Differential Fault Analysis of the BipBip Block Cipher

Mokhtari, Narges; Vafaei, Navid; Sadeghi, Sadegh; Bagheri, Nasour

doi:10.22042/isecure.2025.217885

Differential Fault Analysis of the BipBip Block Cipher

Document Type : Research Article

Authors

Narges Mokhtari ¹

Navid Vafaei ¹

Sadegh Sadeghi ²

Nasour Bagheri ¹^{, 3}

¹ CPS2 Lab, Department of Communication, Faculty of Electrical Engineering, Shahid Rajaee Teacher Training University, Tehran, Iran

² Department of Mathematics, Institute for Advanced Studies in Basic Sciences (IASBS), Zanjan, Iran

³ School of Computer Science, Institute for Research in Fundamental Sciences (IPM), Tehran, Iran

https://doi.org/10.22042/isecure.2025.217885

Abstract

Differential Fault Analysis (DFA) represents one of the most effective physical attacks against cryptographic algorithms. It exploits the implementation weaknesses by injecting faults. DFA is a cryptographic technique in which an attacker intentionally injects errors into a cryptographic system and leverages the differences caused by these deliberate faults while executing cryptographic algorithms. The attacker can gain insights into the cryptographic operations by comparing the correct and faulty ciphertexts. This research applies DFA to BipBip, an ultra-low-latency tweakable block cipher characterized by a 24-bit tweakable block and a 256-bit master key. Our primary assumption is that the tweak remains fixed within BipBip. This study’s findings reveal that the structural design of the BipBip block cipher is susceptible to differential fault analysis. We demonstrate a significant vulnerability by injecting a precise number of 30 random faults into different states of BipBip. Through an exhaustive search process, we successfully retrieved the master key. Furthermore, this research marks the first application of differential fault analysis in identifying implementation weaknesses within BipBip, highlighting a critical security concern.

Keywords

Differential Fault Analysis

BipBip

Implementation of Fault

[1] Dan Boneh, Richard A. DeMillo, and Richard J.Lipton. On the importance of checking cryptographic protocols for faults (extended abstract). In Walter Fumy, editor, Advances in Cryptology - EUROCRYPT ’97, volume 1233 of Lecture Notes in Computer Science, pages 37–51. Springer, 1997.
[2] Eli Biham and Adi Shamir. Differential fault analysis of secret key cryptosystems. In Burton S. Kaliski Jr., editor, Advances in Cryptology- CRYPTO ’97, volume 1294 of Lecture Notes in Computer Science, pages 513–525. Springer, 1997.
[3] Wei Cheng, Yongbin Zhou, and Laurent Sauvage. Differential fault analysis on midori. In Information and Communications Security, pages 307–317. Springer, 2016.
[4] Nasour Bagheri, Reza Ebrahimpour, and Navid Ghaedi. New differential fault analysis on present. EURASIP Journal on Advances in Signal Processing, 2013(1):1–10, 2013.
[5] Navid Vafaei, Maryam Porkar, Hamed Ramzanipour, and Nasour Bagheri. Practical differential fault analysis on skinny. ISeCure, 14(3), 2022.
[6] Hamed Ramzanipour, Navid Vafaei, and Nasour Bagheri. Practical differential fault analysis on craft, a lightweight block cipher. ISeCure, 14(3), 2022.
[7] Navid Vafaei, Nasour Bagheri, Sayandeep Saha, and Debdeep Mukhopadhyay. Differential fault attack on skinny block cipher. In International Conference on Security, Privacy, and Applied Cryptography Engineering, pages 177–197. Springer, 2018.
[8] Fan Zhang, Xiaoxuan Lou, Xinjie Zhao, Shivam Bhasin, Wei He, Ruyi Ding, Samiya Qureshi, and Kui Ren. Persistent fault analysis on block ciphers. IACR Trans. Cryptogr. Hardw. Embed. Syst., 2018(3):150–172, 2018.
[9] Hadi Soleimany, Nasour Bagheri, Hosein Hadipour, Prasanna Ravi, Shivam Bhasin, and Sara Mansouri. Practical multiple persistent faults analysis. IACR Trans. Cryptogr. Hardw. Embed. Syst., 2022(1):367–390, 2022.
[10] Nasour Bagheri, Sadegh Sadeghi, Prasanna Ravi, Shivam Bhasin, and Hadi Soleimany. SIPFA: statistical ineffective persistent faults analysis on feistel ciphers. IACR Trans. Cryptogr. Hardw. Embed. Syst., 2022(3):367–390, 2022.
[11] Christoph Dobraunig, Maria Eichlseder, Thomas Korak, Victor Lomn´e, and Florian Mendel. Statistical fault attacks on nonce-based authenticated encryption schemes. In Advances in Cryptology–ASIACRYPT 2016: 22nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, Vietnam, December 4-8, 2016, Proceedings, Part I 22, pages 369–395. Springer, 2016.
[12] Thomas Fuhr, Eliane Jaulmes, Victor Lomn´e, and Adrian Thillard. Fault attacks on aes with faulty ciphertexts only. In 2013 Workshop on Fault Diagnosis and Tolerance in Cryptography, pages 108–118. IEEE, 2013.
[13] Christoph Dobraunig, Maria Eichlseder, Thomas Korak, Stefan Mangard, Florian Mendel, and Robert Primas. Sifa: exploiting ineffective fault inductions on symmetric cryptography. IACR Transactions on Cryptographic Hardware and
Embedded Systems, pages 547–572, 2018.
[14] Navid Vafaei, Sara Zarei, Nasour Bagheri, Maria Eichlseder, Robert Primas, and Hadi Soleimany. Statistical effective fault attacks: The other side of the coin. IEEE Transactions on Information Forensics and Security, 2022.
[15] Roman Korkikian, Sylvain Pelissier, and David Naccache. Blind fault attack against spn ciphers. In Fault Diagnosis and Tolerance in Cryptography (FDTC), 2014 Workshop on, pages 94–103. IEEE, 2014.
[16] Navid Vafaei, Hadi Soleimany, and Nasour Bagheri. Exploiting statistical effective fault attack in a blind setting. IET Information Security, 17(4):639–646, 2023.

[17] Yanis Belkheyar, Joan Daemen, Christoph Dobraunig, Santosh Ghosh, and Shahram Rasoolzadeh. Bipbip: A lowlatency tweakable block cipher with small dimensions. IACR Transactions on Cryptographic Hardware and Embedded Systems, pages 326–368, 2023.
[18] Jinliang Wang, Christina Boura, Patrick Derbez, Kai Hu, Muzhou Li, and Meiqin Wang. Cryptanalysis of full-round bipbip. IACR Transactions on Symmetric Cryptology, 2024(2):68–84, 2024.
[19] Orr Dunkelman and Senyang Huang. Reconstructing an s-box from its difference distribution table. IACR Transactions on Symmetric Cryptology, pages 193–217, 2019.