LiCi密码的差分故障攻击

doi:10.11959/j.issn.2096-109x.2021033

网络与信息安全学报 ›› 2021, Vol. 7 ›› Issue (2): 104-109.doi: 10.11959/j.issn.2096-109x.2021033

LiCi密码的差分故障攻击

陈伟建¹, 罗皓翔²

¹ 电子科技大学信息与通信工程学院，四川成都 611731
² 电子科技大学格拉斯哥学院，四川成都 611731

修回日期:2020-12-07 出版日期:2021-04-15 发布日期:2021-04-01
作者简介:陈伟建（1956- ），男，浙江杭州人，电子科技大学教授，主要研究方向为无线与移动通信、物联网信息安全、密码学理论与技术。
罗皓翔（1999-），男，四川成都人，主要研究方向为密码学理论、区块链技术。
基金资助:
电子科技大学创新创业院长基金(2019007)

Differential fault attack on LiCi cipher

Weijian CHEN¹, Haoxiang LUO²

¹ School of Information and Communication Engineering, University of Electronic Science and Technology of China, Chengdu 611731, China
² Glasgow College, University of Electronic Science and Technology of China, Chengdu 611731, China

Revised:2020-12-07 Online:2021-04-15 Published:2021-04-01
Supported by:
Dean's Fund of Innovation and Entrepreneurship, UESTC(2019007)

摘要/Abstract

摘要：

LiCi轻量级分组密码算法是2017年提出的一种新型密码算法，其具有结构微小、消耗能量少等优点，适用于物联网等资源受限的环境。在 LiCi 的设计文档中，对该算法抵御差分攻击和线性攻击的能力进行了分析，但LiCi算法对于差分故障攻击的抵抗能力尚未得到讨论。针对LiCi算法每轮迭代的移位规律，在第31轮迭代时的左半侧多次注入单比特故障，结合其差分性质，可以恢复32 bit长度的轮密钥。根据LiCi算法的密钥编排方案，再对第 30、29、28、27、26 轮迭代进行同样的差分故障攻击，最终可以恢复全部原始密钥。该攻击共需要48个单比特故障，计算复杂度为2³²，说明LiCi算法难以抵抗差分故障攻击。

关键词: LiCi密码, 轻量级分组密码, 差分故障攻击, 故障模型

Abstract:

LiCi lightweight block cipher is a new algorithm proposed in 2017.With advantages of small structure and low energy consumption, LiCi is more suitable for resource-constrained environments such as the internet of things (IoT).In the design document of LiCi, the ability of LiCi algorithm to resist differential attack and linear attack is analyzed, but the resistance of LiCi algorithm to differential fault attack has not been discussed.According to the permutation law of each round iteration of LiCi algorithm, 32-bit key can be recovered by injecting a single bit fault into the left half of the 31st round iteration combined with its differential property.According to the key choreography scheme of the LiCi algorithm, the same differential fault attack was performed on iterations 30th, 29th, 28th, 27th and 26th round to recover all the original keys.The attack requires a total of 48-bit faults, and the computational complexity is 2³², which indicates the LiCi algorithm is difficult to resist differential fault attacks.

Key words: LiCi cipher, lightweight block cipher, differential fault attack, fault model

中图分类号:

TP309

陈伟建, 罗皓翔. LiCi密码的差分故障攻击[J]. 网络与信息安全学报, 2021, 7(2): 104-109.

Weijian CHEN, Haoxiang LUO. Differential fault attack on LiCi cipher[J]. Chinese Journal of Network and Information Security, 2021, 7(2): 104-109.

