Abstract

In 2011,Wu and Zhang proposed a lightweight block cipher named LBlock, whose plaintext size and key size are 64 bits and 80 bits, respectively. As they said, LBlock can be efficiently implemented in constrained hardware environments, such as wireless sensor network. In this paper, we study the security of LBlock against the differential fault analysis (DFA) on its key scheduling. As far as we know, this is the first time the DFA on key schedule is used to analyze LBlock. More concretely, our DFA attack adopts the random nibble fault model. When the fault is injected in the subkeys in round 30 and 31, most bits of the subkeys in round 31 and 32 can be recovered, which leads to the leakage of the bits of master secret key according to the key scheduling. A quantitative analysis of the input-output differentials of the S-boxes in LBlock shows that our attack reduces the searching space of master key from 2<sup>80</sup> to 2<sup>23</sup>. Then the exhaustive search of all 2<sup>23</sup> possible keys can uniquely determine the true master key. Finally, we also implement LBlock and simulate the DFA on its key scheduling. The experiment results show that our attack is effective.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.