Differential Fault Attack on Rasta and FiLIP DSM.
IACR Cryptol. ePrint Arch.(2023)
摘要
In this paper we propose Differential Fault Attack (DFA) on two Fully Homomorphic Encryption (FHE) friendly stream ciphers Rasta and $\text{FiLIP}_{\text{DSM}}$ . Design criteria of Rasta rely on affine layers and nonlinear layers, whereas $\text{FiLIP}_{\text{DSM}}$ relies on permutations and a nonlinear filter function. Here we show that the secret key of these two ciphers can be recovered by injecting only 1 bit fault in the initial state. Our DFA on full round (# rounds $=6$ ) Rasta with 219 block size requires only one block (i.e., 219 bits) of normal and faulty keystream bits. In the case of our DFA on FiLIP-430 (one instance of $\text{FiLIP}_{\text{DSM}}$ ), we need 30000 normal and faulty keystream bits.
更多查看译文
关键词
differential fault attack
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要