Improved Fault Analysis on Subterranean 2.0
Subterranean 2.0, a NIST second round lightweight cryptographic primitive, was introduced by Daemen et al. in 2020. It has three modes of operation: Subterranean-SAE, Subterranean- deck , and Subterranean-XOF. So far, most of the existing practical-time implementable attacks on Subterranean-SAE fall...
Gespeichert in:
| Veröffentlicht in: | IEEE transactions on computers 2024-06, Vol.73 (6), p.1631-1639 |
|---|---|
| Hauptverfasser: | , , , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 1639 |
|---|---|
| container_issue | 6 |
| container_start_page | 1631 |
| container_title | IEEE transactions on computers |
| container_volume | 73 |
| creator | Mondal, Sandip Kumar Dey, Prakash Roy, Himadry Sekhar Adhikari, Avishek Maitra, Subhamoy |
| description | Subterranean 2.0, a NIST second round lightweight cryptographic primitive, was introduced by Daemen et al. in 2020. It has three modes of operation: Subterranean-SAE, Subterranean- deck , and Subterranean-XOF. So far, most of the existing practical-time implementable attacks on Subterranean-SAE fall under the nonce misuse setting scenario. In this paper, we present significantly improved Differential Fault Analysis on Subterranean-SAE and Subterranean- deck . We consider a more challenging framework of unknown fault injection round, and achieve improved execution time as well as data complexity over the best known fault attack available in the literature. We utilize deep neural networks and also correlation coefficient for generation of signatures and matching them. Two general frameworks are proposed for fault location identification assuming that fault injection round is unknown. Finally, we use a SAT SAT solver to efficiently recover the embedded encryption key with no more than \mathbf{5} 5 distinct faults. Experimental results reveal that the total time (online phase) required to mount the attack on Subterranean-SAE (Subterranean- deck ) is 1234.6 (1334.6) seconds. |
| doi_str_mv | 10.1109/TC.2024.3371784 |
| format | Article |
| fullrecord | <record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_ieee_primary_10459055</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>10459055</ieee_id><sourcerecordid>3053297272</sourcerecordid><originalsourceid>FETCH-LOGICAL-c244t-de9dd3ad3c246c6abd87de872d233beee226a374dc3afac5920644a515211f123</originalsourceid><addsrcrecordid>eNpNkDFrwzAQhUVpoWnauUsHQ8di53QnWdYYTNMGAh3qzkKxZEhI7FSyC_n3dUiGTMfBe4-Pj7FnDhnnoGdVmSGgyIgUV4W4YRMupUq1lvktmwDwItUk4J49xLgFgBxBT9jbcn8I3Z93ycIOuz6Zt3Z3jJuYdG3yPax7H4JtvW0TzOCR3TV2F_3T5U7Zz-K9Kj_T1dfHspyv0hqF6FPntXNkHY1vXud27QrlfKHQIdHae4-YW1LC1WQbW0uNkAthJZfIecORpuz1vDuS_Q4-9mbbDWEEi4ZAEmqF6pSanVN16GIMvjGHsNnbcDQczMmIqUpzMmIuRsbGy7mxGSGu0kJqkJL-AZiaWl8</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>3053297272</pqid></control><display><type>article</type><title>Improved Fault Analysis on Subterranean 2.0</title><source>IEL</source><creator>Mondal, Sandip Kumar ; Dey, Prakash ; Roy, Himadry Sekhar ; Adhikari, Avishek ; Maitra, Subhamoy</creator><creatorcontrib>Mondal, Sandip Kumar ; Dey, Prakash ; Roy, Himadry Sekhar ; Adhikari, Avishek ; Maitra, Subhamoy</creatorcontrib><description><![CDATA[Subterranean 2.0, a NIST second round lightweight cryptographic primitive, was introduced by Daemen et al. in 2020. It has three modes of operation: Subterranean-SAE, Subterranean- deck , and Subterranean-XOF. So far, most of the existing practical-time implementable attacks on Subterranean-SAE fall under the nonce misuse setting scenario. In this paper, we present significantly improved Differential Fault Analysis on Subterranean-SAE and Subterranean- deck . We consider a more challenging framework of unknown fault injection round, and achieve improved execution time as well as data complexity over the best known fault attack available in the literature. We utilize deep neural networks and also correlation coefficient for generation of signatures and matching them. Two general frameworks are proposed for fault location identification assuming that fault injection round is unknown. Finally, we use a <inline-formula><tex-math notation="LaTeX">SAT</tex-math> <mml:math><mml:mi>S</mml:mi><mml:mi>A</mml:mi><mml:mi>T</mml:mi></mml:math><inline-graphic xlink:href="mondal-ieq1-3371784.gif"/> </inline-formula> solver to efficiently recover the embedded encryption key with no more than <inline-formula><tex-math notation="LaTeX">\mathbf{5}</tex-math> <mml:math><mml:mrow><mml:mn mathvariant="bold">5</mml:mn></mml:mrow></mml:math><inline-graphic xlink:href="mondal-ieq2-3371784.gif"/> </inline-formula> distinct faults. Experimental results reveal that the total time (online phase) required to mount the attack on Subterranean-SAE (Subterranean- deck ) is 1234.6 (1334.6) seconds.]]