Cryptology ePrint Archive: Report 2010/063
Differential Fault Analysis on SMS4 Using a Single Fault
Ruilin Li and Bing Sun and Chao Li and Jianxiong You
Abstract: Differential Fault Analysis (DFA) attack is a powerful cryptanalytic
technique that could be used to retrieve the secret key by
exploiting computational errors in the encryption (decryption) procedure. In the present paper, we propose a new DFA attack on SMS4 using a single fault. We show that if a random byte fault is induced into either the second, third, or fourth word register at the input of the $28$-th round, the 128-bit master key could be recovered with an exhaustive search of $22.11$ bits on average. The proposed attack makes use of the characteristic of the cipher's structure, the speciality of the diffusion layer, and the differential property of the S-box. Furthermore, it can be tailored to any block cipher
employing a similar structure and an SPN-style round function as that of SMS4.
Category / Keywords: secret-key cryptography / fault attacks, differential fault analysis, block cipher, SMS4
Publication Info: An extended abstract of this paper appears in "Information Processing Letters"
Date: received 6 Feb 2010, last revised 10 Dec 2010
Contact author: securitylrl at gmail com
Available format(s): PDF | BibTeX Citation
Note: Some typos are corrected.
Version: 20101210:160139 (All versions of this report)
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]