Impossible meet-in-the-middle fault analysis on the LED lightweight cipher in VANETs

With the expansion of wireless technology, vehicular ad-hoc networks (VANETs) are emerging as a promising approach for realizing smart cities and addressing many serious traffic problems, such as road safety, convenience, and efficiency. To avoid any possible rancorous attacks, employing lightweight ciphers is most effective for implementing encryption/decryption, message authentication, and digital signatures for the security of the VANETs. Light encryption device (LED) is a lightweight block cipher with two basic keysize variants: LED-64 and LED-128. Since its inception, many fault analysis techniques have focused on provoking faults in the last four rounds to derive the 64-bit and 128-bit secret keys. It is vital to investigate whether injecting faults into a prior round enables breakage of the LED. This study presents a novel impossible meet-in-the-middle fault analysis on a prior round. A detailed analysis of the expected number of faults is used to uniquely determine the secret key. It is based on the propagation of truncated differentials and is surprisingly reminiscent of the computation of the complexity of a rectangle attack. It shows that the impossible meet-in-the-middle fault analysis could successfully break the LED by fault injections.


Introduction
Vehicular ad-hoc networks (VANETs) are appearing as a new landscape of mobile ad-hoc networks, with the aim of providing a wide spectrum of safety and comfort applications for drivers and passengers.They have been tremendously successful, and have attracted considerable attention from both academia and industry [1].However, VANETs are networks with high dynamic topology and their connections are vulnerable to attacks.For instance, attackers may exploit VANETs to send bogus information to against all kinds of malicious attackers and dangerous environments.In other words, any vulnerability of a lightweight cipher against fault analysis should be detected as soon as possible, if fault locations can be extended to more rounds.This is our motivation for investigating novel fault analysis by attacking earlier rounds of the LED.
In this study, a novel impossible meet-in-the-middle fault analysis (IMFA) is successfully applied to break the LED.Compared with the previous fault analysis, faults can be injected into the fourth last round of the LED, and the novel fault path in IMFA affects more rounds.The attackers take advantage of the connection between an impossible relation and a meet-in-the-middle relation to recover the subkeys of the LED.Until now, the fault location was the deepest round of the LED cipher.Based on the propagation of truncated differentials, we present a detailed analysis to describe the attack complexity in a rectangle view.It can measure the connection of two different and independent relations, and thus, improve the theoretical accuracy.
The remainder of this paper is organized as follows: Section 2 describes the specification of the LED.Section 3 introduces the impossible differential fault analysis and meet-in-the-middle fault analysis, respectively.Then, Section 4 proposes our impossible meet-in-the-middle fault analysis for breaking LED-64 and LED-128.The next two sections present the attack complexity and analyze the experimental results.The last section concludes the paper.

Specification of the LED
The LED lightweight cipher fixes the block length to 64 bits, and supports key lengths of both 64 and 128 bits [14].It has 32 and 48 rounds for LED-64 and LED-128, respectively, as Figure 1 shows.The state can be pictured as a rectangular array of nibbles, consisting of four rows and four columns.Each basic step is a sequence of four identical rounds with a subkey addition, denoted as AddRoundKey (ARK).Each round is composed of AddConstants, SubCells, ShiftRows, and MixColumnsSerial in sequence.
• AddConstants (AC) adds constants to the state with a bitwise XOR operation.
• SubCells (SC) applies S-boxes to each nibble of the state independently.• ShiftRows (SR) cyclically shifts each row of the state by different offsets.
• MixColumnsSerial (MC) takes all the columns and multiplies their data with a matrix.
The sequence of steps for the decryption is the same as that of the encryption using the same subkeys.The secret key, K, depends on a key schedule to generate two subkeys, k 1 and k 2 , for the LED as shown in Table 2.
3 The IDFA and MFA attack on LED

Notations
The notations of LED and its analysis are described as shown in Table 3.

