부산대학교 도서관

Subterranean 2.0, a NIST second round lightweight cryptographic primitive, was introduced by Daemen et al. in 2020. It has three modes of operation: Subterranean-SAE, Subterranean- deck , and Subterranean-XOF. So far, most of the existing practical-time implementable attacks on Subterranean-SAE fall under the nonce misuse setting scenario. In this paper, we present significantly improved Differential Fault Analysis on Subterranean-SAE and Subterranean- deck . We consider a more challenging framework of unknown fault injection round, and achieve improved execution time as well as data complexity over the best known fault attack available in the literature. We utilize deep neural networks and also correlation coefficient for generation of signatures and matching them. Two general frameworks are proposed for fault location identification assuming that fault injection round is unknown. Finally, we use a $SAT$SAT solver to efficiently recover the embedded encryption key with no more than $\mathbf{5}$5 distinct faults. Experimental results reveal that the total time (online phase) required to mount the attack on Subterranean-SAE (Subterranean- deck ) is 1234.6 (1334.6) seconds.