A Combined Power and Fault Analysis Attack on Protected Grain Family of Stream Ciphers

Differential fault analysis of stream ciphers, such as Grain (Grain v1 and Grain-128) has been an active area of research. Several countermeasures to thwart such analysis have been also proposed in the related cryptographic literature. In this paper, we demonstrate a novel combination of power and fault analysis strategies to devise attacks against such protected implementations of Grain stream cipher. We considered clock glitch induced faults occurring in practice to construct our fault model. In addition, we developed a generic power analysis attack technique against the Grain family of stream ciphers assuming that the cipher implementation can be resynchronized multiple times with a fixed secret key and any randomly generated initialization vector. Subsequently, we combine our proposed power analysis strategy with the notion of the practically occurring faults to mount attacks on various fault attack countermeasures. In order to validate our proposed power analysis attack, we report the results of power trace classifications of a Grain v1 implementation on SASEBO-GII board. The captured power traces were analyzed using least squares support vector machine learning algorithm-based multiclass classifiers to segregate the power traces into the respective Hamming distance (HD) classes. To extract power samples with high information about HD classes, signal-to-noise ratio (SNR) metric was chosen for feature selection. The experimental results of power trace classifications of test set showed success rate as high as 92.5% when the seven largest SNR sample instants over a clock cycle were chosen as features along with a suitable kernel hyperparameter combination.