LED算法是于2011年CHES会议中提出的一种新型轻量级密码算法,用于在物联网环境下保护RFID标签以及智能卡等设备的通信安全.文中提出并讨论了一种针对LED算法的差分故障攻击方法.该方法采用面向 半字节的随机故障模型,通过在LED算法中导入故障,分别仅需要3个错误密文和6个错误密文,即可恢复LED算法的64 bit和128 bit原始密钥.实验结果表明,针对LED算法的差分故障攻击方法不仅扩展了故障诱导的攻击范围,而且提高了故障诱导的效率,减少了错误密文数,从而为故障攻击其它轻量级密码算法提供了一种通用的分析手段.%LED, proposed in CHES 2011, is a new lightweight cipher which is applied in the Internet of Things to provide security for RFID tags and smart cards etc. On the basis of the half byte-oriented fault model and the differential analysis, a differential fault analysis on the LED cipher by inducing faults is proposed. Simulating experiment shows that our attack could recover its 64-bit secret key by introducing 3 faulty ciphertexts, and recover 128-bit secret key by introducing 6 faulty ciphertexts, respectively. Our method extends the attacking scope of faults, thereby increasing the efficiency of fault injection and decreasing the number of faulty cipher-texts. Thus,the results in this study will also be beneficial to the analysis of other lightweight ciphers.
展开▼