{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,9]],"date-time":"2026-04-09T00:15:16Z","timestamp":1775693716520,"version":"3.50.1"},"reference-count":57,"publisher":"Institution of Engineering and Technology (IET)","issue":"1","license":[{"start":{"date-parts":[[2024,3,27]],"date-time":"2024-03-27T00:00:00Z","timestamp":1711497600000},"content-version":"vor","delay-in-days":86,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["12371525"],"award-info":[{"award-number":["12371525"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62202062"],"award-info":[{"award-number":["62202062"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["ietresearch.onlinelibrary.wiley.com"],"crossmark-restriction":true},"short-container-title":["IET Information Security"],"published-print":{"date-parts":[[2024,1]]},"abstract":"<jats:p>\n                    As the practical applications of fully homomorphic encryption (FHE), secure multi\u2010party computation (MPC) and zero\u2010knowledge (ZK) proof continue to increase, so does the need to design and analyze new symmetric\u2010key primitives that can adapt to these privacy\u2010preserving protocols. These designs typically have low multiplicative complexity and depth with the parameter domain adapted to their application protocols, aiming to minimize the cost associated with the number of nonlinear operations or the multiplicative depth of their representation as circuits. In this paper, we propose two differential fault attacks against a one\u2010way function RAIN used for Rainier (CCS 2022), a signature scheme based on the MPC\u2010in\u2010the\u2010head approach and an FHE\u2010friendly cipher HERA used for the RtF framework (Eurocrypt 2022), respectively. We show that our attacks can recover the keys for both ciphers by only injecting a fault into the internal state and requiring only one normal and one faulty ciphertext blocks. Thus, we can use only the practical complexity of 2\n                    <jats:sup>26.6<\/jats:sup>\n                    \/2\n                    <jats:sup>28.8<\/jats:sup>\n                    \/2\n                    <jats:sup>30.4<\/jats:sup>\n                    bit operations to break the full\u2010round RAIN with 128\/192\/256\u2010bit keys. For full\u2010round HERA with 80\/128\u2010bit key, our attack is practical with complexity the complexity of 2\n                    <jats:sup>20<\/jats:sup>\n                    encryptions with about 2\n                    <jats:sup>16<\/jats:sup>\n                    memory.\n                  <\/jats:p>","DOI":"10.1049\/2024\/7457517","type":"journal-article","created":{"date-parts":[[2024,3,27]],"date-time":"2024-03-27T20:08:05Z","timestamp":1711570085000},"update-policy":"https:\/\/doi.org\/10.1002\/crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Differential Fault Attacks on Privacy Protocols Friendly Symmetric\u2010Key Primitives: RAIN and HERA"],"prefix":"10.1049","volume":"2024","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6394-6619","authenticated-orcid":false,"given":"Lin","family":"Jiao","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yongqiang","family":"Li","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yonglin","family":"Hao","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xinxin","family":"Gong","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"265","published-online":{"date-parts":[[2024,3,27]]},"reference":[{"key":"e_1_2_9_1_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-46800-5_17"},{"key":"e_1_2_9_2_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-53887-6_7"},{"key":"e_1_2_9_3_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-49890-3_13"},{"key":"e_1_2_9_4_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-52993-5_16"},{"key":"e_1_2_9_5_2","article-title":"Marvellous: a stark-friendly family of cryptographic primitives","author":"Ashur T.","year":"2018","journal-title":"Cryptology ePrint Archive-IACR"},{"key":"e_1_2_9_6_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-96884-1_22"},{"key":"e_1_2_9_7_2","doi-asserted-by":"publisher","DOI":"10.46586\/tosc.v2020.i3.1-45"},{"key":"e_1_2_9_8_2","first-page":"519","volume-title":"30th