Skip to main content
SpringerLink
Log in

Fault analysis of the PRINCE family of lightweight ciphers

  • Regular Paper
  • Published:
Journal of Cryptographic Engineering Aims and scope Submit manuscript

Abstract

In ASHES 2020 (Aikata et al., in: Proceedings of the 4th ACM workshop on attacks and solutions in hardware security workshop, ASHES@CCS 2020, virtual event, November 13, 2020, USA, ACM, 2020), new integral and slow diffusion trails were reported on PRINCE and were used to mount fault attacks with practical complexities. We extend this work by performing new differential fault attacks based on the popular random bit-flip fault model, which has not been looked at in isolation for PRINCE until today. Additionally, we look at the construction of PRINCEv2 reported in SAC 2020 in the light of the attacks developed in this work and find that PRINCEv2 is equally vulnerable to them. We also highlight an interesting aspect of fault-reflection, which amplifies the scope of fault injection on PRINCE-like ciphers. The bit-flip model can recover the key uniquely at the expense of 7 random bit-faults injected at the input of Round-10 with a time complexity of \(2^{21}\). The integral fault attack has a time complexity of \(2^{36}\) and \(2^{20}\) with 15 nibble faults in rounds 8.5 and 9.5, while the slow diffusion differential fault attack works with four bit-faults in the 10th round with a complexity of \(2^{22}\). The array of fault attacks presented in this work constitute a comprehensive account of fault attack vulnerability of both PRINCE and PRINCEv2. Moreover, the 3D visualization model of PRINCE state introduced can be used to extend or improve existing attacks on PRINCE.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20
Fig. 21
Fig. 22

Similar content being viewed by others

Notes

  1. Inverse diagonal of \(i{\mathrm{th}}\) column: Set of 4 nibbles which map to the \(i{\mathrm{th}}\) column after \(SR^{-1}\).

  2. Our implementation is publicly available at: https://github.com/de-ci-phe-red-LABS/PRINCE-under-Differential-Fault-Attack-Now-in-3D.

References

  1. Aikata, Karmakar, B., Saha, D.: PRINCE under differential fault attack: now in 3D. In: Chang, C.-H., Rührmair, U., Katzenbeisser, S., Schaumont, P. (eds.) Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security Workshop, ASHES@CCS 2020, Virtual Event, USA, November 13, 2020, pp. 81–91. ACM (2020)

  2. Borghoff, J., Canteaut, A. Güneysu, T., Kavun, E.B., Knezevic, M., Knudsen, L.R., Leander, G., Nikov, V., Paar, C., Rechberger, C., Rombouts, P., Thomsen, S.S., Yalçin, T.: PRINCE—a low-latency block cipher for pervasive computing applications—extended abstract. In: Wang, X., Sako, K. (eds.) Advances in cryptology—ASIACRYPT 2012—18th International Conference on the Theory and Application of Cryptology and Information Security, Beijing, China, December 2–6, 2012. Proceedings. Lecture Notes in Computer Science, vol. 7658, pp. 208–225. Springer (2012)

  3. Morawiecki, P.: Practical attacks on the round-reduced PRINCE. IET Inf. Secur. 11(3), 146–151 (2017)

    Article  Google Scholar 

  4. Jean, J., Nikolic, I., Peyrin, T., Wang, L., Wu, S.: Security analysis of PRINCE. In: Moriai, S. (ed.) Fast Software Encryption—20th International Workshop, FSE 2013, Singapore, March 11–13, 2013. Revised Selected Papers. Lecture Notes in Computer Science, vol. 8424, pp. 92–111. Springer (2013)

  5. Rasoolzadeh, S., Raddum, H.: Faster key recovery attack on round-reduced PRINCE. In: Bogdanov, A. (ed.) Lightweight Cryptography for Security and Privacy—5th International Workshop, LightSec 2016, Aksaray, Turkey, September 21–22, 2016, Revised Selected Papers. Lecture Notes in Computer Science, vol. 10098, pp. 3–17. Springer (2016)

  6. Posteuca, R., Negara, G.: Integral cryptanalysis of round-reduced prince cipher. Proc. Romanian Acad. Ser. A Math. Phys. Tech. Sci. Inf. Sci. 16, 265–269 (2015)

