Lightweight cryptographic primitives are widely deployed in resource-constrained environments, particularly in Internet of Things (IoT) devices. Due to their public accessibility, these devices are vulnerable to physical attacks, especially fault attacks. Recently, deep learning-based cryptanalytic techniques have demonstrated promising results; however, their application to fault attacks remains limited, particularly for stream ciphers. In this work, we investigate the feasibility of deep learning assisted differential fault attacks on three lightweight stream ciphers, namely ACORNv3, MORUSv2, and ATOM, under a relaxed fault model in which a single-bit bit-flipping fault is injected at an unknown location. We develop and train multilayer perceptron (MLP) models to identify the fault locations. Experimental results show that the trained models achieve high identification accuracies of 0.999880, 0.999231, and 0.823568 for ACORNv3, MORUSv2 and ATOM, respectively, and outperform traditional signature-based methods. For the secret recovery process, we introduce a threshold-based method to optimize the number of fault injections required to recover the secret information. The results show that the initial state of ACORN can be recovered with 21 to 34 faults, while MORUS requires 213 to 248 faults, with at most 6 bits of guessing. Both attacks reduce the attack complexity compared to existing works. For ATOM, the results show that it possesses a higher security margin, as the majority of state bits in the Nonlinear Feedback Shift Register (NFSR) can only be recovered under a precise control model. To the best of our knowledge, this work provides the first experimental results of differential fault attacks on ATOM.

翻译：轻量级密码原语广泛部署于资源受限环境，尤其在物联网（IoT）设备中。由于这些设备的公开可访问性，它们易受物理攻击，尤其是故障攻击。近年来，基于深度学习的密码分析技术已展现出显著成果，但其在故障攻击中的应用仍十分有限，特别是针对流密码。在本工作中，我们研究了在宽松故障模型下——即在未知位置注入单比特翻转故障——对三种轻量级流密码（ACORNv3、MORUSv2和ATOM）实施深度学习辅助差分故障攻击的可行性。我们开发并训练了多层感知机（MLP）模型以识别故障位置。实验结果表明，训练后的模型对ACORNv3、MORUSv2和ATOM的识别准确率分别达到0.999880、0.999231和0.823568，优于传统的基于签名的方法。在秘密恢复过程中，我们引入了一种基于阈值的方法以优化恢复秘密信息所需的故障注入次数。结果显示，恢复ACORN初始状态需要21至34次故障，而MORUS需要213至248次故障，且最多猜测6比特。两种攻击均相比现有工作降低了攻击复杂度。对于ATOM，结果表明其具有更高的安全裕度，因为非线性反馈移位寄存器（NFSR）中的大部分状态比特只能在精确控制模型下被恢复。据我们所知，本工作首次提供了针对ATOM的差分故障攻击实验验证结果。