In this paper we describe several fault attacks on the Advanced Encryption Standard (AES). First, using optical fault induction attacks as recently publicly presented by Skorobogatov and Anderson [SA], we present an implementation independent fault attack on AES. This attack is able to determine the complete 128-bit secret key of a sealed tamper-proof smartcard by generating 128 faulty cipher t...

This paper compares the software speeds of 128-bit 10-round AES, 256-bit 14-round AES, 256-bit CryptMT v3, 256-bit Dragon, 128bit HC-128, 256-bit HC-256, 128-bit LEX v1, 128-bit NLS v2, 128bit Rabbit, 256-bit RC4, 256-bit Salsa20/8, 256-bit Salsa20/12, 256-bit Salsa20/20, 256-bit SNOW 2.0, 256-bit Sosemanuk, and 80-bit TRIV-

In this paper we show a new differential fault analysis (DFA) on the AES-128 key scheduling process. We can obtain 96 bits of the key with 2 pairs of correct and faulty ciphertexts enabling an easy exhaustive key search of 2 keys. Furthermore we can retrieve the entire 128 bits with 4 pairs. To the authors’ best knowledge, it is the smallest number of pairs to find the entire AES-128 key with a...

This letter proposes a differential fault analysis on the AES key schedule and shows how an entire 128-bit AES key can be retrieved. In the workshop at FDTC 2007, we presented the DFA mechanism on the AES key schedule and proposed general attack rules. Using our proposed rules, we showed an efficient attack that can retrieve 80 bits of the 128-bit key. Recently, we have found a new attack that ...

Advanced Encryption Standard (AES) is one of the most widely used block ciphers nowadays, and has been established as an encryption standard in 2001. Here we design AES-128 sample-AES (S-AES) quantum circuits for deciphering. In circuit AES-128, perform affine transformation SubBytes part to solve problem that initial state output qubits not ∣0⟩⊗8 state. After that, are able encode new round su...

The current encryption standard for wireless networks recommends using the AES cipher in the counter (CTR) mode for confidentiality and the cipher block chaining (CBC) mode for authentication. In the counter mode, a 128 bit counter is encrypted using the AES into 128 bit keystream which is then XORed with 128 bits of plaintext before transmission. This operation is repeated for the entire frame...

A software defined radio (SDR) is a radio transmitter/receiver that uses reconfigurable hardware and software for encoding/decoding, modulation/demodulation, and encrypting/decrypting. This allows much more power and flexibility when designing any radio system. The AES algorithm is a block cipher that can encrypt and decrypt digital information. The AES algorithm is capable of using cryptograph...

Since Rijndael was chosen as the Advanced Encryption Standard (AES), improving upon 7-round attacks on the 128-bit key variant (out of 10 rounds) or upon 8-round attacks on the 192/256-bit key variants (out of 12/14 rounds) has been one of the most difficult challenges in the cryptanalysis of block ciphers for more than a decade. In this paper, we present the novel technique of block cipher cry...

Abstract. Biclique cryptanalysis was proposed by Bogdanov et al. in Asiacrypt 2011 as a new tool for cryptanalysis of block ciphers. A major hurdle in carrying out biclique cryptanalysis is that it has a very high query complexity (of the order of 2 for AES-128, 2 for AES-192 and 2 for AES-256). This naturally puts a big question mark over the practical feasibility of implementing biclique atta...