Correlation Differential Power Analysis Attack to Midori64

TL;DR

This paper presents a differential power analysis attack on the Midori64 lightweight block cipher, successfully extracting the master key using only 300 plaintext samples on an AVR microcontroller, highlighting vulnerabilities in resource-constrained environments.

Contribution

It introduces a novel DPA method targeting Midori64's S-boxes, demonstrating effective key recovery with minimal samples on embedded hardware.

Findings

Successfully recovered the Midori64 key with 300 samples.

The attack is more efficient than electromagnetic analysis.

Highlights vulnerabilities of Midori64 in IoT devices.

Abstract

Today, Internet communication security has become more complex as technology becomes faster and more efficient, especially for resource-limited devices such as embedded devices, wireless sensors, and radio frequency identification (RFID) tags, and Internet of Things (IoT). Lightweight encryption algorithms provide security for these devices to protect data against intruders. But the limitation of using energy in lightweight block ciphers (LBCs) is one of the major challenges for ever-expanding IoT technologies. Also, these LBC are subject to Side-channel attacks, which are among the most cited threats to these ciphers. In this paper, a differential power attack (DPA) to the Midori64 block cipher is designed. According to the proposed method, an attack on the S-boxes of the first round is done to obtain half of the master key bits. Then, the S-boxes of the second round were attacked to obtain remaining the master key bits. The results confirmed that the key is ultimately obtained. With the low volume of computational complexity, we obtained the Midori block cipher key, which was considered secure, just by using 300 samples of the plaintext. Following the running of Midori64 on the AVR microcontroller of the Atmega32 model, the master key of Midori block cipher is discovered with 300 known texts. Furthermore, we obtained the master key with a smaller number of samples than the electromagnetic analysis attack.