Round Addition Using Faults for Generalized Feistel Network

Hideki YOSHIKAWA  Masahiro KAMINAGA  Arimitsu SHIKODA  

IEICE TRANSACTIONS on Information and Systems   Vol.E96-D   No.1   pp.146-150
Publication Date: 2013/01/01
Online ISSN: 1745-1361
DOI: 10.1587/transinf.E96.D.146
Print ISSN: 0916-8532
Type of Manuscript: LETTER
Category: Dependable Computing
differential fault analysis (DFA),  round addition,  block cipher,  generalized Feistel network (GFN),  DES,  CLEFIA,  RC6,  

Full Text: PDF(556.9KB)>>
Buy this Article

This article presents a differential fault analysis (DFA) technique using round addition for a generalized Feistel network (GFN) including CLEFIA and RC6. Here the term “round addition” means that the round operation executes twice using the same round key. The proposed DFA needs bypassing of an operation to count the number of rounds such as increment or decrement. To verify the feasibility of our proposal, we implement several operations, including increment and decrement, on a microcontroller and experimentally confirm the operation bypassing. The proposed round addition technique works effectively for the generalized Feistel network with a partial whitening operation after the last round. In the case of a 128-bit CLEFIA, we show a procedure to reconstruct the round keys or a secret key using one correct ciphertext and two faulty ciphertexts. Our DFA also works for DES and RC6.