{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T02:12:21Z","timestamp":1760148741446,"version":"build-2065373602"},"reference-count":41,"publisher":"MDPI AG","issue":"6","license":[{"start":{"date-parts":[[2023,6,2]],"date-time":"2023-06-02T00:00:00Z","timestamp":1685664000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Symmetry"],"abstract":"<jats:p>Differential fault analysis (DFA) was introduced by Biham and Shamir. It is a powerful analysis technique to retrieve the secret key by injecting fault into an internal state and utilizing the differences between the correct ciphertexts and the faulty ciphertexts. Based on the idea of meet-in-the-middle, some differential characters can help to recover the key of some symmetric ciphers. At CHES 2011, this technique was utilized to give analyses on AES. In this article, we propose several DFA schemes on ITUbee, a software-oriented block symmetric cipher for resource-constrained devices based on the meet-in-the-middle idea. Our attacks are efficient enough and more powerful than previous works. Furthermore, the attacks in this article break the protection countermeasure, meaning we have to review the protection method on devices for ITUbee.<\/jats:p>","DOI":"10.3390\/sym15061196","type":"journal-article","created":{"date-parts":[[2023,6,2]],"date-time":"2023-06-02T10:08:41Z","timestamp":1685700521000},"page":"1196","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Meet-in-the-Middle Differential Fault Analysis on ITUbee Block Cipher"],"prefix":"10.3390","volume":"15","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9179-8366","authenticated-orcid":false,"given":"Yongze","family":"Kang","sequence":"first","affiliation":[{"name":"School of Cyber Science and Technology, Shandong University, Qingdao 266237, China"},{"name":"Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Jinan 266237, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2814-5431","authenticated-orcid":false,"given":"Qingyuan","family":"Yu","sequence":"additional","affiliation":[{"name":"School of Cyber Science and Technology, Shandong University, Qingdao 266237, China"},{"name":"Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Jinan 266237, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lingyue","family":"Qin","sequence":"additional","affiliation":[{"name":"BNRist, Tsinghua University, Beijing 100084, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7059-5976","authenticated-orcid":false,"given":"Guoyan","family":"Zhang","sequence":"additional","affiliation":[{"name":"School of Cyber Science and Technology, Shandong University, Qingdao 266237, China"},{"name":"Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Jinan 266237, China"},{"name":"Shandong Institute of Blockchain, Jinan 250014, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2023,6,2]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Zakaria, A.A., Halim, A.H.A., Ridzuan, F., Zakaria, N.H., and Daud, M. (2022). LAO-3D: A Symmetric Lightweight Block Cipher Based on 3D Permutation for Mobile Encryption Application. Symmetry, 14.","DOI":"10.3390\/sym14102042"},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Alshammari, B., Guesmi, R., Guesmi, T., Alsaif, H., and Alzamil, A. (2021). Implementing a Symmetric Lightweight Cryptosystem in Highly Constrained IoT Devices by Using a Chaotic S-Box. Symmetry, 13.","DOI":"10.3390\/sym13010129"},{"key":"ref_3","first-page":"260","article-title":"Fault Attacks on RSA with CRT: Concrete Results and Practical Countermeasures","volume":"Volume 2523","author":"Kaliski","year":"2002","journal-title":"Proceedings of the Cryptographic Hardware and Embedded Systems\u2014CHES 2002, 4th International Workshop, Redwood Shores, CA, USA, 13\u201315 August 2002"},{"key":"ref_4","first-page":"513","article-title":"Differential Fault Analysis of Secret Key Cryptosystems","volume":"Volume 1294","author":"Kaliski","year":"1997","journal-title":"Proceedings of the Advances in Cryptology\u2014CRYPTO \u201997, 17th Annual International Cryptology Conference, Santa Barbara, CA, USA, 17\u201321 August 