International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Further Improved Differential Fault Analysis on Camellia by Exploring Fault Width and Depth

Authors:
Xin-jie Zhao
Tao Wang
Download:
URL: http://eprint.iacr.org/2010/026
Search ePrint
Search Google
Abstract: In this paper, we present two further improved differential fault analysis methods on Camellia by exploring fault width and depth. Our first method broadens the fault width of previous Camellia attacks, injects multiple byte faults into the rth round left register to recover multiple bytes of the rth round equivalent key, and obtains Camellia-128,192/256 key with at least 8 and 12 faulty ciphertexts respectively; our second method extends fault depth of previous Camellia attacks, injects one byte fault into the r-2th round left register to recover full 8 bytes of the rth round equivalent key, 5-6 bytes of the r-1th round equivalent key, 1 byte of the r-2th round equivalent key, and obtains Camellia-128,192/256 key with 4 and 6 faulty ciphertexts respectively. Simulation experiments demonstrate: due to its reversible permutation function, Camellia is vulnerable to multiple bytes fault attack, the attack efficiency is increased with fault width, this feature greatly improves fault attack’s practicalities; and due to its Feistel structure, Camellia is also vulnerable to deep single byte fault attack, 4 and 6 faulty ciphertexts are enough to reduce Camellia-128 and Camellia-192/256 key hypotheses to 222.2 and 231.8 respectively.
BibTeX
@misc{eprint-2010-22927,
  title={Further Improved Differential Fault Analysis on Camellia by Exploring Fault Width and Depth},
  booktitle={IACR Eprint archive},
  keywords={Differential fault analysis, Feistel structure, SPN structure, Camellia, Block cipher, Fault width and depth},
  url={http://eprint.iacr.org/2010/026},
  note={ zhaoxinjieem@163.com 14751 received 17 Jan 2010, last revised 22 May 2010},
  author={Xin-jie Zhao and Tao Wang},
  year=2010
}