Deep Learning-Assisted Improved Differential Fault Attacks on Lightweight Stream Ciphers

TL;DR

This paper explores the use of deep learning to enhance differential fault attacks on lightweight stream ciphers, achieving high fault location accuracy and reducing attack complexity in resource-constrained environments.

Contribution

It introduces a deep learning-based method for fault location identification and secret recovery on three lightweight stream ciphers, demonstrating improved efficiency over traditional methods.

Findings

High fault location identification accuracy (up to 0.9999) for ACORNv3 and MORUSv2.

Reduced number of faults needed for secret recovery compared to existing methods.

First experimental differential fault attack results on ATOM cipher.

Abstract

Lightweight cryptographic primitives are widely deployed in resource-constrained environments, particularly in Internet of Things (IoT) devices. Due to their public accessibility, these devices are vulnerable to physical attacks, especially fault attacks. Recently, deep learning-based cryptanalytic techniques have demonstrated promising results; however, their application to fault attacks remains limited, particularly for stream ciphers. In this work, we investigate the feasibility of deep learning assisted differential fault attacks on three lightweight stream ciphers, namely ACORNv3, MORUSv2, and ATOM, under a relaxed fault model in which a single-bit bit-flipping fault is injected at an unknown location. We develop and train multilayer perceptron (MLP) models to identify the fault locations. Experimental results show that the trained models achieve high identification accuracies of 0.999880, 0.999231, and 0.823568 for ACORNv3, MORUSv2 and ATOM, respectively, and outperform traditional signature-based methods. For the secret recovery process, we introduce a threshold-based method to optimize the number of fault injections required to recover the secret information. The results show that the initial state of ACORN can be recovered with 21 to 34 faults, while MORUS requires 213 to 248 faults, with at most 6 bits of guessing. Both attacks reduce the attack complexity compared to existing works. For ATOM, the results show that it possesses a higher security margin, as the majority of state bits in the Nonlinear Feedback Shift Register (NFSR) can only be recovered under a precise control model. To the best of our knowledge, this work provides the first experimental results of differential fault attacks on ATOM.