1997"},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"254","DOI":"10.1007\/978-3-540-28632-5_19","article-title":"A Differential Fault Attack against Early Rounds of (Triple-)DES","volume":"Volume 3156","author":"Joye","year":"2004","journal-title":"Proceedings of the Cryptographic Hardware and Embedded Systems\u2014CHES 2004: 6th International Workshop Cambridge, MA, USA, 11\u201313 August 2004"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"457","DOI":"10.1007\/978-3-642-04138-9_32","article-title":"Differential Fault Analysis on DES Middle Rounds","volume":"Volume 5747","author":"Clavier","year":"2009","journal-title":"Proceedings of the Cryptographic Hardware and Embedded Systems\u2014CHES 2009, 11th International Workshop, Lausanne, Switzerland, 6\u20139 September 2009"},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"77","DOI":"10.1007\/978-3-540-45238-6_7","article-title":"A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD","volume":"Volume 2779","author":"Walter","year":"2003","journal-title":"Proceedings of the Cryptographic Hardware and Embedded Systems\u2014CHES 2003, 5th International Workshop, Cologne, Germany, 8\u201310 September 2003"},{"key":"ref_8","first-page":"293","article-title":"Differential Fault Analysis on A.E.S","volume":"Volume 2846","author":"Zhou","year":"2003","journal-title":"Proceedings of the Applied Cryptography and Network Security, First International Conference, ACNS 2003, Kunming, China, 16\u201319 October 2003"},{"key":"ref_9","first-page":"162","article-title":"Fault Based Cryptanalysis of the Advanced Encryption Standard (AES)","volume":"Volume 2742","author":"Wright","year":"2003","journal-title":"Proceedings of the Financial Cryptography, 7th International Conference, FC 2003, Guadeloupe, French West Indies, 27\u201330 January 2003"},{"key":"ref_10","first-page":"27","article-title":"DFA on AES","volume":"Volume 3373","author":"Dobbertin","year":"2004","journal-title":"Proceedings of the Advanced Encryption Standard\u2014AES, 4th International Conference, AES 2004, Bonn, Germany, 10\u201312 May 2004"},{"key":"ref_11","first-page":"91","article-title":"A Generalized Method of Differential Fault Attack Against AES Cryptosystem","volume":"Volume 4249","author":"Goubin","year":"2006","journal-title":"Proceedings of the Cryptographic Hardware and Embedded Systems\u2014CHES 2006, 8th International Workshop, Yokohama, Japan, 10\u201313 October 2006"},{"key":"ref_12","first-page":"274","article-title":"Meet-in-the-Middle and Impossible Differential Fault Analysis on AES","volume":"Volume 6917","author":"Preneel","year":"2011","journal-title":"Proceedings of the Cryptographic Hardware and Embedded Systems\u2014CHES 2011\u201413th International Workshop, Nara, Japan, 28 September\u20131 October 2011"},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"111","DOI":"10.1007\/s41635-018-0038-1","article-title":"Fault Attacks on Secure Embedded Software: Threats, Design, and Evaluation","volume":"2","author":"Yuce","year":"2018","journal-title":"J. Hardw. Syst. Secur."},{"key":"ref_14","unstructured":"Selmke, B., Heyszl, J., and Sigl, G. (2016). Proceedings of the 2016 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC 2016, Santa Barbara, CA, USA, 16 August 2016, IEEE Computer Society."},{"key":"ref_15","first-page":"85","article-title":"Ciphertext-Only Fault Attacks on PRESENT","volume":"Volume 8898","author":"Eisenbarth","year":"2014","journal-title":"Proceedings of the Lightweight Cryptography for Security and Privacy\u2014Third International Workshop, LightSec 2014, Istanbul, Turkey, 1\u20132 September 2014"},{"key":"ref_16","first-page":"174","article-title":"Differential Fault Intensity Analysis on PRESENT and LED Block Ciphers","volume":"Volume 9064","author":"Mangard","year":"2015","journal-title":"Proceedings of the Constructive Side-Channel Analysis and Secure Design\u20146th International Workshop, COSADE 2015, Berlin, Germany, 13\u201314 April 2015"},{"key":"ref_17","unstructured":"Patranabis, S., Breier, J., Mukhopadhyay, D., and Bhasin, S. (2017). Proceedings of the 2017 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC 2017, Taipei, Taiwan, 25 September 2017, IEEE Computer Society."