Differential Fault Analysis (DFA) is a well known cryptanalytic technique that exploits faulty outputs of an encryption device. Despite its popularity and similarity with the classical (DA), thorough analysis explaining DFA from designer’s point-of-view missing in literature. To best our knowledge, no immune block cipher at algorithmic level has been proposed so far. Furthermore, all countermea...

We formally introduce the concept of related-cipher attack. In this paper, we consider the related ciphers as block ciphers with the same round function but with different round numbers. If their key schedules do not depend on the total round number, then related-cipher attack could be applied if the same key is used. We applied this attack to block cipher SQUARE and show that SQUARE is vulnera...

The mere number of various apparently different statistical attacks on block ciphers has raised the question about their relationships which would allow to classify them and determine those that give essentially complementary information about the security of block ciphers. While mathematical links between some statistical attacks have been derived in the last couple of years, the important lin...

Large weak key classes of IDEA are found for which membership is tested with a differential-linear test while encrypting with a single key. In particular, one in every 2'' keys for 8.5-round IDEA is weak. A related-key differential-linear attack on 4-round IDEA is presented which is successful for all keys. Large weak key classes are found for 4.5to 6.5-round and 8-round IDEA for which membersh...

Due to implementation constraints the XOR operation is widely used in order to combine plaintext and key bit-strings in secretkey block ciphers. This choice directly induces the classical version of the differential attack by the use of XOR-kind differences. While very natural, there are many alternatives to the XOR. Each of them inducing a new form for its corresponding differential attack (us...

In this paper, we have suggested rectifications in differential cryptanalysis of ultra-lightweight block cipher PRESENT reduced to 16 rounds. We have shown that proposed differential attack by Wang [3] on 16 round PRESENT can recover at the most 30 subkey bits, although the author has claimed to recover 32 bits of subkey for last two rounds. We have also computed data complexity and success pro...

Wave dynamic differential logic combined with differential routing is a working, practical technique to thwart side-channel power attacks. Measurement-based experimental results show that a differential power analysis attack on a prototype IC, fabricated in 0.18μm CMOS, does not disclose the entire secret key of the AES algorithm at 1,500,000 measurement acquisitions. This makes the attack de f...

MIFARE Classic is the most widely used contactless smart card in the world. It implements a proprietary symmetric-key mutual authentication protocol with a dedicated reader and a proprietary stream cipher algorithm known as CRYPTO1, both of which have been reverse engineered. The existing attacks in various scenarios proposed in the literature demonstrate that MIFARE Classic does not offer the ...

In this paper we present a differential attack on the block cipher PP-1 which was designed at Poznan University of Technology. Complexity of the attack is smaller than that of brute force attack for every version of the cipher (for every block length). The attack is possible is spite of the fact that the S-box exhibits optimal security against the differential cryptanalysis. The attack is based...

This paper describes impossible differential (ID) attacks on an AES variant designed by Venkaiah et al.. They claim that their cipher has improved resistance to ID attacks due to a new MixColumns matrix with a branch number 4, which is smaller than that of the original AES. We argue against this statement. The contributions of this paper include ID distinguishers for Venkaiah et al.’s cipher, a...