Meet‐in‐the‐middle fault analysis on word‐oriented substitution‐permutation network block ciphers

Meet‐in‐the‐Middle (MitM) fault analysis is a kind of powerful cryptanalytic approach suitable for various block ciphers. When applying the method to analyze the security of block ciphers, it is very crucial to find effective MitM characteristics based on some fault models. In this paper, we investigate the security of word‐oriented substitution‐permutation network (SPN) block ciphers by means of MitM fault analysis and observe that if the diffusion layers of the ciphers have some special properties, it is easy to derive effective MitM characteristics under the condition of single‐word fault model, which can lead to efficient fault attacks on the ciphers. In order to demonstrate the effectiveness of our observation, we apply it to ARIA and AES and obtain some effective MitM characteristics, respectively; then, we present efficient MitM fault attacks on the ciphers in terms of these characteristics. It is expected that our work could be helpful in evaluating the security of word‐oriented SPN block ciphers against fault attack. We also hope that this work could be beneficial to the design strategy of diffusion layers of block ciphers. Copyright © 2014 John Wiley & Sons, Ltd.