></description><identifier>ISSN: 0018-9340</identifier><identifier>EISSN: 1557-9956</identifier><identifier>DOI: 10.1109/TC.2024.3371784</identifier><identifier>CODEN: ITCOB4</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>Artificial neural networks ; Ciphers ; Computers ; Correlation coefficient ; Correlation coefficients ; Cryptography ; Decks ; Encryption ; Fault analysis ; Fault location ; neural network ; Registers ; signature ; Time complexity</subject><ispartof>IEEE transactions on computers, 2024-06, Vol.73 (6), p.1631-1639</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2024</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c244t-de9dd3ad3c246c6abd87de872d233beee226a374dc3afac5920644a515211f123</cites><orcidid>0000-0002-8348-7971 ; 0000-0002-7768-4629 ; 0009-0006-9400-8223 ; 0000-0001-6738-4166 ; 0000-0002-1910-8105</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/10459055$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,777,781,793,27905,27906,54739</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/10459055$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Mondal, Sandip Kumar</creatorcontrib><creatorcontrib>Dey, Prakash</creatorcontrib><creatorcontrib>Roy, Himadry Sekhar</creatorcontrib><creatorcontrib>Adhikari, Avishek</creatorcontrib><creatorcontrib>Maitra, Subhamoy</creatorcontrib><title>Improved Fault Analysis on Subterranean 2.0</title><title>IEEE transactions on computers</title><addtitle>TC</addtitle><description><![CDATA[Subterranean 2.0, a NIST second round lightweight cryptographic primitive, was introduced by Daemen et al. in 2020. It has three modes of operation: Subterranean-SAE, Subterranean- deck , and Subterranean-XOF. So far, most of the existing practical-time implementable attacks on Subterranean-SAE fall under the nonce misuse setting scenario. In this paper, we present significantly improved Differential Fault Analysis on Subterranean-SAE and Subterranean- deck . We consider a more challenging framework of unknown fault injection round, and achieve improved execution time as well as data complexity over the best known fault attack available in the literature. We utilize deep neural networks and also correlation coefficient for generation of signatures and matching them. Two general frameworks are proposed for fault location identification assuming that fault injection round is unknown. Finally, we use a <inline-formula><tex-math notation="LaTeX">SAT</tex-math> <mml:math><mml:mi>S</mml:mi><mml:mi>A</mml:mi><mml:mi>T</mml:mi></mml:math><inline-graphic xlink:href="mondal-ieq1-3371784.gif"/> </inline-formula> solver to efficiently recover the embedded encryption key with no more than <inline-formula><tex-math notation="LaTeX">\mathbf{5}</tex-math> <mml:math><mml:mrow><mml:mn mathvariant="bold">5</mml:mn></mml:mrow></mml:math><inline-graphic xlink:href="mondal-ieq2-3371784.gif"/> </inline-formula> distinct faults. Experimental results reveal that the total time (online phase) required to mount the attack on Subterranean-SAE (Subterranean- deck ) is 1234.6 (1334.6) seconds.]]></description><subject>Artificial neural networks</subject><subject>Ciphers</subject><subject>Computers</subject><subject>Correlation coefficient</subject><subject>Correlation coefficients</subject><subject>Cryptography</subject><subject>Decks</subject><subject>Encryption</subject><subject>Fault analysis</subject><subject>Fault location</subject><subject>neural network</subject><subject>Registers</subject><subject>signature</subject><subject>Time complexity</subject><issn>0018-9340</issn><issn>1557-9956</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNpNkDFrwzAQhUVpoWnauUsHQ8di53QnWdYYTNMGAh3qzkKxZEhI7FSyC_n3dUiGTMfBe4-Pj7FnDhnnoGdVmSGgyIgUV4W4YRMupUq1lvktmwDwItUk4J49xLgFgBxBT9jbcn8I3Z93ycIOuz6Zt3Z3jJuYdG3yPax7H4JtvW0TzOCR3TV2F_3T5U7Zz-K9Kj_T1dfHspyv0hqF6FPntXNkHY1vXud27QrlfKHQIdHae4-YW1LC1WQbW0uNkAthJZfIecORpuz1vDuS_Q4-9mbbDWEEi4ZAEmqF6pSanVN16GIMvjGHsNnbcDQczMmIqUpzMmIuRsbGy7mxGSGu0kJqkJL-AZiaWl8</recordid><startdate>20240601</startdate><enddate>20240601</enddate><creator>Mondal, Sandip Kumar</creator><creator>Dey, Prakash</creator><creator>Roy, Himadry Sekhar</creator><creator>Adhikari, Avishek</creator><creator>Maitra, Subhamoy</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0002-8348-7971</orcidid><orcidid>https://orcid.org/0000-0002-7768-4629</orcidid><orcidid>https://orcid.org/0009-0006-9400-8223</orcidid><orcidid>https://orcid.org/0000-0001-6738-4166</orcidid><orcidid>https://orcid.org/0000-0002-1910-8105</orcidid></search><sort><creationdate>20240601</creationdate><title>Improved Fault Analysis on Subterranean 2.0</title><author>Mondal, Sandip Kumar ; Dey, Prakash ; Roy, Himadry Sekhar ; Adhikari, Avishek ; Maitra, Subhamoy</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c244t-de9dd3ad3c246c6abd87de872d233beee226a374dc3afac5920644a515211f123</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Artificial neural networks</topic><topic>Ciphers</topic><topic>Computers</topic><topic>Correlation coefficient</topic><topic>Correlation coefficients</topic><topic>Cryptography</topic><topic>Decks</topic><topic>Encryption</topic><topic>Fault analysis</topic><topic>Fault location</topic><topic>neural network</topic><topic>Registers</topic><topic>signature</topic><topic>Time complexity</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Mondal, Sandip Kumar</creatorcontrib><creatorcontrib>Dey, Prakash</creatorcontrib><creatorcontrib>Roy, Himadry Sekhar</creatorcontrib><creatorcontrib>Adhikari, Avishek</creatorcontrib><creatorcontrib>Maitra, Subhamoy</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEL</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics & Communications Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE transactions on computers</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Mondal, Sandip Kumar</au><au>Dey, Prakash</au><au>Roy, Himadry Sekhar</au><au>Adhikari, Avishek</au><au>Maitra, Subhamoy</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Improved Fault Analysis on Subterranean 2.0</atitle><jtitle>IEEE transactions on computers</jtitle><stitle>TC</stitle><date>2024-06-01</date><risdate>2024</risdate><volume>73</volume><issue>6</issue><spage>1631</spage><epage>1639</epage><pages>1631-1639</pages><issn>0018-9340</issn><eissn>1557-9956</eissn><coden>ITCOB4</coden><abstract><![CDATA[Subterranean 2.0, a NIST second round lightweight cryptographic primitive, was introduced by Daemen et al. in 2020. It has three modes of operation: Subterranean-SAE, Subterranean- deck , and Subterranean-XOF. So far, most of the existing practical-time implementable attacks on Subterranean-SAE fall under the nonce misuse setting scenario. In this paper, we present significantly improved Differential Fault Analysis on Subterranean-SAE and Subterranean- deck . We consider a more challenging framework of unknown fault injection round, and achieve improved execution time as well as data complexity over the best known fault attack available in the literature. We utilize deep neural networks and also correlation coefficient for generation of signatures and matching them. Two general frameworks are proposed for fault location identification assuming that fault injection round is unknown. Finally, we use a <inline-formula><tex-math notation="LaTeX">SAT</tex-math> <mml:math><mml:mi>S</mml:mi><mml:mi>A</mml:mi><mml:mi>T</mml:mi></mml:math><inline-graphic xlink:href="mondal-ieq1-3371784.gif"/> </inline-formula> solver to efficiently recover the embedded encryption key with no more than <inline-formula><tex-math notation="LaTeX">\mathbf{5}</tex-math> <mml:math><mml:mrow><mml:mn mathvariant="bold">5</mml:mn></mml:mrow></mml:math><inline-graphic xlink:href="mondal-ieq2-3371784.gif"/> </inline-formula> distinct faults. Experimental results reveal that the total time (online phase) required to mount the attack on Subterranean-SAE (Subterranean- deck ) is 1234.6 (1334.6) seconds.]]></abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/TC.2024.3371784</doi><tpages>9</tpages><orcidid>https://orcid.org/0000-0002-8348-7971</orcidid><orcidid>https://orcid.org/0000-0002-7768-4629</orcidid><orcidid>https://orcid.org/0009-0006-9400-8223</orcidid><orcidid>https://orcid.org/0000-0001-6738-4166</orcidid><orcidid>https://orcid.org/0000-0002-1910-8105</orcidid></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | ISSN: 0018-9340 |
| ispartof | IEEE transactions on computers, 2024-06, Vol.73 (6), p.1631-1639 |
| issn | 0018-9340 1557-9956 |
| language | eng |
| recordid | cdi_ieee_primary_10459055 |
| source | IEL |
| subjects | Artificial neural networks Ciphers Computers Correlation coefficient Correlation coefficients Cryptography Decks Encryption Fault analysis Fault location neural network Registers signature Time complexity |
| title | Improved Fault Analysis on Subterranean 2.0 |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-17T13%3A44%3A23IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Improved%20Fault%20Analysis%20on%20Subterranean%202.0&rft.jtitle=IEEE%20transactions%20on%20computers&rft.au=Mondal,%20Sandip%20Kumar&rft.date=2024-06-01&rft.volume=73&rft.issue=6&rft.spage=1631&rft.epage=1639&rft.pages=1631-1639&rft.issn=0018-9340&rft.eissn=1557-9956&rft.coden=ITCOB4&rft_id=info:doi/10.1109/TC.2024.3371784&rft_dat=%3Cproquest_RIE%3E3053297272%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=3053297272&rft_id=info:pmid/&rft_ieee_id=10459055&rfr_iscdi=true |