USENIX Security Symposium","author":"Grassi L.","year":"2021"},{"key":"e_1_2_9_9_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-77886-6_1"},{"key":"e_1_2_9_10_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-92078-4_22"},{"key":"e_1_2_9_11_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-45724-2_23"},{"key":"e_1_2_9_12_2","doi-asserted-by":"crossref","unstructured":"GrassiL. KhovratovichD. L\u00fcfteneggerR. RechbergerC. SchofneggerM. andWalchR. Reinforced concrete: a fast hash function for verifiable computation Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security CCS 2022 2022 Los Angeles CA USA ACM 1323\u20131335.","DOI":"10.1145\/3548606.3560686"},{"key":"e_1_2_9_13_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-06944-4_20"},{"key":"e_1_2_9_14_2","doi-asserted-by":"crossref","unstructured":"AshurT. MahzounM. andToprakhisarD. Chaghri-a fhe-friendly block cipher Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security 2022 Los Angeles CA USA ACM 139\u2013150 https:\/\/doi.org\/10.1145\/3548606.3559364.","DOI":"10.1145\/3548606.3559364"},{"key":"e_1_2_9_15_2","doi-asserted-by":"crossref","unstructured":"DobraunigC. KalesD. RechbergerC. SchofneggerM. andZaveruchaG. Shorter signatures based on tailor-made minimalist symmetric-key crypto Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security CCS 2022 2022 Los Angeles CA USA ACM 843\u2013857 https:\/\/doi.org\/10.1145\/3548606.3559353.","DOI":"10.1145\/3548606.3559353"},{"key":"e_1_2_9_16_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-38548-3_19"},{"key":"e_1_2_9_17_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-38548-3_17"},{"key":"e_1_2_9_18_2","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2023.i3.30-73"},{"key":"e_1_2_9_19_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-30634-1_9"},{"key":"e_1_2_9_20_2","article-title":"AIM: symmetric primitive for shorter signatures with stronger security","author":"Kim S.","year":"2022","journal-title":"Cryptology ePrint Archive-IACR"},{"key":"e_1_2_9_21_2","doi-asserted-by":"crossref","unstructured":"IshaiY. KushilevitzE. OstrovskyR. andSahaiA. Zero-knowledge from secure multiparty computation Proceedings of the 39th Annual ACM Symposium on Theory of Computing 2007 San Diego California USA ACM 21\u201330.","DOI":"10.1145\/1250790.1250794"},{"key":"e_1_2_9_22_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-53018-4_17"},{"key":"e_1_2_9_23_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-34618-8_13"},{"key":"e_1_2_9_24_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-84252-9_13"},{"key":"e_1_2_9_25_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-22963-3_8"},{"key":"e_1_2_9_26_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-77870-5_14"},{"key":"e_1_2_9_27_2","doi-asserted-by":"publisher","DOI":"10.46586\/tosc.v2022.i3.102-122"},{"key":"e_1_2_9_28_2","doi-asserted-by":"publisher","DOI":"10.46586\/tosc.v2020.i4.130-146"},{"key":"e_1_2_9_29_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-92062-3_11"},{"key":"e_1_2_9_30_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-92062-3_8"},{"key":"e_1_2_9_31_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-64837-4_16"},{"key":"e_1_2_9_32_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-56877-1_11"},{"key":"e_1_2_9_33_2","doi-asserted-by":"publisher","DOI":"10.1007\/s10623-022-01136-x"},{"key":"e_1_2_9_34_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-30634-1_10"},{"key":"e_1_2_9_35_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-38548-3_18"},{"key":"e_1_2_9_36_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-38548-3_11"},{"key":"e_1_2_9_37_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-99-8727-6_10"},{"key":"e_1_2_9_38_2","doi-asserted-by":"publisher","DOI":"10.46586\/tosc.v2023.i4.166-186"},{"key":"e_1_2_9_39_2","article-title":"Algebraic attack on FHE-friendly cipher HERA using multiple collisions","author":"Liu F.","year":"2023","journal-title":"Cryptology ePrint Archive-IACR"},{"key":"e_1_2_9_40_2","doi-asserted-by":"publisher","DOI":"10.1007\/BFb0052259"},{"key":"e_1_2_9_41_2","series-title":"Lecture Notes in Computer Science","first-page":"2","volume-title":"Cryptographic Hardware and Embedded Systems-CHES 2002","author":"Skorobogatov S. P.","year":"2002"},{"key":"e_1_2_9_42_2","unstructured":"SchmidtJ.