{"title":"A fault attack on KCipher-2","authors":"Julian Danner, Martin Kreuzer","doi":"10.1080/23799927.2020.1854863","DOIUrl":null,"url":null,"abstract":"ABSTRACT For the stream cipher KCipher-2 of the Japanese e-Government Recommended Ciphers List, we present fault attacks requiring only the possibility to reset the cipher and to inject byte faults into certain registers. For the polynomial systems resulting from an injection sequence into one register, we develop a dedicated algebraic solving technique. Using the Marking Algorithm of Horn Logic and the computation of certain Gröbner bases, we optimize the number and locations of fault injection sequences which allow the recovery of the full state of the cipher. The optimal attack requires only about 21 fault injections and 100 seconds for solving the polynomial systems and finding the internal state.","PeriodicalId":37216,"journal":{"name":"International Journal of Computer Mathematics: Computer Systems Theory","volume":"58 1","pages":"291 - 312"},"PeriodicalIF":0.9000,"publicationDate":"2020-12-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Computer Mathematics: Computer Systems Theory","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/23799927.2020.1854863","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 4
Abstract
ABSTRACT For the stream cipher KCipher-2 of the Japanese e-Government Recommended Ciphers List, we present fault attacks requiring only the possibility to reset the cipher and to inject byte faults into certain registers. For the polynomial systems resulting from an injection sequence into one register, we develop a dedicated algebraic solving technique. Using the Marking Algorithm of Horn Logic and the computation of certain Gröbner bases, we optimize the number and locations of fault injection sequences which allow the recovery of the full state of the cipher. The optimal attack requires only about 21 fault injections and 100 seconds for solving the polynomial systems and finding the internal state.