Differential fault analysis of full lblock

Liang Zhao, Takashi Nishide, Kouichi Sakurai

研究成果: Chapter in Book/Report/Conference proceedingConference contribution

14 被引用数 (Scopus)


LBlock is a 64-bit lightweight block cipher which can be implemented in both hardware environments and software platforms. It was designed by Wu and Zhang, and published at ACNS2011. In this paper, we explore the strength of LBlock against the differential fault analysis (DFA). As far as we know, this is the first time the DFA attack is used to analyze LBlock. Our DFA attack adopts the random bit fault model. When the fault is injected at the end of the round from the 25 th round to the 31 st round, the DFA attack is used to reveal the last three round subkeys (i.e., K 32, K 31 and K 30) by analyzing the active S-box of which the input and output differences can be obtained from the right and faulty ciphertexts (C, C̃). Then, the master key can be recovered based on the analysis of the key scheduling. Specially, for the condition that the fault is injected at the end of the 25 th and 26 th round, we show that the active S-box can be distinguished from the false active S-box by analyzing the nonzero differences from the pair of ciphertexts (C, C̃). The false active S-box which we define implies that the nonzero input difference does not correspond to the right output difference. Moreover, as the LBlock can achieve the best diffusion in eight rounds, there can exist the countermeasures that protect the first and last eight rounds. This countermeasure raises a question whether provoking a fault at the former round of LBlock can reveal the round subkey. Our current work also gives an answer to the question that the DFA attack can be used to reveal the round subkey when the fault is injected into the 24 th round. If the fault model used in this analysis is a semi-random bit model, the round subkey can be revealed directly. Specially, the semi-random bit model corresponds to an adversary who could know the corrupted 4 bits at the chosen round but not know the exact bit in these 4 bits. Finally, the data complexity analysis and simulations show the number of necessary faults for revealing the master key.

ホスト出版物のタイトルConstructive Side-Channel Analysis and Secure Design - Third International Workshop, COSADE 2012, Proceedings
出版ステータス出版済み - 6 15 2012
イベント3rd International Workshop, Constructive Side-Channel Analysis and Secure Design, COSADE 2012 - Darmstadt, ドイツ
継続期間: 5 3 20125 4 2012


名前Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
7275 LNCS


その他3rd International Workshop, Constructive Side-Channel Analysis and Secure Design, COSADE 2012

All Science Journal Classification (ASJC) codes

  • 理論的コンピュータサイエンス
  • コンピュータ サイエンス(全般)


「Differential fault analysis of full lblock」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。