This paper has been published in the Eurocrypt-2023 conference. We introduced a unified method to fully automate three important cryptographic attacks on block ciphers. We invite you to explore our work here.

In this paper, we first introduce $\Xi$per, as a new hardware/software friendly component that can be implemented using bit-wise operations and extensively analyze its security. Next, we propose $\Xi$perbp, a lightweight authentication protocol based on $\Xi$per component. To evaluate the performance efficiency of our proposed scheme, we implement the $\Xi$perbp scheme on an FPGA module Xilinx Kintex-7 using the hardware description language VHDL. Our security and cost analysis of the proposed protocol shows that the proposed protocol provides desired security against various attacks, at a reasonable cost. Also, formal security evaluation using BAN logic and the Scyther tool indicates its security correctness. Besides, we analyze the security of a related protocol which has been recently proposed by Fan et al. It is a cloud-based lightweight mutual authentication protocol for RFID devices in an IoT system. The authors have claimed that their scheme is secure against active and passive attacks, however, our detailed security analysis in this paper demonstrates the major drawbacks of this protocol. More precisely, the proposed attack discloses the tag’s secrets efficiently. Given the tag’s secrets, any other attack will be trivial.

In this paper, we propose a deterministic related key distinguisher for 31 rounds of the SFN. we are able to use the proposed related key distinguisher to attack the SFN in the known-plaintext scenario with the time complexity of $2^{60.58}$ encryptions. The data and memory complexity of those attacks are negligible. In addition, we will extend it to a practical chosen-plaintext-ciphertext key recovery attack on full SFN (32 rounds) with the complexity of $2^{20}$. We also experimentally verified this attack. Also, in the single key mode, we present a meet in the middle attack against the full rounds block cipher for which the time complexity is $2^{80}$ the SFN calculations and the memory complexity is $2^{35.6}$ bytes. The data complexity of this attack is only two known plaintext and their corresponding ciphertext.

In this paper, we introduce a framework to utilize Statistical Ineffective Fault Analysis (SIFA) in the persistent fault setting by proposing Statistical Ineffective Persistent Faults Analysis (SIPFA) that can be efficiently applied to Feistel ciphers in a variety of scenarios. To demonstrate the effectiveness of our technique, we apply SIFPA on three widely used Feistel schemes, DES, 3DES, and Camellia. Our analysis reveals that the secret key of these block ciphers can be extracted with a complexity of at most 250 utilizing a single unknown fault. Furthermore, we demonstrate that the secret can be recovered in a fraction of a second by increasing the adversary’s control over the injected faults. To evaluate SIPFA in a variety of scenarios, we conducted both simulations and real experiments utilizing electromagnetic fault injection on DES and 3DES.

In this project, we evaluate the security level of recent ultra-lightweight mutual authentication protocols and show their susceptibility to replay and desynchronization attacks. We also show that these protocols can be grouped into a generalized version of ultra-lightweight mutual authentication protocols (GUMAPs) and classify them into two categories. We then establish that both groups are vulnerable to replay and desynchronization attacks. To eliminate these vulnerabilities, we present a new message authentication code (MAC) function to propose a more secure generalized improved mutual authentication protocol (GIMAP).