Fault model and main procedure
The fault model includes the chosen plaintext attacks and random nibble-oriented fault model.The IDFA and MFA are two independent types of fault analysis, which are proposed to attack AES [32].Certain random faults are injected into the third last round of the running procedure, and thus, correct and faulty ciphertexts are obtained.Then, main procedures exploit the impossible relationship and meet-inthe-middle relation of the SubCells, respectively.As for the IDFA attack, the output differences in each nibble of the penultimate SubCells are not null.That is, where i represents the i-th column of the state, and 0 i 3. As for the MFA attack, the input differences in each nibble of the penultimate SubCells have the following relations: where all vectors of {ξ 4i , ξ 4i+1 , ξ 4i+2 , ξ 4i+3 } ⊆ ({0, 1} 4 /{0}) 4 are proportional, and 0 i 3. Thus, the last subkey can be recovered.Then, the attacker can recover the last subkey and decrypt the right ciphertext to obtain the input of the last round.They repeat the above procedure to induce faults to the running procedure until the secret key is derived.In [24], the IDFA attack recovered LED-64 and LED-128 with 48 and 96 faults, respectively.There are no experimental results regarding the MFA attack on the LED.

Impossible meet-in-the-middle fault analysis on LED
In the novel impossible meet-in-the-middle fault analysis, the attackers can store a ciphertext when encrypting any plaintext with a secret key.Their aim is to recover the subkey, k 1 , in the last round.The first fault injection targets the (r-4)-th round, where r ∈ {32, 48}.As Figure 2 shows, a fault may be injected into α r−4 , β r−4 or γ r−4 ; the approach is identical in either case.Any modification provokes the XOR-differences of the last five rounds, and the correct ciphertext, y, are converted into the faulty ciphertext, ŷ.The attackers have And Because the output difference in each nibble of the antepenultimate SubCells and ShiftRows layers are not null, the impossible differential relationship must hold where 0 j 15.Thus, there are four groups of meet-in-the-middle relationships for every column of δ r−2 ⊕ δr−2 as follows: One of the fault attacking paths in the last five rounds.
where i represents the i-th column of the state, mod denotes the modular operation, ϕ η represents all possible solutions of (γ r−2 ⊕ γr−2 ) j = 0, 0 η 15 4 -1, 0 i 3 and 0 j 15.Hence, , where 0 i 3. The above equations allow the restriction of possible candidates for k ′ 1 .The attackers can perform a brute-force search for k ′ 1 , column per column, until there is only one left in the set of k ′ 1 candidates by intersections.Thus, the equation can be solved for K in LED-64: As for LED-128, the attackers can decrypt the last four rounds using the subkey k 1 , to obtain the input of the (r-3)-th round, represented as α r−3 .They can take the above attack procedure to derive all nibbles of k ′ 2 when random faults are injected before δ r−8 in the (r-8)-th round.They have , where ϕ η denotes all possible solutions of (γ r−6 ⊕ γr−6 ) j = 0, 0 η 15 4 -1, 0 i 3, and 0 j 15.Hence, ))))) , where 0 i 3. The secret key, K, is deduced as 5 Attacking complexity

A rectangle view
The previously defined variables can be placed in a kind of rectangle (as in the rectangle attack), where in one dimension, we have the difference between the correct text and faulty text, and in the other dimension, we have the difference between the observed values (computed by the attacked device with the correct key) and predicted values (computed by the attackers with the key guess).We now provide an analysis based on a single column.We know that MixColumnsSerial maps an input difference with only one non-zero nibble, always to an output difference with four non-zero nibbles.There are 4 • 15 = 60 such nibbles.This is shown in the third row of Table 4. Similarly, for other types of inputs, we count the number of possible inputs in that case and count the number of times they are mapped to an output with 1, 2, 3, or 4 nonzero nibbles (Table 4).
Table 4 The relation between the numbers of nonzero input and output nibbles in MixColumnsSerial

Computing the probability
Lemma 1.As for the impossible meet-in-the-middle fault analysis on the LED, the probability that a wrong key guess survives a test is 0.774.Proof.In the proof, we ignore the final linear transformations.There are relations between β r and z as Figure 3 shows.
Assume that β r−1 ⊕ βr−1 takes all 15 4 values without Zeros, equally likely.We compute the probability that a wrong key guess survives a test.The computation is based on the probability of truncated differentials.For the SubCells, the truncated output difference equals the truncated input difference with probability 1.Hence, where * represents the truncated difference.Also, because addition with a subkey does not change the difference, β r * βr = z * ẑ.Furthermore, there are probabilistic relations between δ r−1 * δr−1 and β r−1 * βr−1 , and between µ * μ and ω * ω, determined by the numbers in Table 4. Finally, we derive that the weight of β r−1 * βr−1 is always 4 and a wrong key is discarded if the weight of ω * ω is smaller than 4.  Table 5 shows the values for p 1 (d) and p 2 (d).They are computed from the entries in Table 3.Thus, we could compute the probability that a wrong key guess survives a test is 0.774.