图/表 5

图1

表1

表2

图2

图3

参考文献 16

[1]	HONG D , SUNG J , HONG S ,et al. HIGHT:a new block cipher suitable for low-resource device[C]// CHES, 2006: 46-59.
[2]	BOGDANOV A , KNUDSEN L R , LEANDER G ,et al. PRESENT:an ultra-lightweight block cipher[C]// Proceeding of 9th International Workshop on Cryptographic Hardware and Embedded System. 2007: 450-466.
[3]	BANIK S , PANDEY S K , PEYRIN T ,et al. Gif:a small present[C]// Proceedings of the 19th International Conference on Cryptographic Hardware and Embedded System. 2017: 321-345.
[4]	BEAULIEU R , SHORS D , SMITH J ,et al. The SIMON and SPECK lightweight block ciphers[C]// Proceedings of the 52nd Annual Design Automation Conference. 2015:175:1-175:6.
[5]	国家商用密码管理办公室. 无线局域网产品使用的 SMS4 密码算法[EB].
	Office of State Commercial Cipher Administration. Block cipher for WLAN products-SMS4[EB].
[6]	PATIL J , BANSOD G , KANT K S . LiCi:a new ultra-lightweight block cipher[C]// International Conference on Emerging Trends ＆Innovation in Ict. 2017: 40-45.
[7]	韦永壮, 史佳利, 李灵琛 . LiCi分组密码算法的不可能差分分析[J]. 电子与信息学报, 2019,41(7): 1610-1617.
	WEI Y Z , SHI J L , LI L C . Impossible differential cryptanalysis of LiCi block cipher[J]. Journal of Electronics ＆ Information Technology, 2019,41(7): 1610-1617.
[8]	信文倩, 孙兵, 李超 . LiCi算法的基于比特积分攻击[J]. 计算机工程, 2020,46(7).
	XIN W Q , SUN B , LI C . Bit-based integral attack on LiCi[J]. Computer Engineering, 2020,46(7).
[9]	王红艳, 韦永壮, 刘文芬 . ANU,ANU-II和LiCi算法的积分区分器搜索[J]. 小型微型计算机系统, 2020,41(7): 1470-1475.
	WANG H Y , WEI Y Z , LIU W F . Integral distinguisher search of ANU,ANU-II and LiCi block ciphers[J]. Journal of Chinese Computer Systems, 2020,41(7): 1470-1475.
[10]	BIHAM E , SHAMIR A . Differential fault analysis of secret key cryptosystems[C]// 1997 Annual International Cryptology Conference. 1997: 513-525.
[11]	LUO H X , CHEN W J , MING X Y , WU Y F . General differential fault attack on PRESENT and GIFT cipher with nibble[J]. IEEE Access, 2021.
[12]	张蕾, 吴文玲 . SMS4密码算法的差分故障攻击[J]. 计算机学报, 2006(9): 1596-1602.
	ZHANG L , WU W L . Differential fault analysis on SMS4[J]. Chinese Journal of Computers, 2006(9): 1596-1602.
[13]	王永娟, 任泉宇, 张诗怡 . 轻量级分组密码 Klein 的差分故障攻击[J]. 通信学报, 2016,37(S1): 111-115.
	WANG Y J , REN Q Y , ZHANG S Y . Differential fault attack on lightweight block cipher Klein[J]. Journal on Communications, 2016,37(S1): 111-115.
[14]	王永娟, 张诗怡, 王涛 ,等. 对 MIBS 分组密码的差分故障攻击[J]. 电子科技大学学报, 2018,47(4): 601-605.
	WANG Y J , ZHANG S Y , WANG T ,et al. Differential fault attack on block cipher MIBS[J]. Journal of University of Electronic Science and Technology of China, 2018,47(4): 601-605.
[15]	陈伟建, 赵思宇, 邹瑞杰 ,等. PRESENT密码的差分故障攻击[J]. 电子科技大学学报, 2019,48(6): 865-869.
	CHEN W J , ZHAO S Y , ZOU R J ,et al. The differential fault attack of PRESENT cipher[J]. Journal of University of Electronic Science and Technology of China, 2019,48(6): 865-869.
[16]	LUO H X , WU Y F , CHEN W J . Differential fault attack on TWINE block cipher with nibble[C]// 2020 IEEE 20th International Conference on Communication Technology (ICCT). 2020: 1151-1155.

输入差分	**11	*1	***1	0001
输出差分	0001	0010	0100	1***
对应概率	1/4	1/8	1/8	1/8

LiCi密码的差分故障攻击

Differential fault attack on LiCi cipher

在线阅读

pdf下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 5

参考文献 16

相关文章 1

Metrics

推荐阅读 0

W	0	1	2	3	4	5	6	7
S(W)	3	F	E	1	0	A	5	8
W	8	9	A	B	C	D	E	F
S(W)	C	4	B	2	9	7	6	D