Vis enkel innførsel

dc.contributor.authorHojsík, Michaleng
dc.contributor.authorRudolf, Bohuslaveng
dc.date.accessioned2013-05-08T08:14:44Z
dc.date.available2013-05-08T08:14:44Z
dc.date.issued2008eng
dc.PublishedIn: Nyberg, K., Fast Software Encryption: 15th International Workshop, FSE 2008, Lausanne, Switzerland, February 10-13, 2008, Revised Selected Papers: 158-172eng
dc.identifier.isbn978-3-540-71039-4en_US
dc.identifier.issn0302-9743en_US
dc.identifier.urihttps://hdl.handle.net/1956/6590
dc.description.abstractTrivium is a hardware-oriented stream cipher designed in 2005 by de Canni`ere and Preneel for the European project eStream, and it has successfully passed the first and the second phase of this project. Its design has a simple and elegant structure. Although Trivium has attached a lot of interest, it remains unbroken. In this paper we present differential fault analysis of Trivium and propose two attacks on Trivium using fault injection.We suppose that an attacker can corrupt exactly one random bit of the inner state and that he can do this many times for the same inner state. This can be achieved e.g. in the CCA scenario. During experimental simulations, having inserted 43 faults at random positions, we were able to disclose the trivium inner state and afterwards the private key. As far as we know, this is the first time differential fault analysis is applied to a stream cipher based on shift register with non-linear feedback.en_US
dc.language.isoengeng
dc.publisherSpringer Berlin Heidelbergen_US
dc.relation.ispartofseriesLecture Notes in Computer Science; 5086eng
dc.subjectDifferential fault analysiseng
dc.subjectTrivium stream ciphereng
dc.subjectFault injectioneng
dc.titleDifferential Fault Analysis of Triviumen_US
dc.typeChapter
dc.typePeer reviewed
dc.description.versionacceptedVersionen_US
dc.rights.holderCopyright International Association for Cryptologic Research 2008en_US
dc.identifier.doihttps://doi.org/10.1007/978-3-540-71039-4_10
dc.identifier.cristin451095


Tilhørende fil(er)

Thumbnail

Denne innførselen finnes i følgende samling(er)

Vis enkel innførsel