Computing the number of faults
Lemma 2. For q 1 , σ q = 2 16 − 2 16 (1 − 2 −2.13 ) q , where q represents the number of faults on average, and σ q denotes the amount of the removed subkey candidates with q faults.Proof.Because the attackers perform a brute force search on each column with the complexity of 2 16 , the attackers could remove 2 16 • (1 − 0.774) ≈ 2 13.85 , candidates for every column of a subkey by applying one pair of correct and faulty ciphertexts, where the probability of a wrong key guess surviving a test is 0.774 in Lemma 1.When other faults are induced, the subkey space can cover partial candidates of the original subkey space.The overlap of the two groups of equations is computed as (2 Hence, σ q+1 and σ q have a recursive relationship as where q 1 and σ 0 = 0.The attackers can solve the above recursive formula and derive σ q = 2 16 − 2 16 (1 − 2 −2.15 ) q .
Theorem 1.In an impossible meet-in-the-middle fault attack on the LED, the attackers can recover one subkey by injecting 43.44 faults into the (r-4)-th round, where r ∈ {32, 48}.
Proof.The subkey space decreases σ q = 2 16 − 2 16 (1 − 2 −2.15 ) q , from the above Lemma 1 and 2, if the attackers use q equations.The space of the secret key candidates must be 1 and hold That is,

Computing the complexity
The attacker can perform a brute-force search for one fault injection with the time complexity of

Simulation
The attack environment includes three servers with 32-core processors and 64 GB memory using Java.
The fault injections are simulated with 1000 process units by computer software.Accuracy, reliability, and latency are taken into consideration for evaluating the experimental results.Figure 4 illustrates the intersections of the subkey candidates, where the x-coordinate and y-coordinate denote the number of evaluated experiments and logarithm of the subkey candidates with base 2, respectively.The colored lines reflect the trend of the 1st, 11th, 22nd, 33rd, 44th, and 55th intersections, respectively.The accuracy illustrates how close the subkey candidates are to the true subkey.If the number of subkey candidates is close to one, the simulation is regarded as more accurate.The root mean-square error (RMSE) is defined as where n denotes the number of experiments in a subset, e represents the index of each experiment, and h e denotes the number of subkey candidates.The RMSE trend for each intersection of the subkey candidates is shown in Table 6, where n = 200 and e ∈ {1, . . ., 1000}.Further, all experiments are categorized into  five groups on average, denoted as G 1 , G 2 , G 3 , G 4 , and G 5 .This illustrates that the accuracy in each group for the same interaction is appropriate.Reliability describes the success rate in all experiments.The attack is regarded as successful until the attackers can derive only one subkey.The success rates on average are 0%, 0%, 0%, 0%, 23.2%, and 100% in Table 7.The attackers had to inject 44.20 random faults on average to derive one subkey.To break LED-64 and LED-128, the data complexities are 44.20  Latency is the time of recovery for one subkey.The latency of all experiments is between 5 and 15 s in Figure 5.

Conclusion
This paper proposes a novel impossible meet-in-the-middle fault attack on the LED in a nibble-oriented fault model.The IMFA attack could break LED-64 and LED-128 with only 44.20 and 88.40 faults on average, respectively.The attackers can provoke faults into the deeper rounds of the LED by x-ray, radiation, or micro-probe in the hardware implementation, or alter the internal state of the code in the Li W, et al.Sci China Inf Sci March 2018 Vol.61 032110:5

igure 3
The relationships among variables.

Figure 4 (
Figure 4 (Color online) The intersections of the subkey candidates in 1000 experiments.

Table 1
Summary of fault analysis on LED Figure 1 Structure of LED.

Table 2
Versions of LED

Table 3
Notations of LED

,
mod 16 η Li W, et al.Sci China Inf Sci

Table 5
The probability that a wrong key guess survives a test 15) ≈ 43.44.Hence, breaking LED-64 and LED-128 require 43.44 and 86.88 faults on average, respectively.

Table 6
The subkey recovery on accuracy by RMSE