Abstract
SIMON, a family of lightweight block ciphers, has received much attention from the cryptology community due to its improved performance for hardware compared with that of other ciphers. A popular physical attack method, differential fault attack (DFA), works for SIMON. With the aim of improving the efficiency of attacks applied to the SIMON family, in this work, an efficient DFA against SIMON key schedule is presented under a random bit fault model. First, we analyze in detail how to identify the fault induction position. Then, on the basis of the position, we show in detail how to recover 4 bits, 7.5 bits, and 2 bits of KT-1 (the (T-1)th round key), KT-2 (the (T-2)th round key) and KT-3 (the (T-3)th round key), respectively, by inducing a one-bit fault on average in KT-5 (the (T-5)th round key). As a result, by inducing one round of faults, our attack can recover three rounds of keys. Compared with previously developed DFAs on SIMON under the random bit fault model, to recover the full keys of the SIMON family, our attack requires the fewest fault inductions and locations of the induced fault. Moreover, when the value of key words m is 2 or 3, our attack can reduce the number of required rounds of fault induction to one. Finally, simulation experiments and comparisons are carried out to demonstrate the correctness and effectiveness of our attack.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.