Differential Fault Intensity Analysis on PRESENT and LED Block Ciphers

  • Nahid Farhady Ghalaty
  • Bilgiday Yuce
  • Patrick Schaumont
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9064)


Differential Fault Intensity Analysis (DFIA) is a recently introduced fault analysis technique. This technique is based on the observation that faults are biased and thus are non-uniformly distributed over the cipher state variables. The adversary uses the fault bias as a source of leakage by controlling the intensity of fault injection. DFIA exploits statistical analysis to correlate the secret key to the biased fault behavior. In this work, we show a DFIA attack on two lightweight block ciphers: PRESENT and LED. For each algorithm, our research analyzes the efficiency of DFIA on a round-serial implementation and on a nibble-serial implementation.We show that all algorithms and all implementation variants can be broken with 10 to 36 fault intensity levels, depending on the case. We also analyze the factors that affect the convergence of DFIA. We show that there is a trade-off between the number of required plaintexts, and the resolution of the fault-injection equipment. Thus, an adversary with lower-quality fault-injection equipment may still be as effective as an adversary with high-quality fault-injection equipment, simply by using additional encryptions. This confirms that DFIA is effective against a range of algorithms using a range of fault injection techniques.


Differential attack Fault intensity Light-weight block cipher PRESENT LED 


  1. 1.
    ISO: Information Technology-Security Techniques-Lightweight Cryptography- Part 2: Block Ciphers. ISO/IEC 29192–2:2012, International Organization for Standardization (2012)Google Scholar
  2. 2.
    Atzori, L., Iera, A., Morabito, G.: The internet of things: a survey. Comput. Netw. 54, 2787–2805 (2010)CrossRefGoogle Scholar
  3. 3.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999) CrossRefGoogle Scholar
  4. 4.
    Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski Jr, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997) CrossRefGoogle Scholar
  5. 5.
    Ghalaty, N.F., Yuce, B., Taha, M., Schaumont, P.: Differential Fault Intensity Analysis. In: 2014 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 34–43. IEEE (2014)Google Scholar
  6. 6.
    Bogdanov, A.A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M., Seurin, Y., Vikkelsoe, C.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007) CrossRefGoogle Scholar
  7. 7.
    Guo, J., Peyrin, T., Poschmann, A., Robshaw, M.: The LED Block Cipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 326–341. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  8. 8.
    Li, Y., Sakiyama, K., Gomisawa, S., Fukunaga, T., Takahashi, J., Ohta, K.: Fault sensitivity analysis. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 320–334. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  9. 9.
    Giraud, C.: DFA on AES. In: Dobbertin, H., Rijmen, V., Sowa, A. (eds.) AES 2005. LNCS, vol. 3373, pp. 27–41. Springer, Heidelberg (2005) CrossRefGoogle Scholar
  10. 10.
    Altera Corporation: ModelSim Altera Starter Edition. http://www.altera.com
  11. 11.
    De Santis, F., Guillen, O., Sakic, E., Sigl, G.: Ciphertext-only fault attacks on PRESENT. In: Third International Workshop on Lightweight Cryptography for Security and Privacy, pp. 84–105 (2014)Google Scholar
  12. 12.
    Jeong, K., Lee, C.: Differential fault analysis on block cipher LED-64. In: (Jong Hyuk) Park, J.J., Leung, V.C.M., Wang, C.-L., Shon, T. (eds.) Future Information Technology, Application, and Service. LNEE, vol. 164, pp. 747–755. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  13. 13.
    Endo, S., Sugawara, T., Homma, N., Aoki, T., Satoh, A.: An on-chip glitchy-clock generator for testing fault injection attacks. J. Cryptographic Eng. 1, 265–270 (2011)CrossRefGoogle Scholar
  14. 14.
    Bagheri, N., Ebrahimpour, R., Ghaedi, N.: New differential fault analysis on PRESENT. EURASIP J. Adv. Sig. Process. 2013(1), 1–10 (2013)CrossRefGoogle Scholar
  15. 15.
    Zhao, X.j., Guo, S., Zhang, F., Wang, T., Shi, Z., Ji, K.: Algebraic Differential Fault Attacks on LED Using a Single Fault Injection. IACR Cryptology. ePrint Archive 2012/347 (2012)Google Scholar
  16. 16.
    Li, Y., Hayashi, Y., Matsubara, A., Homma, N., Aoki, T., Ohta, K., Sakiyama, K.: Yet another fault-based leakage in non-uniform faulty ciphertexts. In: Danger, J.-L., Debbabi, M., Marion, J.-Y., Garcia-Alfaro, J., Heywood, N.Z. (eds.) FPS 2013. LNCS, vol. 8352, pp. 272–287. Springer, Heidelberg (2014) CrossRefGoogle Scholar
  17. 17.
    Fuhr, T., Jaulmes, E., Lomné, V., Thillard, A.: Fault attacks on aes with faulty ciphertexts only. In: 2013 IEEE Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 108–118. IEEE (2013)Google Scholar
  18. 18.
    Jarvinen, K., Blondeau, C., Page, D., Tunstall, M.: Harnessing biased faults in attacks on ECC-based signature schemes. In: 2012 IEEE Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 72–82. IEEE (2012)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Nahid Farhady Ghalaty
    • 1
  • Bilgiday Yuce
    • 1
  • Patrick Schaumont
    • 1
  1. 1.Bradley Department of Electrical and Computer EngineeringVirginia Polytechnic Institute and State UniversityBlacksburgUSA

Personalised recommendations