About

Log in?

DTU users get better search results including licensed content and discounts on order fees.

Anyone can log in and get personalized features such as favorites, tags and feeds.

Log in as DTU user Log in as non-DTU user No thanks

DTU Findit
Boolean: (bicycle AND helmet) OR (head AND protection) (always group AND in parenthesis)
Title: title:(climate change)
Author: author:("bohr niels" OR "bohr n") (avoid only full first name)
Phrase: "water pump control" (does not work with wildcards)
Wildcards: wom?n pharm*

More help on how to search

Flexible matching

About search syntax

Search syntax Advanced
Close advanced
{{problem}}
By field Using AND/OR By author
This tool can help you build boolean queries suitable for doing a broad search for different synonyms or spellings of each word. Start via the drop-down below or just start typing in the search field.
{{ row.typeTitle }}: ( )

Since our index often lack the full first name of people it can be difficult to correctly search by author.

Fill in the fields and let us help you build a good query:

If you need to find everything possible, consider only searching by last name.

Use "Starting year" to ignore publications out of year range.

More...

Conference paper

Cryptanalysis of Two Fault Countermeasure Schemes

By Banik, Subhadeep1,2; Bogdanov, Andrey1,2

Edited by Biryukov, Alex; Goyal, Vipul

From

Cryptology, Department of Applied Mathematics and Computer Science, Technical University of Denmark1

Department of Applied Mathematics and Computer Science, Technical University of Denmark2

In this paper, we look at two fault countermeasure schemes proposed very recently in literature. The first proposed in ACISP 2015 constructs a transformation function using a cellular automata based linear diffusion, and a non-linear layer using a series of bent functions. This countermeasure is meant for the protection of block ciphers like AES.

The second countermeasure was proposed in IEEE-HOST 2015 and protects the Grain-128 stream cipher. The design divides the output function used in Grain-128 into two components. The first called the masking function, masks the input bits to the output function with some additional randomness and computes the value of the function.

The second called the unmasking function, is computed securely using a different register and undoes the effect of the masking with random bits. We will show that there exists a weakness in the way in which both these schemes use the internally generated random bits which make these designs vulnerable.

We will outline attacks that cryptanalyze the above schemes using 66 and 512 faults respectively.

Language: English
Year: 2015
Pages: 241-252
Proceedings: 16th International Conference on Cryptology in IndiaInternational Conference in Cryptology in India
Series: Lecture Notes in Computer Science
Journal subtitle: Proceedings of the 16th International Conference on Cryptology in India
ISBN: 3319266160 , 3319266179 , 9783319266169 and 9783319266176
ISSN: 03029743
Types: Conference paper
DOI: 10.1007/978-3-319-26617-6_13
ORCIDs: Banik, Subhadeep and Bogdanov, Andrey
Keywords

AES Fault analysis Grain-128 Infective countermeasures

DTU users get better search results including licensed content and discounts on order fees.

Log in as DTU user

Access

Analysis