Security analysis of block cipher Piccolo suitable for wireless sensor networks

Abstract

Piccolo is a 64-bit block cipher suitable for the constrained environments such as wireless sensor network environments. In this paper, we propose differential fault analysis on Piccolo. Based on a random byte fault model, our attack can recover the secret key of Piccolo-80 by using an exhaustive search of $2^{24}$ and six random byte fault injections on average. It can be simulated on a general PC within a few seconds. In the case of Piccolo-128, we require an exhaustive search of $2^{40}$ and eight random byte fault injections on average. This attack can be simulated on a general PC within 1 day. These results are the first known side-channel attack results on them.