• Journal of Advanced Navigation Technology
• /
• v.19 no.1
• /
• pp.48-52
• /
• 2015

In this paper, we propose a differential fault analysis on SSB having same structure in encryption and decryption proposed in 2011. The target algorithm was designed using advanced encryption standard and has advantage about hardware implementations. The differential fault analysis is one of side channel attacks, combination of the fault injection attacks with the differential cryptanalysis. Because SSB is suitable for hardware, it must be secure for the differential fault analysis. However, using proposed differential fault attack in this paper, we can recover the 128 bit secret key of SSB through only one random byte fault injection and an exhausted search of $2^8$. This is the first cryptanalytic result on SSB having same structure in encryption and decryption.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1117-1127
• /
• 2014

Differential Fault Analysis(DFA) is widely known for one of the most powerful method for analyzing block cipher. it is applicable to block cipher such as DES, AES, ARIA, SEED, and lightweight block cipher such as PRESENT, HIGHT. In this paper, we introduce a differential fault analysis on the lightweight block cipher LEA for the first time. we use 300 chosen fault injection ciphertexts to recover 128-bit master key. As a result of our attack, we found a full master key within an average of 40 minutes on a standard PC environment.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.2
• /
• pp.793-810
• /
• 2015

The TWINE is a new Generalized Feistel Structure (GFS) lightweight cryptosystem in the Internet of Things. It has 36 rounds and the key lengths support 80 bits and 128 bits, which are flexible to provide security for the RFID, smart cards and other highly-constrained devices. Due to the strong attacking ability, fast speed, simple implementation and other characteristics, the differential fault analysis has become an important method to evaluate the security of lightweight cryptosystems. On the basis of the 4-bit fault model and the differential analysis, we propose an effective differential fault attack on the TWINE cryptosystem. Mathematical analysis and simulating experiments show that the attack could recover its 80-bit and 128-bit secret keys by introducing 8 faulty ciphertexts and 18 faulty ciphertexts on average, respectively. The result in this study describes that the TWINE is vulnerable to differential fault analysis. It will be beneficial to the analysis of the same type of other iterated lightweight cryptosystems in the Internet of Things.

• Journal of Electrical Engineering and Technology
• /
• v.9 no.4
• /
• pp.1217-1228
• /
• 2014

A method for faulted line detection of four parallel lines on the same tower is presented, based on four-summing and double-differential sequences of one terminal current. Four-summing and double-differential sequences of fault current can be calculated using a certain transformation matrix for parameter decoupling of four parallel transmission lines. According to fault boundary conditions, the amplitude and phase characteristics of four-summing and double-differential sequences of fault current is studied under conditions of different types of fault. Through the analysis of the relationship of terminal current and fault current, a novel methodology for fault line detection of four parallel transmission line on the same tower is put forward, which can pick out the fault lines no matter the fault occurs in single line or cross double lines. Simulation results validate that the methodology is correct and reliable under conditions of different load currents, transient resistances and fault locations.

• Journal of Advanced Navigation Technology
• /
• v.16 no.3
• /
• pp.510-517
• /
• 2012

Piccolo-80 is a 64-bit ultra-light block cipher suitable for the constrained environments such as wireless sensor network environments. In this paper, we propose a differential fault analysis on Piccolo-80. Based on a random byte fault model, our attack can the secret key of Piccolo-80 by using the exhaustive search of $2^{24}$ and six random byte fault injections on average. It can be simulated on a general PC within a few seconds. This result is the first known side-channel attack result on Piccolo-80.

• Journal of Advanced Navigation Technology
• /
• v.16 no.5
• /
• pp.871-878
• /
• 2012

LBlock is a 64-bit ultra-light block cipher suitable for the constrained environments such as wireless sensor network environments. In this paper, we propose a differential fault analysis on LBlock. Based on a random nibble fault model, our attack can recover the secret key of LBlock by using the exhaustive search of $2^{25}$ and five random nibble fault injection on average. It can be simulated on a general PC within a few seconds. This result is superior to known differential fault analytic result on LBlock.

• ETRI Journal
• /
• v.33 no.3
• /
• pp.434-442
• /
• 2011

This paper presents a practical differential fault analysis method for the faulty Advanced Encryption Standard (AES) with a reduced round by means of a semi-invasive fault injection. To verify our proposal, we implement the AES software on the ATmega128 microcontroller as recommended in the standard document FIPS 197. We reduce the number of rounds using a laser beam injection in the experiment. To deduce the initial round key, we perform an exhaustive search for possible key bytes associated with faulty ciphertexts. Based on the simulation result, our proposal extracts the AES 128-bit secret key in less than 10 hours with 10 pairs of plaintext and faulty ciphertext.

• KIEE International Transactions on Power Engineering
• /
• v.4A no.3
• /
• pp.146-151
• /
• 2004

The most widely used primary protection for the internal fault detection of the power transformer is current ratio differential relaying (CRDR) with harmonic restraint. However, the second harmonic component could be decreased by magnetizing inrush when there have been changes to the material of the iron core or its design methodology. The higher the capacitance of the high voltage status and underground distribution, the more the differential current includes the second harmonic during the occurrence of an internal fault. Therefore, the conventional second harmonic restraint CRDR must be modified. This paper proposes a numerical algorithm for enhanced power transformer protection. This algorithm enables a clear distinction regarding internal faults as well as magnetizing inrush and steady state. It does this by analyzing the RMS fluctuation of terminal voltage, instantaneous value of the differential current, RMS changes, harmonic component analysis of differential current, and analysis of flux-differential slope characteristics. Based on the results of testing with WatATP99 simulation data, the proposed algorithm demonstrated more rapid and reliable performance.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.5
• /
• pp.167-174
• /
• 2009

Recently, Li et al. proposed a new differential fault analysis(DFA) attack on the block cipher ARIA using about 45 ciphertexts. In this paper, we apply their DFA skill on AES and improve attack method and its analysis. The basic idea of our DFA method is that we recover intermediate ciphertexts in last round using final faulty ciphertexts and find out last round secret key. In addition, we present detail DFA procedure on AES and analysis of complexity. Furthermore computer simulation result shows that we can recover its 128-bit secret key by introducing a correct ciphertext and 2 faulty ciphertexts.

• Journal of Advanced Navigation Technology
• /
• v.17 no.5
• /
• pp.568-573
• /
• 2013

In this paper, we propose a differential fault analysis on symmetry structured SPN block cipher proposed in 2008. The target algorithm has the SPN structure and a symmetric structure in encryption and decryption process. To recover the 128-bit secret key of the target algorithm, this attack requires only one random byte fault and an exhaustive search of $2^8$. This is the first known cryptanalytic result on the target algorithm.