Vulnerability analysis of trivium FPGA implementations

Abstract

Today, the large amount of information exchanged among various devices as well as the growth of the Internet of Things (IoT) demand the development of devices that ensure secure communications, preventing malicious agents from tapping sensitive data. Indeed, information security is one of the key challenges to address within the IoT field. Due to the strong resource constraints in some IoT applications, cryptographic algorithms affording lightweight implementations have been proposed. They constitute the so-called lightweight cryptography. A prominent example is the Trivium stream cipher, one of the finalists of the eSTREAM project. Although cryptographic algorithms are certainly simpler, one of their most critical vulnerability sources in terms of hardware implementations is side channel attacks. In this paper, it is studied the vulnerability of field-programmable gate array (FPGA) implementations of Trivium stream ciphers against fault attacks. The design and implementation of a system that alters the clock signal and checks the outcome is also described. A comparison between real and simulated fault injections is carried out in order to examine their veracity. The vulnerability of different versions of the Trivium cipher and their routing dependences has been tested in two different FPGA families. The results show that all versions of the Trivium cipher are vulnerable to fault attacks, although some versions are more vulnerable than others.