论文信息 - Fault Analysis of the Piccolo Block Cipher

Fault Analysis of the Piccolo Block Cipher

We present several types of fault based attacks on the new lightweight block cipher Piccolo. The cipher is a variant of a generalized Feistel network (GFN) while the round keys are not involved in the F-function. This leads to an interesting principle which can be used to simplify our attacks. We describe our results from the simplest fault model to more realistic one. Simulation results show that using very few correct and faulty cipher texts, the exact number can be varied depending on different fault models, we are sufficient to reduce the key candidates to the practical level within exhaustive key search. In the best case 2 pairs of correct and faulty cipher texts with faults injected in the 3rd round from the last can recovery 64 bits out of the 80-bit master key.

Dawu Gu | Zhiqiang Liu | Sheng Li | Zhouqian Ma

[1] Eli Biham,et al. Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[2] Tao Wang,et al. Fault-propagation Pattern Based DFA on SPN Structure Block Ciphers using Bitwise Permutation, with Application to PRESENT and PRINTcipher , 2011, IACR Cryptol. ePrint Arch..

[3] Kyoji Shibutani,et al. Piccolo: An Ultra-Lightweight Blockcipher , 2011, CHES.

[4] Pierre-Alain Fouque,et al. Meet-in-the-Middle and Impossible Differential Fault Analysis on AES , 2011, CHES.

[5] Debdeep Mukhopadhyay,et al. Protecting Last Four Rounds of CLEFIA is Not Enough Against Differential Fault Analysis , 2012, IACR Cryptol. ePrint Arch..

[6] Ilia Polian,et al. A Fault Attack on the LED Block Cipher , 2012, COSADE.

[7] Matthieu Rivain,et al. Differential Fault Analysis on DES Middle Rounds , 2009, CHES.

[8] Richard J. Lipton,et al. On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[9] Xiaoli Yu,et al. Biclique Cryptanalysis of Reduced-Round Piccolo Block Cipher , 2012, ISPEC.