Security analysis of block cipher Piccolo suitable for wireless sensor networks

Piccolo is a 64-bit block cipher suitable for the constrained environments such as wireless sensor network environments. In this paper, we propose differential fault analysis on Piccolo. Based on a random byte fault model, our attack can recover the secret key of Piccolo-80 by using an exhaustive search of \(2^{24}\) and six random byte fault injections on average. It can be simulated on a general PC within a few seconds. In the case of Piccolo-128, we require an exhaustive search of \(2^{40}\) and eight random byte fault injections on average. This attack can be simulated on a general PC within 1 day. These results are the first known side-channel attack results on them.