Fault Attack on the Authenticated Cipher ACORN v2

<table class="algorithm-group"><tr><td><table class="algorithm" id="alg2"><tr><td colspan="2">(1) <span style="margin-left:0.22222222222222221em"></span>Choose <svg height="11.6412pt" id="M195" style="vertical-align:-0.04979992pt" version="1.1" viewbox="-0.0498162 -11.5914 15.7578 11.6412" width="15.7578pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M412 140C382 77 369 73 315 73H129L270 222C362 320 402 379 402 466C402 571 322 635 234 635C177 635 130 609 99 576L42 495L64 475C90 514 133 568 201 568C274 568 318 519 318 435C318 349 255 267 193 193C144 135 87 78 32 23V0H405C417 45 427 89 440 131L412 140Z" id="g113-51"></path></g><g transform="matrix(.0091,0,0,-0.0091,6.24,-5.741)"><path d="M389 0V32C297 38 291 46 291 118V635C234 613 175 595 109 583V556L161 554C203 552 207 547 207 497V118C207 46 201 38 110 32V0H389Z" id="g50-50"></path></g><g transform="matrix(.0091,0,0,-0.0091,10.672,-5.741)"><path d="M158 548H390L417 615L410 623H122L83 318C105 326 143 337 185 337C296 337 350 275 350 188C350 116 308 42 225 42C164 42 122 74 100 93C90 101 82 99 72 92C60 82 51 68 50 59C48 46 52 38 66 24C82 9 125 -12 172 -12C225 -11 292 15 346 59C408 108 437 166 437 226C437 309 371 397 242 397C214 397 170 382 133 369L158 548Z" id="g50-54"></path></g></svg> initial states randomly</td></tr><tr><td colspan="2">(2) <span style="margin-left:0.22222222222222221em"></span><b>for</b>  each initial state  <b>do</b></td></tr><tr><td colspan="2">(3) <span style="margin-left:1.3333333333333333em"></span>proceed the encryption phase of ACORN v2 to get a 180-bit keystream <svg height="6.44133pt" id="M196" style="vertical-align:-0.29774pt" version="1.1" viewbox="-0.0498162 -6.14359 6.59789 6.44133" width="6.59789pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M475 445L452 468C423 436 401 426 385 426S352 427 305 436C268 443 216 448 185 448C156 448 128 425 102 382C89 360 77 338 64 304L89 291C117 340 143 380 190 380C214 380 268 376 295 373C320 370 344 371 362 374L70 101C32 65 23 36 23 18C23 5 27 -3 31 -8C36 -8 39 -6 42 -1C52 15 67 31 80 40S110 49 143 33C195 8 257 -20 290 -20C339 -20 382 11 439 129L416 148C366 74 334 55 305 55C278 55 236 68 203 81C169 94 141 100 122 96C205 170 348 308 411 376L475 445Z" id="g113-123"></path></g></svg></td></tr><tr><td colspan="2">(4) <span style="margin-left:1.3333333333333333em"></span>Choose <svg height="8.55521pt" id="M197" style="vertical-align:-0.2063904pt" version="1.1" viewbox="-0.0498162 -8.34882 12.6264 8.55521" width="12.6264pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M285 378C315 398 338 416 353 432C373 451 384 474 384 503C384 579 325 635 236 635H235C182 635 136 610 108 579L65 516L85 496C110 533 150 575 205 575C258 575 300 543 300 481C300 407 232 369 141 339L147 310C163 315 188 321 211 321C268 321 338 284 338 192C338 94 288 40 217 40C160 40 119 68 93 91C85 98 77 97 69 91C60 84 47 71 46 58C44 46 48 35 62 22C75 10 116 -12 162 -12C234 -12 424 62 424 224C424 297 373 359 285 376V378Z" id="g113-52"></path></g><g transform="matrix(.013,0,0,-0.013,6.24,0)"><path d="M412 140C382 77 369 73 315 73H129L270 222C362 320 402 379 402 466C402 571 322 635 234 635C177 635 130 609 99 576L42 495L64 475C90 514 133 568 201 568C274 568 318 519 318 435C318 349 255 267 193 193C144 135 87 78 32 23V0H405C417 45 427 89 440 131L412 140Z" id="g113-51"></path></g></svg> fault locations <svg height="8.8423pt" id="M198" style="vertical-align:-0.2064009pt" version="1.1" viewbox="-0.0498162 -8.6359 3.66193 8.8423" width="3.66193pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M244 607C244 633 228 655 200 655C166 655 146 618 146 594C146 564 166 546 191 546C221 546 244 574 244 607ZM222 91L209 114C184 94 148 66 133 66C127 66 124 73 130 96L201 370C213 416 211 448 191 448C162 448 88 407 29 352L42 328C73 354 104 371 114 371C120 371 119 365 115 345L53 92C32 5 45 -12 68 -12C103 -12 186 50 222 91Z" id="g113-106"></path></g></svg> randomly, where <svg height="11.439pt" id="M199" style="vertical-align:-2.15067pt" version="1.1" viewbox="-0.0498162 -9.28833 57.0268 11.439" width="57.0268pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M244 607C244 633 228 655 200 655C166 655 146 618 146 594C146 564 166 546 191 546C221 546 244 574 244 607ZM222 91L209 114C184 94 148 66 133 66C127 66 124 73 130 96L201 370C213 416 211 448 191 448C162 448 88 407 29 352L42 328C73 354 104 371 114 371C120 371 119 365 115 345L53 92C32 5 45 -12 68 -12C103 -12 186 50 222 91Z" id="g113-106"></path></g><g transform="matrix(.013,0,0,-0.013,7.181,0)"><path d="M448 1V51H364C248 51 153 129 140 230H448V280H140C153 381 248 459 364 459H448V509H365C208 509 80 395 80 255S208 1 365 1H448Z" id="g117-173"></path></g><g transform="matrix(.013,0,0,-0.013,17.677,0)"><path d="M290 -163V-135C183 -126 181 -122 181 -44V583C181 662 184 666 290 675V703H120V-163H290Z" id="g113-92"></path></g><g transform="matrix(.013,0,0,-0.013,22.162,0)"><path d="M241 635C89 635 35 457 35 312C35 153 89 -12 240 -12C390 -12 443 166 443 312C443 466 390 635 241 635ZM238 602C329 602 354 454 354 312C354 172 330 22 240 22C152 22 124 173 124 313S148 602 238 602Z" id="g113-49"></path></g><g transform="matrix(.013,0,0,-0.013,28.402,0)"><path d="M95 130C70 130 46 113 46 88C46 72 54 64 59 64C93 55 121 33 121 -3C121 -41 93 -68 44 -88L55 -117C117 -98 186 -56 186 22C186 91 131 130 95 130Z" id="g113-45"></path></g><g transform="matrix(.013,0,0,-0.013,33.545,0)"><path d="M412 140C382 77 369 73 315 73H129L270 222C362 320 402 379 402 466C402 571 322 635 234 635C177 635 130 609 99 576L42 495L64 475C90 514 133 568 201 568C274 568 318 519 318 435C318 349 255 267 193 193C144 135 87 78 32 23V0H405C417 45 427 89 440 131L412 140Z" id="g113-51"></path></g><g transform="matrix(.013,0,0,-0.013,39.785,0)"><path d="M412 140C382 77 369 73 315 73H129L270 222C362 320 402 379 402 466C402 571 322 635 234 635C177 635 130 609 99 576L42 495L64 475C90 514 133 568 201 568C274 568 318 519 318 435C318 349 255 267 193 193C144 135 87 78 32 23V0H405C417 45 427 89 440 131L412 140Z" id="g113-51"></path></g><g transform="matrix(.013,0,0,-0.013,46.025,0)"><path d="M244 635C114 635 38 519 38 422C38 317 111 240 217 240C236 240 255 244 277 256L345 292C311 140 203 39 59 15L64 -15C89 -15 150 -5 204 17C339 72 440 202 440 386C440 521 368 635 244 635ZM228 602C326 602 352 479 352 390C352 370 351 347 348 324C327 308 293 296 258 296C174 296 124 369 124 458C124 517 152 602 228 602Z" id="g113-58"></path></g><g transform="matrix(.013,0,0,-0.013,52.37,0)"><path d="M226 -163V703H56V676C162 667 165 662 165 584V-43C165 -122 162 -126 56 -136V-163H226Z" id="g113-94"></path></g></svg></td></tr><tr><td colspan="2">(5) <span style="margin-left:1.3333333333333333em"></span><b>for</b>  each fault locations <svg height="8.8423pt" id="M200" style="vertical-align:-0.2064009pt" version="1.1" viewbox="-0.0498162 -8.6359 3.66193 8.8423" width="3.66193pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M244 607C244 633 228 655 200 655C166 655 146 