Abstract With the widespread deployment of the lightweight cryptography (LWC) standard Ascon in resource-constrained devices, research on physical attacks against Ascon, especially fault attacks, has made noticeable progress in recent years. Existing fault attacks on Ascon often require substantial fault injections. To address this, we propose scoring functions with multiple distinguishers for statistical ineffective fault analysis (SIFA), statistical effective fault analysis (SEFA), and statistical hybrid fault analysis (SHFA) to recover key bits. In addition, we propose an impossible statistical effective fault analysis (ISEFA) that exploits an impossible event in the fault-induced distribution to directly eliminate incorrect key hypotheses, reducing reliance on complex computations of distinguishers. We conduct extensive simulations and evaluate the number of fault injections, recovery accuracy, success rate, and time overhead across different distinguisher-analysis combinations. The results show that, under SHFA with the GF distinguisher, only 34 fault injections are sufficient to achieve a 99% success rate for recovering a 128-bit key, which is fewer than prior results on Ascon fault analysis. Moreover, we discuss the practical feasibility of the proposed methods and outline two conceptually motivated directions for potential countermeasures.
Gao et al. (Fri,) studied this question.