Differential Fault Analysis on Block Cipher Piccolo
نویسنده
چکیده
Piccolo is a 64-bit block cipher suitable for the constrained environments such as wireless sensor network environments. In this paper, we propose differential fault analysis on Piccolo. Based on a random byte fault model, our attack can recover the secret key of Piccolo-80 by using an exhaustive search of 2 and six random byte fault injections on average. It can be simulated on a general PC within a few seconds. In the case of Piccolo-128, we require an exhaustive search of 2 and eight random byte fault injections on average. This attack can be simulated on a general PC within one day. These results are the first known side-channel attack results on them.
منابع مشابه
Improved Algebraic Fault Analysis: A Case Study on Piccolo and Applications to Other Lightweight Block Ciphers
This paper proposes some techniques to improve algebraic fault analysis (AFA). Firstly, we show that building the decryption equation set of a cipher can accelerate the solving procedure. Secondly, we propose a method to represent the injected faults with algebraic equations when the accurate fault location is unknown. We take Piccolo as an example to illustrate our AFA and compare it with prev...
متن کاملMulti-Stage Fault Attacks on Block Ciphers
This paper introduces Multi-Stage Fault Attacks, which allow Differential Fault Analysis of block ciphers having independent subkeys. Besides the specification of an algorithm implementing the technique, we show concrete applications to LED-128 and PRINCE and demonstrate that in both cases approximately 3 to 4 fault-injections are enough to reconstruct the full 128-bit key. Keywords-cryptanalys...
متن کاملRound Addition Differential Fault Analysis on Lightweight Block Ciphers with On-the-Fly Key Scheduling
Round addition differential fault analysis using operation skipping for lightweight block ciphers with on-the-fly key scheduling is presented. For 64-bit KLEIN, it is shown that only a pair of correct and faulty ciphertexts can be used to derive the secret master key. For PRESENT, one correct ciphertext and two faulty ciphertexts are required to reconstruct the secret key. Furthermore, secret k...
متن کاملNew differential fault analysis on PRESENT
In this paper, we present two differential fault analyses on PRESENT-80 which is a lightweight block cipher. The first attack is a basic attack which induces a fault on only one bit of intermediate states, and we can obtain the last subkey of the block cipher, given 48 faulty cipher texts on average. The second attack can retrieve the master key of the block cipher, given 18 faulty cipher texts...
متن کاملDifferential Fault Attack on the PRINCE Block Cipher
PRINCE is a new lightweight block cipher proposed at the ASIACRYPT’2012 conference. In this paper two observations on the linear layer of the cipher are presented. Based on the observations a differential fault attack is applied to the cipher under a random nibblelevel fault model. The attack uniquely determines the 128-bit key of the cipher using less than 7 fault injections averagely. In the ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2012 شماره
صفحات -
تاریخ انتشار 2012