Breaking Trivium Stream Cipher Implemented in ASIC Using Experimental Attacks and DFA

One of the best methods to improve the security of cryptographic systems used to exchange sensitive information is to attack them to find their vulnerabilities and to strengthen them in subsequent designs. Trivium stream cipher is one of the lightweight ciphers designed for security applications in...

ver descrição completa

Detalhes bibliográficos
Autores: Potestad Ordóñez, Francisco Eugenio, Valencia Barrero, Manuel, Baena Oliva, María del Carmen, Parra Fernández, María del Pilar, Jiménez Fernández, Carlos Jesús
Tipo de documento: artigo
Estado:Versão publicada
Data de publicação:2020
País:España
Recursos:Universidad de Sevilla (US)
Repositório:idUS. Depósito de Investigación de la Universidad de Sevilla
OAI Identifier:oai:idus.us.es:11441/104281
Acesso em linha:https://hdl.handle.net/11441/104281
https://doi.org/10.3390/s20236909
Access Level:Acceso aberto
Palavra-chave:Fault attack
Stream cipher
IoT
Trivium
ASIC implementation
DFA
Experimental attack
Key recovery
Descrição
Resumo:One of the best methods to improve the security of cryptographic systems used to exchange sensitive information is to attack them to find their vulnerabilities and to strengthen them in subsequent designs. Trivium stream cipher is one of the lightweight ciphers designed for security applications in the Internet of things (IoT). In this paper, we present a complete setup to attack ASIC implementations of Trivium which allows recovering the secret keys using the active non-invasive technique attack of clock manipulation, combined with Differential Fault Analysis (DFA) cryptanalysis. The attack system is able to inject effective transient faults into the Trivium in a clock cycle and sample the faulty output. Then, the internal state of the Trivium is recovered using the DFA cryptanalysis through the comparison between the correct and the faulty outputs. Finally, a backward version of Trivium was also designed to go back and get the secret keys from the initial internal states. The key recovery has been verified with numerous simulations data attacks and used with the experimental data obtained from the Application Specific Integrated Circuit (ASIC) Trivium. The secret key of the Trivium were recovered experimentally in 100% of the attempts, considering a real scenario and minimum assumptions.