Open AccessDifferential Fault Attack on GIFT
Author(s) -
Min XIE,
Feng TIAN,
Jiaqi LI
Publication year - 2021
Publication title -
chinese journal of electronics
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.267
H-Index - 25
eISSN - 2075-5597
pISSN - 1022-4653
DOI - 10.1049/cje.2021.05.008
Subject(s) - block cipher , key (lock) , computer science , differential (mechanical device) , fault (geology) , algorithm , cipher , mathematics , computer security , encryption , cryptography , engineering , geology , seismology , aerospace engineering
GIFT, a lightweight block cipher proposed at CHES2017, has been widely cryptanalyzed this years. This paper studies the differential diffusion characteristics of round function of GIFT at first, and proposes a random nibble‐based differential fault attack. The key recovery scheme is developed on the statistical properties we found for the differential distribution table of the S‐box. A lot of experiments had been done and experimental results show that one round key can be retrieved with an average of 20.24 and 44.96 fault injections for GIFT‐64 and GIFT‐128 respectively. Further analysis shows that a certain number of fault injections recover most key bits. So we demonstrate an improved fault attack combined with the method of exhaustive search, which shows that the master key can be recovered by performing 2 16 and 2 17 computations and injecting 31 and 32 faults on an average for GIFT‐64 and GIFT‐128 respectively.