Title :
Diagonal fault analysis of Gr⊘stl in dedicated MAC mode
Author :
Saha, Dhiman ; Chowdhury, Dipanwita Roy
Author_Institution :
Dept. of Comput. Sci. & Eng., IIT Kharagpur, Kharagpur, India
Abstract :
In this work, we present a differential fault analysis of the SHA-3 finalist Grøstl when used in the dedicated MAC mode. The fault model exploited here is similar to fault repeatability model proposed and used by Roche et al. in CARDIS 2011. We propose a new way of extracting half of the state of Grøstl from the knowledge of the remaining half. This result is of particular interest since it may be applied to any AES-like construction. The number of faults required to invert the output transformation is 8 improving the previous record of 16. Retrieving the key used in the MAC amounts to inverting the permutation Q in the last call of the compression function. This requires 34 additional faults beating the existing result of 140 faults by a huge margin. To the best of our knowledge this work presents the first fault analysis of Grøstl which is entirely based on the byte-error fault model and requires no precomputation.
Keywords :
cryptography; fault diagnosis; AES; CARDIS 2011; Grøst1; MAC mode; SHA-3; byte-error fault model; compression function; diagonal fault analysis; differential fault analysis; fault repeatability; Adaptation models; Analytical models; Computational modeling; Context; Hardware; Mathematical model; Security; Diagonal Fault Attack; Differential Fault Analysis; Fault Repeatability; Gr⊘stl; Hash Functions; SHA-3;
Conference_Titel :
Hardware Oriented Security and Trust (HOST), 2015 IEEE International Symposium on
Conference_Location :
Washington, DC
DOI :
10.1109/HST.2015.7140246
