Cryptology ePrint Archive: Report 2007/480
Differential Fault Analysis on the AES Key Schedule
Junko Takahashi and Toshinori Fukunaga
Abstract: This letter proposes a differential fault analysis
on the AES key schedule and shows how an entire 128-bit AES key can be retrieved.
In the workshop at FDTC 2007, we presented the DFA mechanism on the AES key schedule and proposed general attack rules.
Using our proposed rules, we showed an efficient attack that can retrieve 80 bits of the 128-bit key.
Recently, we have found a new attack that can obtain an additional 8 bits compared with our previous attack.
As a result, we present most efficient attack for
retrieving 88 bits of the 128-bit key using approximately
two pairs of correct and faulty ciphertexts.
Category / Keywords: secret-key cryptography / DFA, AES, Side Channel Analysis
Date: received 27 Dec 2007
Contact author: takahashi junko at lab ntt co jp
Available format(s): PDF | BibTeX Citation
Version: 20071228:045139 (All versions of this report)
Short URL: ia.cr/2007/480
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]