    MathSciNet  Google Scholar 

  7. Derbez, P., Perrin, L.: Meet-in-the-middle attacks and structural analysis of round-reduced PRINCE. In: Leander, G. (ed.) Fast Software Encryption—22nd International Workshop, FSE 2015, Istanbul, Turkey, March 8–11, 2015, Revised Selected Papers. Lecture Notes in Computer Science, vol. 9054, pp. 190–216. Springer (2015)

  8. Canteaut, A., Fuhr, T., Gilbert, H., Naya-Plasencia, M., Reinhard, J.-R.: Multiple differential cryptanalysis of round-reduced PRINCE. In: Cid, C., Rechberger, C. (ed.) Fast Software Encryption—21st International Workshop, FSE 2014, London, UK, March 3–5, 2014. Revised Selected Papers. Lecture Notes in Computer Science, vol. 8540, pp. 591–610. Springer (2014)

  9. Abed, F., List, E., Lucks, S.: On the security of the core of PRINCE against biclique and differential cryptanalysis. IACR Cryptology ePrint Archive, p. 712 (2012)

  10. Grassi, L., Rechberger, C.: Practical low data-complexity subspace-trail cryptanalysis of round-reduced PRINCE. In: Dunkelman, O., Sanadhya, S.K. (ed.) Progress in Cryptology—INDOCRYPT 2016—17th International Conference on Cryptology in India, Kolkata, India, December 11–14, 2016, Proceedings. Lecture Notes in Computer Science, vol. 10095, pp. 322–342 (2016)

  11. Zhao, G., Sun, B., Li, C., Jinshu, S.: Truncated differential cryptanalysis of PRINCE. Secur. Commun. Netw. 8(16), 2875–2887 (2015)

    Article  Google Scholar 

  12. Ding, Y.-L., Zhao, J.-Y., Li, L.-B., Yu, H.-B.: Impossible differential analysis on round-reduced PRINCE. J. Inf. Sci. Eng. 33(4), 1041–1053 (2017)

    MathSciNet  Google Scholar 

  13. Rasoolzadeh, S., Raddum, H.: Cryptanalysis of 6-round PRINCE using 2 known plaintexts. IACR Cryptology ePrint Archive, p. 132 (2016)

  14. Rasoolzadeh, S., Raddum, H.: Cryptanalysis of PRINCE with minimal data. In: Pointcheval, D., Nitaj, A., Rachidi, T. (eds.) Progress in Cryptology—AFRICACRYPT 2016–8th International Conference on Cryptology in Africa, Fes, Morocco, April 13–15, 2016, Proceedings. Lecture Notes in Computer Science, vol. 9646, pp. 109–126. Springer (2016)

  15. Li, L., Jia, K., Wang, X.: (2013) Improved meet-in-the-middle attacks on AES-192 and PRINCE. IACR Cryptology ePrint Archive, p. 573

  16. Canteaut, A., Naya-Plasencia, M., Vayssière, B.: Sieve-in-the-middle: improved MITM attacks. In: Canetti, R., Garay, J.A. (eds.) Advances in Cryptology—CRYPTO 2013—-33rd Annual Cryptology Conference, Santa Barbara, CA, USA, August 18–22, 2013. Proceedings, Part I. Lecture Notes in Computer Science, vol. 8042, pp. 222–240. Springer (2013)

  17. Fouque, P.-A., Joux, A., Mavromati, C.: Multi-user collisions: applications to discrete logarithm, even-mansour and PRINCE. In: Sarkar, P., Iwata, T. (eds.) Advances in Cryptology—ASIACRYPT 2014—20th International Conference on the Theory and Application of Cryptology and Information Security, Kaoshiung, Taiwan, R.O.C., December 7–11, 2014. Proceedings, Part I. Lecture Notes in Computer Science, vol. 8873, pp. 420–438. Springer (2014)

  18. Soleimany, H., Blondeau, C., Yu, X., Wu, W., Kaisa, N., Zhang, H., Zhang, L., Wang, Y.: Reflection cryptanalysis of PRINCE-like ciphers. J. Cryptol. 28(3), 718–744 (2015)

