A CPA attack against round based Piccolo-80 hardware implementation

Abstract

In CHES 2011, Sony Corporation proposed a very promising ultra-lightweight blockcipher named Piccolo and claimed it offers a sufficient security level against known cryptanalyses based on mathematical weaknesses. The correlation power analysis (CPA) attack against a round-based Piccolo-80 hardware implementation is discussed in this paper. We built a power consumption acquisition platform based on simulation for minimum overhead, presented a feasible CPA attack method based on HD model and the final round, and retrieved the final round key RK <sub xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">24</sub> <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">L</sup> , RK <sub xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">24</sub> <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">R</sup> and the whiten key WK <sub xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">2</sub> and WK <sub xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">2</sub> with 500 power traces. The results showed Piccolo-80 round-based hardware implementation is vulnerable to power analysis attack. To the best of our knowledge, this is the first paper to discuss power analysis attack against Piccolo.