Get access

Meet-in-the-middle fault analysis on word-oriented substitution-permutation network block ciphers

Authors

  • Zhiqiang Liu,

    Corresponding author
    1. Department of Computer Science and Engineering, Shanghai Jiao Tong University, Shanghai, China
    2. ESAT/COSIC and IBBT, Katholieke Universiteit Leuven, Leuven, Belgium
    • Correspondence: Zhiqiang Liu, Department of Computer Science and Engineering, Shanghai Jiao Tong University, Shanghai 200240, China.

      E-mail: ilu_zq@sjtu.edu.cn

    Search for more papers by this author
  • Ya Liu,

    1. Department of Computer Science and Engineering, University of Shanghai for Science and Technology, Shanghai, China
    Search for more papers by this author
  • Qingju Wang,

    1. Department of Computer Science and Engineering, Shanghai Jiao Tong University, Shanghai, China
    2. ESAT/COSIC and IBBT, Katholieke Universiteit Leuven, Leuven, Belgium
    Search for more papers by this author
  • Dawu Gu,

    1. Department of Computer Science and Engineering, Shanghai Jiao Tong University, Shanghai, China
    Search for more papers by this author
  • Wei Li

    1. School of Computer Science and Technology, Donghua University, Shanghai, China
    Search for more papers by this author

Abstract

Meet-in-the-Middle (MitM) fault analysis is a kind of powerful cryptanalytic approach suitable for various block ciphers. When applying the method to analyze the security of block ciphers, it is very crucial to find effective MitM characteristics based on some fault models. In this paper, we investigate the security of word-oriented substitution-permutation network (SPN) block ciphers by means of MitM fault analysis and observe that if the diffusion layers of the ciphers have some special properties, it is easy to derive effective MitM characteristics under the condition of single-word fault model, which can lead to efficient fault attacks on the ciphers. In order to demonstrate the effectiveness of our observation, we apply it to ARIA and AES and obtain some effective MitM characteristics, respectively; then, we present efficient MitM fault attacks on the ciphers in terms of these characteristics. It is expected that our work could be helpful in evaluating the security of word-oriented SPN block ciphers against fault attack. We also hope that this work could be beneficial to the design strategy of diffusion layers of block ciphers. Copyright © 2014 John Wiley & Sons, Ltd.

Ancillary