-M.andHutterM. Optical and EM fault-attacks on CRT-based RSA: concrete results 2007."},{"key":"e_1_2_9_43_2","doi-asserted-by":"crossref","unstructured":"Keun SooY. I. M. The rowhammer attack injection methodology 2016 IEEE 35th Symposium on Reliable Distributed Systems (SRDS) 2016 Budapest Hungary IEEE 1\u201310 https:\/\/doi.org\/10.1109\/SRDS.2016.012 2-s2.0-85010194142.","DOI":"10.1109\/SRDS.2016.012"},{"key":"e_1_2_9_44_2","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-011-0022-y"},{"key":"e_1_2_9_45_2","doi-asserted-by":"crossref","unstructured":"ZussaL. DutertreJ.-M. Cl\u00e9di\u00e8reJ. andTriaA. Power supply glitch induced faults on FPGA: an in-depth analysis of the injection mechanism 2013 IEEE 19th International On-Line Testing Symposium (IOLTS) 2013 IEEE 110\u2013115 https:\/\/doi.org\/10.1109\/IOLTS.2013.6604060 2-s2.0-84885225613.","DOI":"10.1109\/IOLTS.2013.6604060"},{"key":"e_1_2_9_46_2","doi-asserted-by":"publisher","DOI":"10.3390\/app10113849"},{"key":"e_1_2_9_47_2","doi-asserted-by":"crossref","unstructured":"RoscianC. DutertreJ.-M. andTriaA. Frontside laser fault injection on cryptosystems-application to the AES\u2019 last round 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST) 2013 Austin TX USA IEEE 119\u2013124 https:\/\/doi.org\/10.1109\/HST.2013.6581576 2-s2.0-84883718008.","DOI":"10.1109\/HST.2013.6581576"},{"key":"e_1_2_9_48_2","unstructured":"ZhangZ. ChengY. LiuD. NepalS. andWangZ. Telehammer: a formal model of implicit rowhammer 2019 arXiv: Cryptography and Security."},{"key":"e_1_2_9_49_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-92518-5_13"},{"key":"e_1_2_9_50_2","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2017.2700469"},{"key":"e_1_2_9_51_2","doi-asserted-by":"publisher","DOI":"10.1007\/s12095-016-0197-2"},{"key":"e_1_2_9_52_2","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2020.3038236"},{"key":"e_1_2_9_53_2","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2023.3244629"},{"key":"e_1_2_9_54_2","unstructured":"DworkinM. SHA-3 standard: permutation-based hash and extendable-output functions 2015."},{"key":"e_1_2_9_55_2","doi-asserted-by":"publisher","DOI":"10.1007\/BF02165411"},{"key":"e_1_2_9_56_2","unstructured":"AlbrechtM.andBardG. The m4ri library 2021."},{"key":"e_1_2_9_57_2","unstructured":"AlmanJ.andWilliamsV. V. A refined laser method and faster matrix multiplication 2020 ArXiv abs\/2010.05846."}],"container-title":["IET Information Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/ietis\/2024\/7457517.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/ietis\/2024\/7457517.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/ietresearch.onlinelibrary.wiley.com\/doi\/pdf\/10.1049\/2024\/7457517","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,5]],"date-time":"2025-11-05T08:51:19Z","timestamp":1762332679000},"score":1,"resource":{"primary":{"URL":"https:\/\/ietresearch.onlinelibrary.wiley.com\/doi\/10.1049\/2024\/7457517"}},"subtitle":[],"editor":[{"given":"Qichun","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"editor","vocabulary":"crossref"}]}],"short-title":[],"issued":{"date-parts":[[2024,1]]},"references-count":57,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2024,1]]}},"alternative-id":["10.1049\/2024\/7457517"],"URL":"https:\/\/doi.org\/10.1049\/2024\/7457517","archive":["Portico"],"relation":{},"ISSN":["1751-8709","1751-8717"],"issn-type":[{"value":"1751-8709","type":"print"},{"value":"1751-8717","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,1]]},"assertion":[{"value":"2023-10-09","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-03-18","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-03-27","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}],"article-number":"7457517"}}