},{"key":"ref_18","unstructured":"Breveglieri, L., Koren, I., Naccache, D., Oswald, E., and Seifert, J. (2009). Proceedings of the Sixth International Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC 2009, Lausanne, Switzerland, 6 September 2009, IEEE Computer Society."},{"key":"ref_19","unstructured":"Tria, A., and Choi, D. (2014). Proceedings of the 2014 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC 2014, Busan, Republic of Korea Korea, 23 September 2014, IEEE Computer Society."},{"key":"ref_20","first-page":"581","article-title":"Friet: An Authenticated Encryption Scheme with Built-in Fault Detection","volume":"Volume 12105","author":"Canteaut","year":"2020","journal-title":"Proceedings of the Advances in Cryptology\u2014EUROCRYPT 2020\u201439th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, 10\u201314 May 2020"},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"5","DOI":"10.46586\/tosc.v2019.i1.5-45","article-title":"CRAFT: Lightweight Tweakable Block Cipher with Efficient Protection Against DFA Attacks","volume":"2019","author":"Beierle","year":"2019","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"ref_22","first-page":"124","article-title":"DEFAULT: Cipher Level Resistance against Differential Fault Attack","volume":"Volume 13091","author":"Tibouchi","year":"2021","journal-title":"Proceedings of the Advances in Cryptology\u2014ASIACRYPT 2021\u201427th International Conference on the Theory and Application of Cryptology and Information Security, Singapore, 6\u201310 December 2021"},{"key":"ref_23","first-page":"279","article-title":"Fresh Re-keying: Security against Side-Channel and Fault Attacks for Low-Cost Devices","volume":"Volume 6055","author":"Bernstein","year":"2010","journal-title":"Proceedings of the Progress in Cryptology\u2014AFRICACRYPT 2010, Third International Conference on Cryptology in Africa, Stellenbosch, South Africa, 3\u20136 May 2010"},{"key":"ref_24","first-page":"115","article-title":"Fresh Re-keying II: Securing Multiple Parties against Side-Channel and Fault Attacks","volume":"Volume 7079","author":"Prouff","year":"2011","journal-title":"Proceedings of the Smart Card Research and Advanced Applications\u201410th IFIPWG8.8\/11.2 International Conference, CARDIS 2011, Leuven, Belgium, 14\u201316 September 2011"},{"key":"ref_25","first-page":"225","article-title":"Towards Fresh and Hybrid Re-Keying Schemes with Beyond Birthday Security","volume":"Volume 9514","author":"Homma","year":"2015","journal-title":"Proceedings of the Smart Card Research and Advanced Applications\u201414th International Conference, CARDIS 2015, Bochum, Germany, 4\u20136 November 2015"},{"key":"ref_26","unstructured":"Bertoni, G., and Gierlichs, B. (2012). Proceedings of the 2012 Workshop on Fault Diagnosis and Tolerance in Cryptography, Leuven, Belgium, 9 September 2012, IEEE Computer Society."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"159","DOI":"10.1007\/11889700_15","article-title":"A Comparative Cost\/Security Analysis of Fault Attack Countermeasures","volume":"Volume 4236","author":"Breveglieri","year":"2006","journal-title":"Proceedings of the Fault Diagnosis and Tolerance in Cryptography, Third International Workshop, FDTC 2006, Yokohama, Japan, 10 October 2006"},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"1528","DOI":"10.1109\/TC.2008.149","article-title":"Double-Data-Rate Computation as a Countermeasure against Fault Analysis","volume":"57","author":"Maistri","year":"2008","journal-title":"IEEE Trans. Comput."},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"106","DOI":"10.1049\/iet-ifs:20060163","article-title":"Strengthening hardware AES implementations against fault attacks","volume":"1","author":"Joye","year":"2007","journal-title":"IET Inf. Secur."