Paper 2011/178

Differential Fault Analysis of AES: Toward Reducing Number of Faults

Chong Hee KIM

Abstract

Differential Fault Analysis (DFA) finds the key of a block cipher using differential information between correct and faulty ciphertexts obtained by inducing faults during the computation of ciphertexts. Among many ciphers AES has been the main target of DFA due to its popularity. DFA of AES has also been diversied into several directions: reducing the required number of faults, applying it to multi-byte fault models, extending to AES-192 and AES-256, or exploiting faults induced at an earlier round. This paper deals with the first three directions together, especially giving weight to reducing the required number of faults. Many previous works show that the required numbers of faults are different although the same fault model is used. This comes from lack of a general method of constructing and solving differential fault equations. Therefore we first present how to generate differential fault equations systematically and reduce the number of candidates of the key with them, which leads us to find the minimum number of faults. Then we extend to multi-byte fault models and AES-192/256.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Full version of the paper published at Information Sciences V.199, pp.43-57 (2012)
Keywords
CryptanalysisSide channel attacksDifferential fault analysisBlock ciphersAES
Contact author(s)
chhkim7 @ gmail com
History
2012-07-11: last of 2 revisions
2011-04-08: received
See all versions
Short URL
https://ia.cr/2011/178
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2011/178,
      author = {Chong Hee KIM},
      title = {Differential Fault Analysis of {AES}: Toward Reducing Number of Faults},
      howpublished = {Cryptology {ePrint} Archive, Paper 2011/178},
      year = {2011},
      url = {https://eprint.iacr.org/2011/178}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.