Abstract

GRAIN-v1 is a stream cipher that has been selected in the final portfolio of the eSTREAM project. GRAIN-128 is a variant of GRAIN-v1. The best known mathematical attack against GRAIN-128 is the brute force key-search. This paper introduces a fault attack on GRAIN-128 based on a realistic fault model and explores possible improvements of the attack. We also discuss countermeasures to counteract our fault attack.