Cryptology ePrint Archive: Report 2010/396

From AES-128 to AES-192 and AES-256, How to Adapt Differential Fault Analysis Attacks

Noémie Floissac and Yann L'Hyver

Abstract: Since its announcement, AES has been subject to different DFA attacks. Most of these attacks target the AES with 128-bit key. However, the two other variants are nowadays deployed in various applications and are also submitted to the same attack path. In this paper, we adapt the DFA techniques originally used on AES-128 in order to obtain the keys of AES-192 and AES-256. To illustrate this method, we propose efficient attacks on AES-192 and AES-256 based on a known DFA on KeyExpansion.

Category / Keywords: secret-key cryptography / DFA, fault injection, AES-192, AES-256, adaptation, extension, reproduction

Date: received 13 Jul 2010

Contact author: y lhyver at serma com

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Version: 20100713:232741 (All versions of this report)

Short URL: ia.cr/2010/396

Discussion forum: Show discussion | Start new discussion