618 146 594C146 564 166 546 191 546C221 546 244 574 244 607ZM222 91L209 114C184 94 148 66 133 66C127 66 124 73 130 96L201 370C213 416 211 448 191 448C162 448 88 407 29 352L42 328C73 354 104 371 114 371C120 371 119 365 115 345L53 92C32 5 45 -12 68 -12C103 -12 186 50 222 91Z" id="g113-106"></path></g></svg>  <b>do</b></td></tr><tr><td colspan="2">(6) <span style="margin-left:2.4444444444444446em"></span><svg height="11.6399pt" id="M201" style="vertical-align:-3.29108pt" version="1.1" viewbox="-0.0498162 -8.34882 55.3133 11.6399" width="55.3133pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M352 391C352 416 319 448 267 448C236 448 173 423 147 400C107 364 96 332 96 304C96 248 143 210 193 181C241 153 258 124 258 100C258 72 232 38 184 38C151 38 107 66 81 108C77 114 64 116 55 111C34 99 23 84 23 65C23 29 81 -12 134 -12C220 -12 325 61 325 141C325 184 297 215 234 256C194 282 161 309 161 346C161 380 188 401 217 401C255 401 279 380 301 353C308 344 313 341 325 347C341 355 352 371 352 391Z" id="g113-116"></path></g><g transform="matrix(.0091,0,0,-0.0091,4.81,3.132)"><path d="M250 606C250 634 233 656 203 656C168 656 146 618 146 593C146 564 169 545 192 545C227 545 250 573 250 606ZM227 95L212 119C187 98 152 71 135 71C129 71 128 78 134 102L207 373C219 418 217 451 194 451C165 451 92 411 30 351L44 326C77 353 106 371 114 371C124 371 121 357 117 341L55 97C32 5 46 -12 70 -12C108 -12 191 51 227 95Z" id="g50-106"></path></g><g transform="matrix(.013,0,0,-0.013,11.498,0)"><path d="M885 230V280H158L260 427L238 442C164 361 93 290 53 255C93 220 164 149 238 68L260 83L158 230H885Z" id="g117-147"></path></g><g transform="matrix(.013,0,0,-0.013,27.531,0)"><path d="M352 391C352 416 319 448 267 448C236 448 173 423 147 400C107 364 96 332 96 304C96 248 143 210 193 181C241 153 258 124 258 100C258 72 232 38 184 38C151 38 107 66 81 108C77 114 64 116 55 111C34 99 23 84 23 65C23 29 81 -12 134 -12C220 -12 325 61 325 141C325 184 297 215 234 256C194 282 161 309 161 346C161 380 188 401 217 401C255 401 279 380 301 353C308 344 313 341 325 347C341 355 352 371 352 391Z" id="g113-116"></path></g><g transform="matrix(.0091,0,0,-0.0091,32.341,3.132)"><path d="M250 606C250 634 233 656 203 656C168 656 146 618 146 593C146 564 169 545 192 545C227 545 250 573 250 606ZM227 95L212 119C187 98 152 71 135 71C129 71 128 78 134 102L207 373C219 418 217 451 194 451C165 451 92 411 30 351L44 326C77 353 106 371 114 371C124 371 121 357 117 341L55 97C32 5 46 -12 70 -12C108 -12 191 51 227 95Z" id="g50-106"></path></g><g transform="matrix(.013,0,0,-0.013,38.303,0)"><path d="M573 255C573 407 448 530 294 530S15 407 15 255S140 -20 294 -20S573 103 573 255ZM520 280H323V484C426 471 508 386 520 280ZM265 280H68C80 386 162 471 265 484V280ZM265 26C162 39 80 124 68 230H265V26ZM520 230C508 124 426 39 323 26V230H520Z" id="g117-68"></path></g><g transform="matrix(.013,0,0,-0.013,48.839,0)"><path d="M384 0V27C293 34 287 42 287 114V635C232 613 172 594 109 583V559L157 557C201 555 205 550 205 499V114C205 42 199 34 109 27V0H384Z" id="g113-50"></path></g></svg></td></tr><tr><td colspan="2">(7) <span style="margin-left:2.4444444444444446em"></span>proceed the encryption phase of ACORN v2 to get a 180-bit keystream <svg height="12.0718pt" id="M202" style="vertical-align:-0.2976999pt" version="1.1" viewbox="-0.0498162 -11.7741 9.65356 12.0718" width="9.65356pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M475 445L452 468C423 436 401 426 385 426S352 427 305 436C268 443 216 448 185 448C156 448 128 425 102 