Fault Analysis on SIMON Family of Lightweight Block Ciphers

This paper proposes applying differential fault analysis (DFA) to the Simon family of lightweight block ciphers. We perform DFA by examining the characteristics of the AND operation which is a non-linear function of Simon. Then, we evaluate in detail the number of fault injections required to obtain a secret key. To the best of our knowledge, we are the first to show how to extract the entire secret key for all parameters in the Simon family using a practical fault model based on random faults. As an example, for Simon with a \(128\)-bit block size and a \(128\)-bit secret key, we can extract the entire secret key using \(7.82\) fault injections on average. The results of simulations performed on a PC show that the average number of fault injections required to retrieve a round key agrees with that based on theoretical results. We believe that this study gives new insight into the field of fault analysis because Simon has a property specific to non-linear functions in that it uses the AND operation while not using a substitution box which most block ciphers employ.

[1]  Dillibabu Shanmugam,et al.  Differential Power Analysis Attack on SIMON and LED Block Ciphers , 2014, SPACE.

[2]  Hoda AlKhzaimi,et al.  Cryptanalysis of the SIMON Family of Block Ciphers , 2013, IACR Cryptol. ePrint Arch..

[3]  Nasour Bagheri,et al.  Improved Linear Cryptanalysis of Round Reduced SIMON , 2014, IACR Cryptol. ePrint Arch..

[4]  Alex Biryukov,et al.  Differential Analysis of Block Ciphers SIMON and SPECK , 2014, FSE.

[5]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[6]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2002 , 2003, Lecture Notes in Computer Science.

[7]  Stefan Lucks,et al.  Differential Cryptanalysis of Round-Reduced Simon and Speck , 2014, FSE.

[8]  Debdeep Mukhopadhyay,et al.  Differential Fault Analysis on the Families of SIMON and SPECK Ciphers , 2014, 2014 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[9]  Jianying Zhou,et al.  Information and Communications Security , 2013, Lecture Notes in Computer Science.

[10]  Marc Joye,et al.  Cryptographic Hardware and Embedded Systems - CHES 2004 , 2004, Lecture Notes in Computer Science.

[11]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.

[12]  Richard J. Lipton,et al.  On the Importance of Eliminating Errors in Cryptographic Computations , 2015, Journal of Cryptology.

[13]  Marc Joye,et al.  Fault Analysis in Cryptography , 2012, Information Security and Cryptography.

[14]  Ludger Hemme,et al.  A Differential Fault Attack Against Early Rounds of (Triple-)DES , 2004, CHES.

[15]  Debdeep Mukhopadhyay,et al.  Security, Privacy, and Applied Cryptography Engineering , 2013, Lecture Notes in Computer Science.

[16]  Burton S. Kaliski Advances in Cryptology - CRYPTO '97 , 1997 .

[17]  Jason Smith,et al.  SIMON and SPECK: Block Ciphers for the Internet of Things , 2015, IACR Cryptol. ePrint Arch..

[18]  Jean-Luc Danger,et al.  A look into SIMON from a side-channel perspective , 2014, 2014 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[19]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2003 , 2003, Lecture Notes in Computer Science.

[20]  Hua Chen,et al.  Differential Fault Analysis on CLEFIA , 2007, ICICS.

[21]  Shaohui Wang,et al.  Differential Fault Analysis on PRESENT Key Schedule , 2010, 2010 International Conference on Computational Intelligence and Security.

[22]  Jean-Jacques Quisquater,et al.  A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD , 2003, CHES.