In modern information technology, research on block cipher security is imperative. Concerning the ultra lightweight block cipher PICO, there has been only one study focused on recovering its complete master key, with a large search space of 264, and no fault analysis yet. This paper proposes a new fault analysis approach, combining differential fault and algebraic equation techniques. It achieved the recovery of PICO’s entire master key with 40 faults in an average time of 0.57 h. S-box decomposition was utilized to optimize our approach, reducing the time by a remarkable 75.83% under the identical 40-fault condition. Furthermore, PICO’s complete master key could be recovered with 28 faults in an average time of 0.78 h, indicating a significant 237 reduction in its search space compared to the previous study. This marks the first fault analysis on PICO. Compared to conventional fault analysis methods DFA (differential fault analysis) and AFA (algebraic fault analysis), our approach outperforms in recovering PICO’s entire master key, highlighting the cruciality of key expansion complexity in block cipher security. Therefore, our approach could serve to recover master keys of block ciphers with comparably complicated key expansions, and production of more secure block ciphers could result.
Read full abstract