Impossible statistical fault analysis of the PRIDE lightweight cryptosystem; [PRIDE 轻量级密码的不可能统计故障分析]

To analyze the implementation security of the PRIDE lightweight cryptosystem proposed at CRYPTO in 2014, a novel method of impossible statistical fault analysis on the ciphertext-only attack assumption was proposed. Furthermore, new distinguishers were designed, such as the Chi-square goodness-of-fit test-Hamming weight, and Chi-square goodness-of-fit test-maximum likelihood estimation. The proposed method had a random nibble-oriented fault model, and combined the statistical distribution states with the impossible relationship. On the difference among the intermediate states before and after the fault injections, at least 432 faults were required to recover the 128 bit secret key of PRIDE with a reliability of at least 99%. The experimental analysis demonstrates that the proposed method can not only reduce injected faults and latency, but also increase the accuracy. The results provide a vital reference for exploring the implementation security of lightweight cryptosystems. © 2024 Editorial Board of Journal on Communications. All rights reserved.