Paper 2020/597

Bitstream Modification of Trivium

Kalle Ngo, Elena Dubrova, and Michail Moraitis

Abstract

In this paper we present a bitstream modification attack on the Trivium cipher, an international standard under ISO/IEC 29192-3. By changing the content of three LUTs in the bitstream, we reduce the non-linear state updating function of Trivium to a linear one. This makes it possible to recover the key from 288 keystream bits using at most $2^{19.41}$ operations. We also propose a countermeasure against bitstream modification attacks which obfuscates the bitstream using dummy and camouflaged LUTs which look legitimate to the attacker. We present an algorithm for injecting dummy LUTs directly into the bitstream without causing any performance or power penalty.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
FPGAreverse engineeringbitstream modificationfault injectionstream cipherTrivium
Contact author(s)
kngo @ kth se
dubrova @ kth se
micmor @ kth se
History
2020-05-22: received
Short URL
https://ia.cr/2020/597
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2020/597,
      author = {Kalle Ngo and Elena Dubrova and Michail Moraitis},
      title = {Bitstream Modification of Trivium},
      howpublished = {Cryptology ePrint Archive, Paper 2020/597},
      year = {2020},
      note = {\url{https://eprint.iacr.org/2020/597}},
      url = {https://eprint.iacr.org/2020/597}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.