Document Type : Research Article


Electrical Engineering Department, Shahid Rajaee Teacher Training University, Tehran, Iran.


Differential fault analysis, a kind of active non-invasive attack, is an effective way of analyzing cryptographic primitives that have lately earned more attention. In this study, we apply this attack on CRAFT, a recently proposed lightweight tweakable block cipher, supported by simulation and experimental results. This cipher accepts a 64-bit Tweak, a 64-bit plaintext, and a 128-bit key to produce a 64-bit ciphertext. We assume that the target implementation of CRAFT does not use countermeasures in this paper. The considered fault model in the initial phase of this paper is a single-bit, but random nibble-injected fault, where we first present the fault injection attack as a simulation and then report on how to retrieve the round sub-keys. Next, we use frequency glitch as a fault injection technique in the experimental phase. This part aims to produce a single fault at a nibble in a specific round of the CRAFT. Following our statistical analysis and according to the simulation findings, we can reduce the key space to 30.28 and 24.37 bits, respectively, by using 4 and 5 faults. The experimental section also identifies the location of random faults injected by the hardware mechanism.


[1] Raphael Spreitzer, Veelasha Moonsamy, Thomas Korak, and Stefan Mangard. Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices. IEEE Communications Surveys & Tutorials, 20(1):465–488, 2017.
[2] Dan Boneh, Richard A DeMillo, and Richard J Lipton. On the Importance of Checking Cryptographic Protocols for Faults. In International conference on the theory and applications of cryptographic techniques, pages 37–51. Springer, 1997.
[3] Sho Endo, Takeshi Sugawara, Naofumi Homma, Takafumi Aoki, and Akashi Satoh. An on-chip glitchy-clock generator for testing fault injection attacks. Journal of Cryptographic Engineering, 1(4):265, 2011.
[4] Anubhab Baksi, Shivam Bhasin, Jakub Breier, Dirmanto Jap, and Dhiman Saha. Fault Attacks In Symmetric Key Cryptosystems. IACR Cryptol. ePrint Arch., 2020:1267, 2020.
[5] Eli Biham and Adi Shamir. Differential fault analysis of secret key cryptosystems. In Burton S. Kaliski Jr., editor, Advances in Cryptology - CRYPTO ’97, volume 1294 of Lecture Notes in Computer Science, pages 513–525. Springer, 1997.
[6] Nahid Farhady Ghalaty, Bilgiday Yuce, Mostafa Taha, and Patrick Schaumont. Differential Fault Intensity Analysis. In 2014 Workshop on Fault Diagnosis and Tolerance in Cryptography, pages 49–58. IEEE, 2014.
[7] Christoph Dobraunig, Maria Eichlseder, Thomas Korak, Stefan Mangard, Florian Mendel, and Robert Primas. SIFA: exploiting Ineffective Fault Inductions on Symmetric Cryptography. IACR Trans. Cryptogr. Hardw. Embed. Syst., 2018(3):547–572, 2018.
[8] Navid Vafaei, Sara Zarei, Nasour Bagheri, Maria Eichlseder, Robert Primas, and Hadi Soleimany. Statistical Effective Fault Fttacks: The other Side of the Coin. IEEE Transactions on Information Forensics and Security, 2022.
[9] Fan Zhang, Xiaoxuan Lou, Xinjie Zhao, Shivam Bhasin, Wei He, Ruyi Ding, Samiya Qureshi, and Kui Ren. Persistent fault analysis on block ciphers. IACR Trans. Cryptogr. Hardw. Embed. Syst., 2018(3):150–172, 2018.
[10] Hadi Soleimany, Nasour Bagheri, Hosein Hadipour, Prasanna Ravi, Shivam Bhasin, and Sara Mansouri. Practical multiple persistent faults analysis. IACR Trans. Cryptogr. Hardw. Embed. Syst., 2022(1):367–390, 2022.
