Multi-Stage Fault Attacks on Block Ciphers

This paper introduces Multi-Stage Fault Attacks, which allow Differential Fault Analysis of block ciphers having independent subkeys. Besides the specification of an algorithm implementing the technique, we show concrete applications to LED-128 and PRINCE and demonstrate that in both cases approximately 3 to 4 fault-injections are enough to reconstruct the full 128-bit key. Keywords-cryptanalysis; Differential Fault Analysis; LED128; lightweight block cipher; Multi-Stage Fault Attack; PRINCE;