1. Introduction
In 2013, a family of lightweight block ciphers called SIMON was presented by the National Security Agency (NSA), based upon the Feistel structure. Compared with other ciphers, SIMON can provide a better performance for both hardware and software. The block size of SIMON is denoted as 2
n (the
n represents the word size) with
n = 16, 24, 32, 48, or 64. For each block size, it supports 3 key sizes. Thus, SIMON can be implemented on a wide range of devices [
1]. Since the publication of SIMON, many cryptanalysis papers about it have been presented, such as integral attack [
2,
3], differential attack [
4,
5,
6], and linear attack [
6,
7]. In addition, other attacks, such as differential fault analysis (DFA), have also been proposed to retrieve the secret keys from SIMON [
8].
As one of the typical fault attacks (FA) [
9], DFA was first proposed by Biham and Shamir in 1997 to obtain the secret key from DES cryptosystem [
10]. The idea of DFA is to make use of some erroneous calculations caused by inducing some unexpected faults to retrieve the secret keys of a cipher algorithm. DFA has been greatly developed and poses a serious threat to the security of many cipher algorithms, including block cipher algorithms [
8,
11,
12,
13].
In FDTC 2014, Tupsamudre et al. proposed DFA on SIMON family for the first time [
8]. In this attack, the authors induced the faults into
LT−2 (the left half input of the penultimate round) and proposed two fault models: random bit fault model and random byte fault model. Through theoretical analysis and experiments, they proved that it could retrieve 2 bits and one byte of the last round key
KT−1 by using one random bit-flip and one-byte fault, respectively. Later, Takahashi et al. proposed a random
n-bit fault model against the SIMON family where the
n represents the word size. They successfully retrieved the entire key of SIMON family through both, that is, theoretical computations and experimental simulations. For the data complexity (the data complexity refers to the number of the fault injections), they also presented a detail analysis [
14].
After that, Vasquez et al. proposed an improved DFA on SIMON family [
15]. Similarly to [
8], they also assumed a random bit fault model. However, the location of induced fault is in
LT−3. Because more depth of induced fault lead to more efficient diffusion of the induced fault, this scheme can retrieve 3.5 bits of
KT−1 on average by inducing one-bit fault. Furthermore, by reusing the induced one-bit fault, 2 bits of the penultimate round key
KT−2 on average could be retrieved. As a result, they could break the entire key of SIMON96/96 and SIMON128/128 using only one round faults.
In a following work, another improved DFA on SIMON family was presented by Chen et al. in FDTC 2016 [
16]. The authors injected faults into
LT−m−1 based on a random byte fault model, where the
m represents the key words of SIMON family. They presented a detail analysis about the data complexity in theory and shown that the entire key of SIMON could be recovered. For retrieving the entire secret key of SIMON, they successfully break 6 instances of SIMON by using only one round faults.
This paper proposes a novel DFA on SIMON family. Different from existing DFAs on SIMON family where faults are induced into the cipher state, we induce faults into the key schedule for the first time. Based on a random bit fault model, we prove that 4 bits of
KT−1 and 2 bits of
KT−2 could be retrieved on average when inducing only one-bit fault into the fourth round key
KT−4 to the last. Compared to [
8], which also uses random bit fault model, we can recover the entire key of SIMON family through half number of the fault locations. Compared to the previous works, our contributions in this paper are mainly as following:
Selection of the key schedule as the location of induced fault. Different from these existing DFAs on SIMON family ([
8,
14,
15,
16]) where all select the cipher state as the location of induced fault, our DFA on SIMON is the first one which selects the key schedule as the location of induced fault. Thus, we have provided a new train of thought and method for using DFA to crack keys of the SIMON family.
Compared with existing attacks based on the random bit fault model, our attack is more efficient. For the random bit fault model, paper [
15] is the only one which could retrieve two round keys by using one induced round location. In other words, paper [
15] can retrieve on average 3.5 bits of
KT−1 and 2 bits of
KT−2 by using one-bit fault induced into the (
T−3)th round. Up to now, this is the most efficient method. However, selection of the key schedule especially
KT−4 as the location of induced fault, our attack can retrieve 4 bits of
KT−1 and 2 bits of
KT−2 on average using one-bit fault.
The rest of this paper is arranged as follows.
Section 2 presents some necessary notation and a brief introduction for SIMON. Then
Section 3 proposes and discusses our DFA on SIMON key schedule. In this section, we present the assumption of the proposed attack, then discuss how to determine the position of the induced fault and retrieve
KT−1 as well as
KT−2. Extended analysis includes the detailed data complexity assessment and scheme to crack the entire secret key of the SIMON family. Simulation results and comparisons are carried out in
Section 4. Finally, concluding remarks are given in
Section 5.
4. Simulation Results and Comparisons
In this section, we performed simulations to verify the correctness and validity of our proposed attack using C on a personal computer with a HP Intel® Core i5-7300HQ. We assumed the adversary can induce a random one-bit fault in the round keys of SIMON.
Firstly, we randomly chose a set of plaintext and secret key to obtain the correct ciphertext (
LT,
RT). Then we induced random one-bit faults in
KT−4 to obtain the faulty ciphertexts (
LT *,
RT *). Finally, we used the proposed attack to retrieve
KT−1. For different word size
n = 16, 24, 32, 48, and 64, we carried out simulation experiments respectively. The experiment was repeated 100,000 times for every value of
n same as in [
14,
15,
16]. Experimental results show that the proposed attack can recover the
n-bit
KT−1 successfully. For different
n, the average number of the fault inductions are described in
Table 8. For retrieving the entire keys of the SIMON family, we make some comparisons with existing DFAs on SIMON family, as described in
Table 9 and
Table 10.
As shown in
Table 8, when considering the random bit fault model, our proposed attack needs the least average number of fault inductions. Compared with the number of fault inductions in theory, the average number of fault inductions is much more, this is because we assume the position of the induced fault is random, so the faults can affect the same position many times. However, if we control precisely the position of induced faults, then the average number of fault inductions is very close to the number in theory.
As shown in
Table 9 and
Table 10, comparing the fault locations between the proposed attack and existing ones, our proposed attack is the only one which selects the round keys as the fault locations. When considering the random bit model, the proposed attack requires only half number of the fault locations compared with [
8], and the numbers are as the same required in [
15]. Except the random
n-bit model [
14] and the random byte model [
16], the number of the fault inductions required in the proposed attack is least than required in [
8,
15]. Especially, when the key words
m = 3, the number required in the proposed attack is much less than required in [
15], this is because we induce faults in
KT−6 to retrieve only
KT−3 instead of retrieving both
KT−3 and
KT−4, so our proposed attack is more efficient.
5. Conclusions
This paper proposes a novel DFA on SIMON family by exploiting the leaked information by the AND operation used in the F(LT−3). We show how to retrieve 4 bits of KT−1 and 2 bits of KT−2 on average based on only one-bit fault induced in KT−4. Furthermore, we have proved that the entire key of SIMON96/96 and SIMON128/128 could be retrieved by using only one round faults.
Compared with existing works, the proposed attack in this paper is the first one which selects the SIMON key schedule as the location of induced faults. Considering the random bit fault model, our attack is the most efficient one up to data. When considering the random
n-bit model [
14] and random byte model [
16], our attack requires a higher average number of fault inductions; this is because the different fault models are selected.
In the future, we will try to crack more bits by conferring whether the bit (j + 1)% and (j + 8)% of LT−2 have been flipped. Further, we aim to explore the attack based upon different models such as the random n-bit model and random byte model so as to further reduce the required average number of fault inductions. Besides, how to apply our ideas on the block cipher SPECK will also be explored.