Affiliation of Author(s):计算机科学与技术学院/人工智能学院/软件学院
Journal:Lect. Notes Comput. Sci.
Abstract:PAEQ is an AES-based authenticated encryption proposed by Biryukov and Khovratovich in 2014, which stays in the CAESAR competition until the second round. In CHES 2016, Dhiman Saha and Dipanwita Roy Chowdhury first discussed the differential fault analysis to PAEQ. Their work shows that the nonce used in PAEQ that is usually considered as a natural DFA countermeasure can be overcome by carefully constructing the encryption message and injecting two faults. This work presents a fully optimized DFA attack on PAEQ-128 with regard to the key recovery process. We apply the information theoretical analysis and the DFA techniques for AES into the DFA key recovery on PAEQ-128. As a result, without changing the attack assumption, the key recovery complexity is reduced from 250 to 224 for PAEQ-128. The successful key recovery together with its computational complexity have been verified with the key recovery simulations. © 2019, Springer Nature Switzerland AG.
ISSN No.:0302-9743
Translation or Not:no
Date of Publication:2019-01-01
Co-author:Wang, Ruyan,Meng, Xiaohan,Li, Yang
Correspondence Author:wj