Abstract
Recently, as the number of IoT (Internet of Things) devices has increased, the use of lightweight cryptographic algorithms that are suitable for environments with scarce resources has also increased. Consequently, the safety of such cryptographic algorithms is becoming increasingly important. Among them, side-channel analysis methods are very realistic threats. In this paper, we propose a novel differential fault attack method on the Lightweight Encryption Algorithm (LEA) cipher which became the ISO/IEC international standard lightweight cryptographic algorithm in 2019. Previously proposed differential fault attack methods on the LEA used the Single Bit Flip model, making it difficult to apply to real devices. The proposed attack method uses a more realistic attacker assumption, the Random Word Error model. We demonstrate that the proposed attack method can be implemented on real devices using an electromagnetic fault injection setup. Our attack method has the weakest attacker assumption among attack methods proposed to date. In addition, the number of required fault-injected ciphertexts and the number of key candidates for which exhaustive search is performed are the least among all existing methods. Therefore, when implementing the LEA cipher on IoT deivces, designers must apply appropriate countermeasures against fault injection attacks.
Highlights
Side-channel analysis (SCA) uses additional information, such as power consumption, electromagnetic emission, and sound that occurs while a cryptographic algorithm is operating on a real device [1]
Among various SCA methods, this paper deals with the differential fault attack (DFA), which is an attack method that uses the difference between the normal ciphertext and fault-injected ciphertexts generated by injecting artificial faults while a cryptographic algorithm is running on a real device [2]
We have proposed a novel DFA on the ARXbased lightweight block cipher Lightweight Encryption Algorithm (LEA)
Summary
Side-channel analysis (SCA) uses additional information, such as power consumption, electromagnetic emission, and sound that occurs while a cryptographic algorithm is operating on a real device [1]. Among various SCA methods, this paper deals with the differential fault attack (DFA), which is an attack method that uses the difference between the normal ciphertext and fault-injected ciphertexts generated by injecting artificial faults while a cryptographic algorithm is running on a real device [2]. Two DFA methods on the LEA have been proposed [9], [10] These attacks use the fault model that flips the random single bit of the input words. The proposed method uses a relaxed fault model by employing a transformation mechanism that relies on the algebraic principle of a modular. We argue that this attack method is an extremely threatening DFA method on the LEA cipher by experimentally proving that it can operate in a realistic environment
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
