Improved differential fault attack against SIMECK based on two-bit fault model

Low-end embedded systems gain specific advantages from using lightweight block ciphers, such as the SIMECK cipher, first introduced in 2015. However, the public nature of SIMECK has led to risks of potential fault attacks. Our study scrutinizes the differential fault attack (DFA) on SIMECK. It considers the different models of byte fault, in which the ability to obtain the fault location and the cracking efficiency of the round key are studied. Both theoretical and experimental testing demonstrate the ability to discover SIMECK's master key by inducing byte faults at LT−5, with a hamming weight of two and a bit distance of five, denoted as a two-bit fault. In the cases of SIMECK 48/96 and 64/128, an attacker can pinpoint the master key with 35.15 and 33.18 faults, respectively. Our method diverges from previous methodologies by introducing the fault in an earlier round and only one round, decreasing the number of faulty ciphertexts needed. Thus, this model is more practice.