,92,94,95,96,97 \} \end{array} $$

Now define an operation

$$CLOCK\_R(R,INPUT\_BIT\_R,CONTROL\_BIT\_R)$$

1. 1.

   Define F E E D B A C K_B I T = r ₉₉ + I N P U T_B I T_R

2. 2.

   For 1 ≤ i ≤ 99 : \(r_{i}^{\prime } =r_{i-1}\). \(r_{0}^{\prime }=0\).

3. 3.

   For 0 ≤ i ≤ 99 : if i ∈ R T A P S, \(r_{i}^{\prime } = r_{i}^{\prime } + FEEDBACK\_BIT\).

4. 4.

   If C O N T R O L_B I T_R = 1:

   For 0 ≤ i ≤ 99 : \(r_{i}^{\prime } =r_{i}^{\prime } + r_{i} \)

1.4.2 Clocking register S

Let s ₀,s ₁,…,s ₉₉ be the state of the register S before clocking, and let \(s_{0}^{\prime },s_{1}^{\prime },\ldots , s_{99}^{\prime }\) be the state of the register S after clocking. Let \(\hat {s}_{0},\hat {s}_{1},\ldots , \hat {s}_{99}\) be intermediate variables. Define the four sequences C O M P0 _i , 1 ≤ i ≤ 98; C O M P1 _i , 1 ≤ i ≤ 98; F B0 _i , 0 ≤ i ≤ 99 and F B1 _i , 0 ≤ i ≤ 99 over GF(2) as in Table 7:

Table 7 The sequences C O M P0,C O M P1,F B0,F B1

Now define an operation

$$CLOCK\_S(S,INPUT\_BIT\_S,CONTROL\_BIT\_S) $$

1. 1.

   Define F E E D B A C K_B I T = s ₉₉ + I N P U T_B I T_S

2. 2.

   For 1 ≤ i ≤ 98 : \(\hat {s}_{i} = s_{i-1} + \left ((s_{i} + COMP0_{i})\cdot (s_{i+1}+ COMP1_{i}) \right )\). \(\hat {s}_{0}=0,\ \hat {s}_{99}=s_{98}\).

3. 3.

   If C O N T R O L_B I T_S = 0:

   • For 0 ≤ i ≤ 99: \(s_{i}^{\prime } = \hat {s}_{i} + (FB0_{i} \cdot FEEDBACK\_BIT)\)

   • Else If C O N T R O L_B I T_S = 1:

   • For 0 ≤ i ≤ 99: \(s_{i}^{\prime } = \hat {s}_{i} + (FB1_{i} \cdot FEEDBACK\_BIT)\)

1.4.3 The C L O C K_K G routine

We define another operation

$$CLOCK\_KG (R , S , MIXING , INPUT\_BIT ) $$

1. 1.

   C O N T R O L_B I T_R = s ₃₄ + r ₆₇, C O N T R O L_B I T_S = s ₆₇ + r ₃₃

2. 2.

   If M I X I N G = 1 :

   • I N P U T_B I T_R = I N P U T_B I T + s ₅₀

   Else If M I X I N G = 0 :

   • I N P U T_B I T_R = I N P U T_B I T

3. 3.

   I N P U T_B I T_S = I N P U T_B I T

4. 4.

   C L O C K_R(R,I N P U T_B I T_R,C O N T R O L_B I T_R)

5. 5.

   C L O C K_S(S,I N P U T_B I T_S,C O N T R O L_B I T_S)

1.4.4 Working of the cipher

We will now describe the algorithm governing the functioning of the cipher. Let K = k ₀,k ₁,…,k ₇₉ be the 80 bit key used by the cipher. Let I V = i v ₀,i v ₁,…,i v _v−1 be the v-bit IV (0 ≤ v ≤ 80). Then the cipher operates in the 4 stages as described below.

1. STAGE 1.

   IV loading

   • Initialize both R and S to the all-zero state.

     For 0 ≤ i ≤ v−1 : C L O C K_K G(R,S,1,i v _i )

2. STAGE 2.

   Key loading

   • For 0 ≤ i ≤ 79 : C L O C K_K G(R,S,1,k _i )

3. STAGE 3.

   Preclock Stage

   • For 0 ≤ i ≤ 99 : C L O C K_K G(R,S, 1, 0)

4. STAGE 4.

   PRGA(Pseudo-Random stream generation algorithm)

   • i ← 0

     While key-stream is required

   • z _i = r ₀ + s ₀

     C L O C K_K G(R, S, 0, 0)

     i ← i + 1