A Differential Fault Attack Against Early Rounds of (Triple-)DES
نویسنده
چکیده
Previously proposed differential fault analysis (DFA) techniques against iterated block ciphers mostly exploit computational errors in the last few rounds of the cipher to extract the secret key. In this paper we describe a DFA attack that exploits computational errors in early rounds of a Feistel cipher. The principle of the attack is to force collisions by inducing faults in intermediate results of the cipher. We put this attack into practice against DES implemented on a smart card and extracted the full round key of the first round within a few hours by inducing one bit errors in the second and third round, respectively.
منابع مشابه
Differential Fault Analysis on DES Middle Rounds
Differential Fault Analysis (DFA) is a powerful cryptanalytic technique that disturbs cryptographic computations and exploits erroneous results to infer secret keys. Over the last decade, many works have described and improved DFA techniques against block ciphers thus showing an inherent need to protect their implementations. A simple and widely used solution is to perform the computation twice...
متن کاملFirst Differential Attack on Full 32-Round GOST
GOST 28147-89 is a well-known block cipher and the official encryption standard of the Russian Federation. A 256-bit block cipher considered as an alternative for AES-256 and triple DES, having an amazingly low implementation cost and thus increasingly popular and used [12,15,13,20]. Until 2010 researchers have written that: “despite considerable cryptanalytic efforts spent in the past 20 years...
متن کاملDifferential Cryptanalysis of GOST
GOST 28147-89 is a well-known block cipher and the official encryption standard of the Russian Federation. A 256-bit block cipher considered as an alternative for AES-256 and triple DES, having an amazingly low implementation cost and thus increasingly popular and used [22, 23, 30, 24, 41]. Until 2010 researchers unanimously agreed that: “despite considerable cryptanalytic efforts spent in the ...
متن کاملSecret External Encodings Do Not Prevent Transient Fault Analysis
Contrarily to Kerckhoffs’ principle, many applications of today’s cryptography still adopt the security by obscurity paradigm. Furthermore, in order to rely on its proven or empirical security, some realizations are based on a given well known and widely used cryptographic algorithm. In particular, a possible design would obfuscate a standard block cipher E by surrounding it with two secret ext...
متن کاملRelated-Key Attacks on Triple-DES and DESX Variants
In this paper, we present related-key slide attacks on 2-key and 3-key triple DES, and related-key differential and slide attacks on two variants of DESX. First, we show that 2-key and 3-key triple-DES are susceptible to related-key slide attacks. The only previously known such attacks are related-key differential attacks on 3-key triple-DES. Second, we present a related-key differential attack...
متن کامل