Showing papers on "CLEFIA published in 2017"

XFC: A Framework for eXploitable Fault Characterization in Block Ciphers

Abstract: Fault attacks recover secret keys by exploiting faults injected during the execution of a block cipher. However, not all faults are exploitable and every exploitable fault is associated with an offline complexity to determine the key. The ideal fault attack would recover maximum key bits with minimum offline effort. Finding the ideal fault attack for a block cipher is a laborious manual task, which can take several months to years before such an attack is discovered. In this paper, we present a framework that would analyze block ciphers for their vulnerabilities to faults and automatically predict whether a differential fault attack would be successful. The framework, which we call XFC, uses colors to analyze the fault propagation and exploitability in the cipher. XFC would be able to (a) predict the key bits that can be derived by the fault attack and (b) estimate the offline complexity. It can thus be used to identify the ideal fault attack for a block cipher. As a proof of concept, we have applied XFC to the block ciphers AES, CLEFIA and SMS4 and were able to automatically derive fault attacks that correspond to the best known till date in the single fault model.

Linear Cryptanalysis of DES with Asymmetries.

Abstract: Linear cryptanalysis of DES, proposed by Matsui in 1993, has had a seminal impact on symmetric-key cryptography, having seen massive research efforts over the past two decades. It has spawned many variants, including multidimensional and zero-correlation linear cryptanalysis. These variants can claim best attacks on several ciphers, including present, Serpent, and CLEFIA. For DES, none of these variants have improved upon Matsui’s original linear cryptanalysis, which has been the best known-plaintext key-recovery attack on the cipher ever since. In a revisit, Junod concluded that when using \(2^{43}\) known plaintexts, this attack has a complexity of \(2^{41}\) DES evaluations. His analysis relies on the standard assumptions of right-key equivalence and wrong-key randomisation.

A Practical Chosen Message Power Analysis Approach Against Ciphers with the Key Whitening Layers

Abstract: The key whitening is a technique intended to enhance the strength of a block cipher. Although some research work involves DPA attacks against the key whitening layer in the compact architecture, there are no literatures dedicated in the influence of the key whitening layers in the loop architecture from the standpoint of DPA. In this paper, we propose a practical chosen message power analysis approach against the loop architecture of ciphers with the key whitening layers, thus proving that the key whitening technique does not enhance the security of ciphers regard to DPA. Our approach follows a reduction strategy: we recover the whitening key in the general cipher with the key whitening layer and reduce other complicated key whitening layers to the general case. In order to further manifest the validity of the new approach, we carry extensive experiments on two ISO standardized ciphers CLEFIA and Camellia implemented in loop architecture on FPGA, and the keys are recovered as expected.

Linear Cryptanalysis of DES with Asymmetries

Abstract: Linear cryptanalysis of DES, proposed by Matsui in 1993, has had a seminal impact on symmetric-key cryptography, having seen massive research efforts over the past two decades. It has spawned many variants, including multidimensional and zero-correlation linear cryptanalysis. These variants can claim best attacks on several ciphers, including present, Serpent, and CLEFIA. For DES, none of these variants have improved upon Matsui’s original linear cryptanalysis, which has been the best known-plaintext key-recovery attack on the cipher ever since. In a revisit, Junod concluded that when using \(2^{43}\) known plaintexts, this attack has a complexity of \(2^{41}\) DES evaluations. His analysis relies on the standard assumptions of right-key equivalence and wrong-key randomisation.

Tackling the Time-Defence: An Instruction Count Based Micro-architectural Side-Channel Attack on Block Ciphers

Abstract: Hardware Performance Counters (HPCs) are present in most modern processors and provide an interface to user-level processes to monitor their processor performance in terms of the number of micro architectural events, executed during a process execution. In this paper, we analyze the leakage from these HPC events and present a new micro-architectural side-channel attack which observes number of instruction counts during the execution of an encryption algorithm as side-channel information to recover the secret key. This paper first demonstrates the fact that the instruction counts can act as a side-channel and then describes the Instruction Profiling Attack (IPA) methodology with the help of two block ciphers, namely AES and Clefia, on Intel and AMD processors. We follow the principles of profiled instruction attacks and show that the proposed attack is more potent than the well-known cache timing attacks in literature. We also perform experiments on ciphers implemented with popular time fuzzing schemes to subvert timing attacks. Our results show that while the countermeasure successfully stops leakages through the timing channels, it is vulnerable to the Instruction Profiling Attack. We validate our claims by detailed experiments on contemporary Intel and AMD platforms to demonstrate that seemingly benign instruction counts can serve as side-channels even for block cipher implementations which are hardened against timing attacks.

High Performance Optimization Function for 32- Bits Microcontrollers in Key Scheduling of the Lightweight Cipher Algorithm CLEFIA

Abstract: Objectives: This paper shows an optimized code for light-weight cipher algorithms, attempting to keep the balance between the use of resources and the communication speed. Methods/Analysis: A real performance analysis is applied to the cryptographic algorithm CLEFIA, under the standards by ISO/IEC 29192-2, by means of a code optimization for key scheduling through bit-oriented instructions. It is used the Freescale KL25Z development board for the measure of response times and the structural blocks’ execution times for the cipher algorithm. Findings: In this paper a bit-level optimization was sought over some operative structures of the algorithm, taking advantage of the 32-bit architecture in the development platform, generating this way a better response time for the application and an increase of the Throughput performance regarding the reference code by SONY. Novelty/Improvement: This application was developed so it can be used by many platforms into any electronic application, which requires an encryption process, where the use of a PC is not worthy because of the size and cost.

Gost, simon, bear-lion, cast-256, clefia

Abstract: In this chapter, we present concrete ciphers based on the constructions studied previously. We provide examples of balanced, unbalanced and generalized Feistel ciphers. For each of them, we give the description and a survey of attacks performed on these ciphers.

Low-footprint CLEFIA FPGA Implementations with Full-key Expansion

Abstract: In this paper two compact and high throughput hardware structures are proposed allowing for the computation of the 128-bit CLEFIA encryption algorithm and its associated key expansion processes. Given the needed modification to the CLEFIA Fiestel network, herein we show that with a small area and low performance impact, the CLEFIA key expansion for 128, 192 and 256-bit key can be deployed. This is achieved by using embedded components available in modern FPGAs and with an adaptable scheduling, allowing to compute the 4 and 8 branch CLEFIA Feistel network within the same structure. The obtained experimental results on a Xilinx Virtex 5 FPGA suggest that throughputs above 1Gbps can be achieved with a resource usage of 200 Slices and 3 BRAMs, achieving a throughput/Slice efficiency metric 50% higher when compared with limited state of the art.