382C89 360 77 338 64 304L89 291C117 340 143 380 190 380C214 380 268 376 295 373C320 370 344 371 362 374L70 101C32 65 23 36 23 18C23 5 27 -3 31 -8C36 -8 39 -6 42 -1C52 15 67 31 80 40S110 49 143 33C195 8 257 -20 290 -20C339 -20 382 11 439 129L416 148C366 74 334 55 305 55C278 55 236 68 203 81C169 94 141 100 122 96C205 170 348 308 411 376L475 445Z" id="g113-123"></path></g><g transform="matrix(.0091,0,0,-0.0091,6.475,-5.741)"><path d="M250 606C250 634 233 656 203 656C168 656 146 618 146 593C146 564 169 545 192 545C227 545 250 573 250 606ZM227 95L212 119C187 98 152 71 135 71C129 71 128 78 134 102L207 373C219 418 217 451 194 451C165 451 92 411 30 351L44 326C77 353 106 371 114 371C124 371 121 357 117 341L55 97C32 5 46 -12 70 -12C108 -12 191 51 227 95Z" id="g50-106"></path></g></svg></td></tr><tr><td colspan="2">(8) <span style="margin-left:2.4444444444444446em"></span><b>for</b>  different length of keystream from 99 to 180  <b>do</b></td></tr><tr><td colspan="2">(9) <span style="margin-left:3.5555555555555554em"></span>determine the fault location <svg height="8.8423pt" id="M203" style="vertical-align:-0.2064009pt" version="1.1" viewbox="-0.0498162 -8.6359 3.66193 8.8423" width="3.66193pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M244 607C244 633 228 655 200 655C166 655 146 618 146 594C146 564 166 546 191 546C221 546 244 574 244 607ZM222 91L209 114C184 94 148 66 133 66C127 66 124 73 130 96L201 370C213 416 211 448 191 448C162 448 88 407 29 352L42 328C73 354 104 371 114 371C120 371 119 365 115 345L53 92C32 5 45 -12 68 -12C103 -12 186 50 222 91Z" id="g113-106"></path></g></svg> with <svg height="12.0718pt" id="M204" style="vertical-align:-0.2976999pt" version="1.1" viewbox="-0.0498162 -11.7741 18.0178 12.0718" width="18.0178pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M600 0V24L339 665L311 657L43 24V0H600ZM497 50H107L303 539L497 50Z" id="g113-133"></path></g><g transform="matrix(.013,0,0,-0.013,8.327,0)"><path d="M475 445L452 468C423 436 401 426 385 426S352 427 305 436C268 443 216 448 185 448C156 448 128 425 102 382C89 360 77 338 64 304L89 291C117 340 143 380 190 380C214 380 268 376 295 373C320 370 344 371 362 374L70 101C32 65 23 36 23 18C23 5 27 -3 31 -8C36 -8 39 -6 42 -1C52 15 67 31 80 40S110 49 143 33C195 8 257 -20 290 -20C339 -20 382 11 439 129L416 148C366 74 334 55 305 55C278 55 236 68 203 81C169 94 141 100 122 96C205 170 348 308 411 376L475 445Z" id="g113-123"></path></g><g transform="matrix(.0091,0,0,-0.0091,14.802,-5.741)"><path d="M250 606C250 634 233 656 203 656C168 656 146 618 146 593C146 564 169 545 192 545C227 545 250 573 250 606ZM227 95L212 119C187 98 152 71 135 71C129 71 128 78 134 102L207 373C219 418 217 451 194 451C165 451 92 411 30 351L44 326C77 353 106 371 114 371C124 371 121 357 117 341L55 97C32 5 46 -12 70 -12C108 -12 191 51 227 95Z" id="g50-106"></path></g></svg></td></tr><tr><td colspan="2">(10) <span style="margin-left:3.3333333333333335em"></span>calculate the number of optional fault locations</td></tr><tr><td colspan="2">(11) <span style="margin-left:2.2222222222222223em"></span><b>end for</b></td></tr><tr><td colspan="2">(12) <span style="margin-left:1.1111111111111112em"></span><b>end for</b></td></tr><tr><td colspan="2">(13) <b>end for</b></td></tr><tr><td colspan="2">(14) <b>return</b>  the numbers of optional fault locations</td></tr></table></td></tr></table>

Security and Communication Networks

alg2

Algorithm 2

Algorithm 2: Fault Attack on the Authenticated Cipher ACORN v2 