},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Barenghi, A., Breveglieri, L., Koren, I., Pelosi, G., and Regazzoni, F. (2010, January 24). Countermeasures against fault attacks on software implemented AES: Effectiveness and cost. Proceedings of the 5th Workshop on Embedded Systems Security, WESS 2010, Scottsdale, AZ, USA.","DOI":"10.1145\/1873548.1873555"},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"74","DOI":"10.1109\/C-M.1977.217750","article-title":"Special Feature Exhaustive Cryptanalysis of the NBS Data Encryption Standard","volume":"10","author":"Diffie","year":"1977","journal-title":"Computer"},{"key":"ref_32","first-page":"278","article-title":"Meet-in-the-Middle Attacks Revisited: Key-Recovery, Collision, and Preimage Attacks","volume":"Volume 12827","author":"Malkin","year":"2021","journal-title":"Proceedings of the Advances in Cryptology\u2014CRYPTO 2021\u201441st Annual International Cryptology Conference, CRYPTO 2021, Virtual Event, 16\u201320 August 2021"},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"63","DOI":"10.46586\/tosc.v2022.i2.63-91","article-title":"Improved MITM Cryptanalysis on Streebog","volume":"2022","author":"Hua","year":"2022","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"ref_34","first-page":"433","article-title":"New Attacks on Feistel Structures with Improved Memory Complexities","volume":"Volume 9215","author":"Gennaro","year":"2015","journal-title":"Proceedings of the Advances in Cryptology\u2014CRYPTO 2015\u201435th Annual Cryptology Conference, Santa Barbara, CA, USA, 16\u201320 August 2015"},{"key":"ref_35","first-page":"439","article-title":"Cryptanalysis of Iterated Even-Mansour Schemes with Two Keys","volume":"Volume 8873","author":"Sarkar","year":"2014","journal-title":"Proceedings of the Advances in Cryptology\u2014ASIACRYPT 2014\u201420th International Conference on the Theory and Application of Cryptology and Information Security, Kaoshiung, Taiwan, 7\u201311 December 2014"},{"key":"ref_36","first-page":"86","article-title":"Improved Meet-in-the-Middle Attacks on Reduced-Round DES","volume":"Volume 4859","author":"Srinathan","year":"2007","journal-title":"Proceedings of the Progress in Cryptology\u2014INDOCRYPT 2007, 8th International Conference on Cryptology in India, Chennai, India, 9\u201313 December 2007"},{"key":"ref_37","first-page":"16","article-title":"ITUbee: A Software Oriented Lightweight Block Cipher","volume":"Volume 8162","author":"Avoine","year":"2013","journal-title":"Proceedings of the Lightweight Cryptography for Security and Privacy\u2014Second International Workshop, LightSec 2013, Gebze, Turkey, 6\u20137 May 2013"},{"key":"ref_38","doi-asserted-by":"crossref","first-page":"179","DOI":"10.1049\/iet-ifs.2014.0131","article-title":"Self-similarity cryptanalysis of the block cipher ITUbee","volume":"9","author":"Soleimany","year":"2015","journal-title":"IET Inf. Secur."},{"key":"ref_39","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/2967610","article-title":"Differential Fault Attack on ITUbee Block Cipher","volume":"16","author":"Fu","year":"2016","journal-title":"ACM Trans. Embed. Comput. Syst."},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Daemen, J., and Rijmen, V. (2002). The Design of Rijndael: AES\u2014The Advanced Encryption Standard, Springer.","DOI":"10.1007\/978-3-662-04722-4_1"},{"key":"ref_41","first-page":"365","article-title":"Super-Sbox Cryptanalysis: Improved Attacks for AES-Like Permutations","volume":"Volume 6147","author":"Hong","year":"2010","journal-title":"Proceedings of the Fast Software Encryption, 17th International Workshop, FSE 2010, Seoul, Republic of Korea, 7\u201310 February 2010"}],"container-title":["Symmetry"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2073-8994\/15\/6\/1196\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T19:48:13Z","timestamp":1760125693000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2073-8994\/15\/6\/1196"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,6,2]]},"references-count":41,"journal-issue":{"issue":"6","published-online":{"date-parts":[[2023,6]]}},"alternative-id":["sym15061196"],"URL":"https:\/\/doi.org\/10.3390\/sym15061196","relation":{},"ISSN":["2073-8994"],"issn-type":[{"type":"electronic","value":"2073-8994"}],"subject":[],"published":{"date-parts":[[2023,6,2]]}}}