Subhadeep Banik

Learn More
The series of published works, related to Differential Fault Attack (DFA) against the Grain family, require (i) quite a large number (hundreds) of faults (around n lnn, where n = 80 for Grain v1 and n = 128 for Grain-128, Grain-128a) and also (ii) several assumptions on location and timing of the fault injected. In this paper we present a significantly(More)
Sprout is a lightweight stream cipher proposed by Armknecht and Mikhalev at FSE 2015. It has a Grain-like structure with two State Registers of size 40 bits each, which is exactly half the state size of Grain v1. In spite of this, the cipher does not appear to lose in security against generic Time-MemoryData Tradeoff attacks due to the novelty of its(More)
In the past few years, lightweight cryptography has become a popular research discipline with a number of ciphers and hash functions proposed. The designers’ focus has been predominantly to minimize the hardware area, while other goals such as low latency have been addressed rather recently only. However, the optimization goal of low energy for block cipher(More)
In this paper we study a differential fault attack against the Grain family of stream ciphers. The attack works due to certain properties of the Boolean functions and corresponding choices of the taps from the LFSR. The existing works, by Berzati et al. (2009) and Karmakar et al. (2011), are applicable only on Grain-128 exploiting certain properties of the(More)
In this paper we present a differential fault attack on the stream cipher MICKEY 2.0 which is in eStream’s hardware portfolio. While fault attacks have already been reported against the other two eStream hardware candidates Trivium and Grain, no such analysis is known for MICKEY. Using the standard assumptions for fault attacks, we show that by injecting(More)
The 32-bit MAC of Grain-128a is a linear combination of the first 64 and then the alternative keystream bits. In this paper we describe a successful differential fault attack on Grain-128a, in which we recover the secret key by observing the correct and faulty MACs of certain chosen messages. The attack works due to certain properties of the Boolean(More)
Pushed by the pervasive diffusion of devices operated by battery or by the energy harvested, energy has become one of the most important parameter to be optimized for embedded systems. Particularly relevant would be to optimize the energy consumption of security primitives. In this paper we explore design techniques for implementing block ciphers in a low(More)
Localization, identification, and segmentation of the thoracic, abdominal, and pelvic organs are important steps in computer-aided diagnosis, treatment planning, and content-based retrieval of biomedical images. In this context, to aid the landmarking and identification of the lower abdominal organs, to separate the abdominal cavity from the lower pelvic(More)