    Article  MathSciNet  Google Scholar 

  19. Zheng, Y., Zhen, P., Ou, H.: Two kinds of biclique attacks on lightweight block cipher PRINCE. IACR Cryptology ePrint Archive, p. 1208 (2015)

  20. Posteuca, R., Duta, C.-L., Negara, G.: New approaches for round-reduced prince cipher cryptanalysis. Proc. Romanian Acad. Ser. A Math. Phys. Tech. Sci. Inf. Sci. 16, 253–264 (2015)

    MathSciNet  Google Scholar 

  21. Sakiyama, K., Sasaki, Y., Li, Y.: Security of Block Ciphers-From Algorithm Design to Hardware Implementation. Wiley, Hoboken (2015)

    Book  Google Scholar 

  22. Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults (extended abstract). In: Fumy, W. (ed.) Advances in Cryptology—EUROCRYPT ’97, International Conference on the Theory and Application of Cryptographic Techniques, Konstanz, Germany, May 11–15, 1997, Proceeding. Lecture Notes in Computer Science, vol. 1233, pp. 37–51. Springer (1997)

  23. Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of eliminating errors in cryptographic computations. J. Cryptol. 14(2), 101–119 (2001)

    Article  MathSciNet  Google Scholar 

  24. Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski, B.S. Jr. (ed.) Advances in Cryptology—CRYPTO ’97, 17th Annual International Cryptology Conference, Santa Barbara, California, USA, August 17–21, 1997, Proceedings. Lecture Notes in Computer Science, vol. 1294, pp. 513–525. Springer (1997)

  25. Piret, G., Quisquater, J.-J.: A differential fault attack technique against SPN structures, with application to the AES and KHAZAD. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) Cryptographic Hardware and Embedded Systems—CHES 2003, 5th International Workshop, Cologne, Germany, September 8–10, 2003, Proceedings. Lecture Notes in Computer Science, vol. 2779, pp. 77–88. Springer (2003)

  26. Song, L., Hu, L.: Differential fault attack on the PRINCE block cipher. In: Avoine, G., Kara, O. (eds.) Lightweight Cryptography for Security and Privacy - Second International Workshop, LightSec 2013, Gebze, Turkey, May 6–7, 2013, Revised Selected Papers. Lecture Notes in Computer Science, vol. 8162, pp. 43–54. Springer (2013)

  27. Jovanovic, P., Kreuzer, M., Polian, I.: Multi-stage fault attacks on block ciphers. IACR Cryptology ePrint Archive, p. 778 (2013)

  28. Zhang, F., Zhao, X., Guo, S., Shen, J., Huang, J., Hu, Z.: A comprehensive study of algebraic fault analysis on PRINCE. China Commun. 12(127–141), 07 (2015)

    Google Scholar 

  29. Bozilov, D., Eichlseder, M., Knezevic, M., Lambin, B., Leander, G., Moos, T., Nikov, V., Rasoolzadeh, S., Todo, Y., Wiemer, F.: PRINCEv2—more security for (almost) no overhead. In: Dunkelman, O., Jacobson, M.J. Jr., O’Flynn, C. (eds.) Selected Areas in Cryptography—SAC 2020—27th International Conference, Halifax, NS, Canada (Virtual Event), October 21–23, 2020, Revised Selected Papers. Lecture Notes in Computer Science, vol. 12804, pp. 483–511. Springer (2020)

  30. Knudsen, L.R., Wagner, D.A.: Integral cryptanalysis. In: Daemen, J., Rijmen V. (eds.) Fast Software Encryption, 9th International Workshop, FSE 2002, Leuven, Belgium, February 4–6, 2002, Revised Papers. Lecture Notes in Computer Science. vol. 2365, pp. 112–127. Springer (2002)

  31. Daemen, J., Knudsen, L., Rijmen, V.: The block cipher square. In: Biham, E. (ed.) Fast Software Encryption, 4th International Workshop, FSE ’97, Haifa, Israel, January 20–22, 1997, Proceedings. Lecture Notes in Computer Science, vol. 1267, pp. 149–165. Springer (1997)

  32. Ross, S.: A First Course in Probability, 7th edn. Prentice Hall, New York (2005)

    MATH  Google Scholar 

  33. Papadimitriou, A., Tampas, M., Hély, D., Beroulle, V., Maistri, P., Leveugle R.: Validation of RTL laser fault injection model with respect to layout information. In: IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2015, Washington, DC, USA, 5–7 May, 2015, pp. 78–81. IEEE Computer Society (2015)

