The present paper develops an attack on the AES algorithm, exploiting multiple byte faults in the state matrix. The work shows that inducing a random fault anywhere in one of the four diagonals of the state matrix at the input of the eighth round of the cipher leads to the deduction of the entire AES key. We also propose a more generalized fault attack which works if the fault induction does no...

This paper describes a DFA attack on the AES key schedule. This fault model assumes that the attacker can induce a single byte fault on the round key. It efficiently finds the key of AES-128 with feasible computation and less than thirty pairs of correct and faulty ciphertexts. Several countermeasures are also proposed. This weakness can be resolved without modifying the structure of the AES al...

In this paper we present an enhanced Differential Fault Attack that can be applied to the AES using a single fault. We demonstrate that when a single random byte fault is induced that affects the input of the eighth round, the AES key can be deduced using a two stage algorithm. The first step, would be expected to reduce the possible key hypotheses to 2, and the second step to a mere 2. Further...

In this paper a fault based attack on MDS-AES has been proposed. It has been shown that inducing random byte fault at the input of the ninth round of the MDS-AES algorithm the key can be retrieved. Simulation shows that two faulty cipher text pairs are required to deduce the key without any brute-force search. If one faulty encryption is considered then the actual key can be ascertained with a ...

In this paper we study a parity check based countermeasure proposed by Chen et al. that thwarts their attack by detecting byte fault injection during the AES key schedule process. We provide a generalization of their approach that allows to derive parity equations for every AES sizes not given by the authors. We analyze why Chen et al. countermeasure does not properly works. Doing so we are abl...

The Proteus architecture is a highly parallel MIMD, multiple instruction multiple data, machine, optimized for large granularity tasks such as machine vision and image processing. The system can achieve 20 G-flops (80 G-flops peak). It accepts data via multiple serial links at a rate of up to 640 megabytes/second. The system employs hierarchical reconfigurable interconnection network with the h...

This article considers the use of magnetic pulses to inject transient faults into the calculations of a RISC micro-controller running the AES algorithm. A magnetic coil is used to generate the pulses. It induces computational faults without any physical contact with the device. The injected faults are proved to be constant (i.e. data independent) under certain experimental conditions. This beha...

The Camellia is a 128-bit block cipher published by NTT and Mitsubishi in 2000. Since the research of differential fault analysis against Camellia was proposed, much work has been devoted to realizing a more efficient different fault analysis. It is a very strong analysis for ciphers when a single fault is injected into the last several rounds of encryption and the whole secret key could be rec...

this paper presents the hardware simulation (based on vhdl code) of a multiple-fault tolerant cellular genetic algorithm. this study aims to increase the immunity of cellular genetic algorithm in multiple-fault situation. here, multiple-fault refers to the situation that seu (single event upset) occurs simultaneously at two or more bits of the chromosome and fitness registers. the fault model i...

In this paper, we propose a new method of differential fault analysis of SHA-3 which is based on the differential relations of the algorithm. Employing those differential relations in the fault analysis of SHA-3 gives new features to the proposed attacks, e.g., the high probability of fault detection and the possibility of re-checking initial faults and the possibility to recover internal state...