Impossible meet-in-the-middle fault analysis on the LED lightweight cipher in VANETs
- 85 Downloads
With the expansion of wireless technology, vehicular ad-hoc networks (VANETs) are emerging as a promising approach for realizing smart cities and addressing many serious traffic problems, such as road safety, convenience, and efficiency. To avoid any possible rancorous attacks, employing lightweight ciphers is most effective for implementing encryption/decryption, message authentication, and digital signatures for the security of the VANETs. Light encryption device (LED) is a lightweight block cipher with two basic keysize variants: LED-64 and LED-128. Since its inception, many fault analysis techniques have focused on provoking faults in the last four rounds to derive the 64-bit and 128-bit secret keys. It is vital to investigate whether injecting faults into a prior round enables breakage of the LED. This study presents a novel impossible meet-in-the-middle fault analysis on a prior round. A detailed analysis of the expected number of faults is used to uniquely determine the secret key. It is based on the propagation of truncated differentials and is surprisingly reminiscent of the computation of the complexity of a rectangle attack. It shows that the impossible meet-in-the-middle fault analysis could successfully break the LED by fault injections.
KeywordsVANETs LED lightweight cipher impossible meet-in-the-middle fault analysis
This work was supported by Research Council KU Leuven (Grant No. OT/13/071), National Key Basic Research Program of China (Grant No. 2013CB338004), National Natural Science Foundation of China (Grant Nos. 61772129, 61472250, 61402286, 61672347, 61402288), Innovation Program of Shanghai Municipal Education Commission (Grant No. 14ZZ066), Shanghai Natural Science Foundation (Grant Nos. 15ZR1400300, 16ZR1401100), European Union’s Horizon 2020 Research and Innovation Programme (Grant No. H2020-MSCA-ITN-2014-643161 ECRYPT-NET), Open Research Fund of State Key Laboratory of Information Security (Grant No. AGK20170X), National Cryptography Development Fund (Grant No. MMJJ20170214), Fundamental Research Funds for the Central Universities, and China Scholarship Council (Grant No. CSC201403170380).
- 1.Misener A J. Vehicle-infrastructure integration (VII) and safety: rubber and radio meets the road in California. Intellimotion, 2005, 11: 1–12Google Scholar
- 4.Raya M, Papadimitratos P, Hubaux P J. Securing vehicular communications. IEEE Trans Dependable Secure Comput, 2006, 13: 8–15Google Scholar
- 5.Zhang W T, Bao Z Z, Lin D D, et al. RECTANGLE: a bit-slice lightweight block cipher suitable for multiple platforms. Sci China Inf Sci, 2015, 58: 122103Google Scholar
- 7.Engels D, Saarinen O J M, Schweitzer P, et al. The Hummingbird-2 lightweight authenticated encryption algorithm. In: Proceedings of the 7th International Conference on RFID Security and Privacy, Amherst, 2011. 19–31Google Scholar
- 9.Lim H C, Korkishko T. mCrypton-a lightweight block cipher for security of low-cost RFID tags and sensors. In: Proceedings of the 6th International Conference on Information Security Applications, Jeju Island, 2005. 243–258Google Scholar
- 13.Dai X, Huang Y, Chen L, et al. VH: a lightweight block cipher based on dual pseudo-random transformation. In: Proceedings of International Conference on Cloud Computing and Security, Nanjing, 2015. 3–13Google Scholar
- 18.Soleimany H. Probabilistic slide cryptanalysis and its applications to LED-64 and Zorro. In: Proceedings of International Workshop on Fast Software Encryption, London, 2014. 373–389Google Scholar
- 22.Zhao X J, Guo S Z, Zhang F. Improving and evaluating differential fault analysis on LED with algebraic techniques. In: Proceedings of the 2013 Workshop on Fault Diagnosis and Tolerance in Cryptography, Washington, 2013. 41–51Google Scholar
- 23.Ghalaty F N, Yuce B, Schaumont P. Differential fault intensity analysis on PRESENT and LED block ciphers. In: Proceedings of the 6th International Workshop on Constructive Side-Channel Analysis and Secure, Berlin, 2015. 174–188Google Scholar
- 26.Boneh D, DeMillo A R, Lipto J R, et al. On the importance of checking cryptographic protocols for faults. In: Proceedings of the 16th Annual International Conference on Theory and Application of Cryptographic Techniques, Konstanz, 1997. 37–51Google Scholar
- 32.Derbez P, Fouque A P, Lereateux D. Meet-in-the-middle and impossible differential fault analysis on AES. In: Proceedings of International Workshop of Cryptographic Hardware and Embedded Systems, Nara, 2011. 274–291Google Scholar