  34. Lionel, R., Najm, Z., Rauzy, P., Danger, J.-L., Bringer, J., Sauvage, L.: High precision fault injections on the instruction cache of armv7-m architectures. In: IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2015, Washington, DC, USA, 5–7 May, 2015, pp 62–67. IEEE Computer Society (2015)

  35. Breier, J., He, W., Bhasin, S., Jap, D., Chef, S., Ong, H.G., Gan, C.L.: Extensive laser fault injection profiling of 65 nm FPGA. J. Hardw. Syst. Secur. 1(3), 237–251 (2017)

    Article  Google Scholar 

  36. Dutertre, J.-M., Beroulle, V., Candelier, P., De Castro, S., Faber, L.-B., Flottes, M.-L., Gendrier, P., Hély, D., Leveugle, R., Maistri, P., Di Natale, G., Papadimitriou, A., Rouzeyre, B.: Laser fault injection at the CMOS 28 nm technology node: an analysis of the fault model. In: 2018 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC 2018, Amsterdam, The Netherlands, September 13, 2018, pp. 1–6. IEEE Computer Society (2018)

  37. Colombier, B., Grandamme, P., Vernay, J., Chanavat, É., Bossuet, L., de Laulanié, L., Chassagne, B.: Multi-spot laser fault injection setup: New possibilities for fault injection attacks. In: 20th Smart Card Research and Advanced Application Conference-CARDIS 2021(2021)

  38. Sangchoolie, B., Pattabiraman, K., Karlsson, J.: One bit is (not) enough: an empirical study of the impact of single and multiple bit-flip errors. In: 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2017, Denver, CO, USA, June 26–29, 2017, pp. 97–108. IEEE Computer Society (2017)

  39. Saha, S., Bag, A., Basu Roy, D., Patranabis, S., Mukhopadhyay, D.: Fault template attacks on block ciphers exploiting fault propagation. In: Canteaut, A., Ishai, Y. (eds.) Advances in Cryptology—EUROCRYPT 2020—39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, May 10–14, 2020, Proceedings, Part I. Lecture Notes in Computer Science, vol. 12105, pp. 612–643. Springer (2020)

  40. Daemen, J., Vincent, R.: The Design of Rijndael: AES—The Advanced Encryption Standard. Information Security and Cryptography. Springer (2002)

  41. Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J., Seurin, Y., Vikkelsoe, C.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) Cryptographic Hardware and Embedded Systems—CHES 2007, 9th International Workshop, Vienna, Austria, September 10–13, 2007, Proceedings. Lecture Notes in Computer Science, vol. 4727, pp. 450–466. Springer (2007)

Download references

Author information

Authors and Affiliations

  1. Department of Cryptology and Security, Indian Statistical Institute, Kolkata, West Bengal, India

    Anup Kumar Kundu

  2. The Institute of Applied Information Processing and Communications (IAIK), Graz University of Technology, Styria, Austria

    Aikata

  3. de.ci.phe.red Lab, Department of Electrical Engineering and Computer Science, Indian Institute of Technology Bhilai, Raipur, Chhattisgarh, India

    Aikata, Banashri Karmakar & Dhiman Saha

Authors
  1. Anup Kumar Kundu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Aikata
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Banashri Karmakar
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Dhiman Saha
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Banashri Karmakar.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This is an extended version of the work [1] entitled “PRINCE under Differential Fault Attack: Now in 3D” published in the Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security, ASHES@CCS 2020, Virtual Event, USA, November 13, 2020, ACM, pp 67–79. Sections 2.25,  6.5 and 9 have been newly added in this work while Sects. 1 and 8 have been considerably modified.

This work was done when the author Anup Kumar Kundu was visiting de.ci.phe.red Lab at IIT Bhilai as part of his M. Tech thesis work.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Kundu, A.K., Aikata, Karmakar, B. et al. Fault analysis of the PRINCE family of lightweight ciphers. J Cryptogr Eng 12, 475–494 (2022). https://doi.org/10.1007/s13389-022-00290-1

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13389-022-00290-1

Keywords

Search

Navigation