Differential Fault Analysis for Round - Reduced AES by Fault Injection
نویسنده
چکیده
© 2011 ETRI Journal, Volume 33, Number 3, June 2011 This paper presents a practical differential fault analysis method for the faulty Advanced Encryption Standard (AES) with a reduced round by means of a semi-invasive fault injection. To verify our proposal, we implement the AES software on the ATmega128 microcontroller as recommended in the standard document FIPS 197. We reduce the number of rounds using a laser beam injection in the experiment. To deduce the initial round key, we perform an exhaustive search for possible key bytes associated with faulty ciphertexts. Based on the simulation result, our proposal extracts the AES 128-bit secret key in less than 10 hours with 10 pairs of plaintext and faulty ciphertext.
منابع مشابه
An Information Theoretic Perspective on the Differential Fault Analysis against AES
Differential Fault Analysis against AES has been actively studied these years. Based on similar assumptions of the fault injection, different DFA attacks against AES have been proposed. However, it is difficult to understand how different attack results are obtained for the same fault injection. It is also difficult to understand the relationship between similar assumptions of fault injection a...
متن کاملSecurity Analysis of AES Using Functionality Fault Model
Security of cryptographic circuits is a major concern. Smartcards are targeted by sophisticated attacks like fault attacks that combine physical disturbance and cryptanalysis. We propose a methodology and a tool (PAFI) to analyse the robustness of circuits under fault attacks using fault injection in simulation. The number of injection is reduced by taking into account the function of the latch...
متن کاملA Generalized Method of Differential Fault Attack Against AES Cryptosystem
Abstract. In this paper we describe two differential fault attack techniques against Advanced Encryption Standard (AES). We propose two models for fault occurrence; we could find all 128 bits of key using one of them and only 6 faulty ciphertexts. We need approximately 1500 faulty ciphertexts to discover the key with the other fault model. Union of these models covers all faults that can occur ...
متن کاملPractical Fault Attacks on Authenticated Encryption Modes for AES
Since the first demonstration of fault attacks by Boneh et al. on RSA, a multitude of fault attack techniques on various cryptosystems have been proposed. Most of these techniques, like Differential Fault Analysis, Safe Error Attack, and Collision Fault Analysis have the requirement to process two inputs that are either identical or related, in order to generate pairs of correct/faulty cipherte...
متن کاملDifferential Fault Analysis of the Advanced Encryption Standard using a Single Fault
In this paper we present an enhanced Differential Fault Attack that can be applied to the AES using a single fault. We demonstrate that when a single random byte fault is induced that affects the input of the eighth round, the AES key can be deduced using a two stage algorithm. The first step, would be expected to reduce the possible key hypotheses to 2, and the second step to a mere 2. Further...
متن کامل