Improved Fault Attack on LBlock: Earlier Injection with No Extra Faults

As one of the most popular lightweight ciphers in recent years, LBlock has attracted great attention. Researchers have explored the security of LBlock against various attacks. We focus on fault attack—one of the most important implementation attacks. In the past two years, fault attacks under the random fault model have been successfully applied to LBlock, supposing faults were injected at the end of the 24th to the 31st round. If faults are injected at the end of the 23rd round, previous attacks only work under the semi-random fault model. For the first time, we address this issue and propose a 23rd round fault attack under the random fault model. Compared with the previous works, our attack extends the fault injection to earlier round, with reasonable time cost and no extra faults. Experiments show that it only takes 10 faults to recover the secret key.