For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
Access-Driven Cache Attack on the Stream Cipher DICING Using the Chosen IV
Yukiyasu TSUNOO Takeshi KAWABATA Tomoyasu SUZAKI Hiroyasu KUBO Teruo SAITO
IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences
Publication Date: 2010/04/01
Online ISSN: 1745-1337
Print ISSN: 0916-8508
Type of Manuscript: PAPER
Category: Cryptography and Information Security
eSTREAM, stream cipher, DICING, cache attacks,
Full Text: PDF(338.6KB)>>
A cache attack against DICING is presented. Cache attacks use CPU cache miss and hit information as side-channel information. DICING is a stream cipher that was proposed at eSTREAM. No effective attack on DICING has been reported before. Because DICING uses a key-dependent S-box and there is no key addition before the first S-box layer, a conventional cache attack is considered to be difficult. We therefore investigated an access-driven cache attack that employs the special features of transformation L to give the chosen IV. We also investigated reduction of the computational complexity required to obtain the secret key from the information gained in the cache attack. We were able to obtain a 40-bit key differential given a total of 218 chosen IVs on a Pentium III processor. From the obtained key differential, the 128-bit secret key could be recovered with computational complexity of from 249 to 263. This result shows that the new cache attack, which is based on a different attack model, is also applicable in an actual environment.