In this paper, we propose a novel fault attack termed as Single Event
Transient Fault Analysis (SETFA) attack, which is well suited for hardware
implementations. The proposed approach pinpoints hotspots in the cypher’s Sbox
combinational logic circuit that significantly reduce the key entropy when
subjected to faults. ELEPHANT is a parallel authenticated encryption and
associated data (AEAD) scheme targeted to hardware implementations, a finalist
in the Lightweight cryptography (LWC) competition launched by NIST. In this
work, we investigate vulnerabilities of ELEPHANT against fault analysis. We
observe that the use of 128-bit random nonce makes it resistant against many
cryptanalysis techniques like differential, linear, etc., and their variants.
However, the relaxed nature of Statistical Fault Analysis (SFA) methods makes
them widely applicable in restrictive environments. We propose a SETFA-based
key recovery attack on Elephant. We performed Single experiments with random
plaintexts and keys, on Dumbo, a Sponge-based instance of the Elephant-AEAD
scheme. Our proposed approach could recover the secret key in 85-250
ciphertexts. In essence, this work investigates new vulnerabilities towards
fault analysis that may require to be addressed to ensure secure computations
and communications in IoT scenarios.

By admin