[11] Nasour Bagheri, Sadegh Sadeghi, Prasanna Ravi, Shivam Bhasin, and Hadi Soleimany. SIPFA: statistical ineffective persistent faults analysis on feistel ciphers. IACR Trans. Cryptogr. Hardw. Embed. Syst., 2022(3):367–390, 2022.
[12] Sk Subidh Ali and Debdeep Mukhopadhyay. A Differential Fault Analysis on AES Key Schedule Using Single Fault. In 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography, pages 35–42. IEEE, 2011.
[13] Junko Takahashi and Toshinori Fukunaga. Fault Analysis on SIMON Family of Lightweight Block Ciphers. In International Conference on Information Security and Cryptology, pages 175–189. Springer, 2014.
[14] Banashri Karmakar and Dhiman Saha. PRINCE under Differential Fault Attack: Now in 3D. In Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security, pages 81–91, 2020.
[15] Nasour Bagheri, Reza Ebrahimpour, and Navid Ghaedi. New differential fault analysis on PRESENT. EURASIP Journal on Advances in Signal Processing, 2013(1):1–10, 2013.
[16] Navid Vafaei, Nasour Bagheri, Sayandeep Saha, and Debdeep Mukhopadhyay. Differential Fault Attack on SKINNY Block Cipher. In International Conference on Security, Privacy, and Applied Cryptography Engineering, pages 177–197. Springer, 2018.
[17] S Ehsan Hosiny Nezhad, Masoumeh Safkhani, and Nasour Bagheri. Relaxed Differential Fault Analysis of SHA-3. The ISC International Journal of Information Security, 11(2):129–143, 2019.
[18] Navid Vafaei, Sayandeep Saha, Nasour Bagheri, and Debdeep Mukhopadhyay. Fault Attack on SKINNY Cipher. Journal of Hardware and Systems Security, 4(4):277–296, 2020.
[19] Christof Beierle, Gregor Leander, Amir Moradi, and Shahram Rasoolzadeh. CRAFT: Lightweight Tweakable Block Cipher with Efficient Protection Against DFA Attacks. IACR Transactions on Symmetric Cryptology, 2019(1):5–45, 2019.
[20] Anita Aghaie, Amir Moradi, Shahram Rasoolzadeh, Aein Rezaei Shahmirzadi, Falk Schellenberg, and Tobias Schneider. Impeccable Circuits. IEEE Transactions on Computers, 69(3):361–376, 2019.
[21] Aein Rezaei Shahmirzadi, Shahram Rasoolzadeh, and Amir Moradi. Impeccable Circuits II. In 2020 57th ACM/IEEE Design Automation Conference (DAC), pages 1–6. IEEE, 2020.
[22] Shahram Rasoolzadeh, Aein Rezaei Shahmirzadi, and Amir Moradi. Impeccable Circuits III. In 2021 IEEE International Test Conference (ITC), pages 163–169. IEEE, 2021.
[23] Hosein Hadipour, Sadegh Sadeghi, Majid M. Niknam, Ling Song, and Nasour Bagheri. Comprehensive Security Analysis of CRAFT. IACR Trans. Symmetric Cryptol., 2019(4):290–317, 2019.
[24] Hosein Hadipour, Nasour Bagheri, and Ling Song. Improved Rectangle Attacks on SKINNY and CRAFT. IACR Transactions on Symmetric Cryptology, pages 140–198, 2021.
[25] Muhammad ElSheikh and Amr M Youssef. Related-Key Differential Cryptanalysis of Full Round CRAFT. In International Conference on Security, Privacy, and Applied Cryptography Engineering, pages 50–66. Springer, 2019.
[26] Victor Arribas, Felix Wegener, Amir Moradi, and Svetla Nikova. Cryptographic Fault Diagnosis using verFI. In 2020 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pages 229–240. IEEE, 2020.
[27] Xinjie Zhao, Shize Guo, Tao Wang, Fan Zhang, and Zhijie Shi. Fault-propagate pattern based DFA on PRESENT and PRINTcipher. Wuhan University Journal of Natural Sciences, 17(6):485– 493, 2012.
[28] Xiaofei Guo, Debdeep Mukhopadhyay, Chenglu Jin, and Ramesh Karri. Security analysis of concurrent error detection against differential fault analysis. Journal of Cryptographic Engineering, 5(3):153–169, 2015.