Paper 2012/552

Provably Secure Concurrent Error Detection Against Differential Fault Analysis

Xiaofei Guo, Debdeep Mukhopadhyay, and Ramesh Karri

Abstract

Differential fault analysis (DFA) poses a significant threat to Advanced Encryption Standard (AES). It has been demonstrated that DFA can use only a single faulty ciphertext to reveal the secret key of AES in an average of 230 computation. Traditionally, concurrent error detection (CED) is used to protect AES against DFA. However, we emphasize that conventional CED assumes a uniform distribution of faults, which is not a valid assumption in the context of DFA. In contrast, we show practical examples which highlight that an attacker can inject specific and exploitable faults, thus threatening existing CED. This paper brings to the surface a new CED approach for cryptography, aimed at providing provable security by detecting all possible DFA-exploitable faults, which is a small subset of the entire fault space. We analyze the fault coverage of conventional CED against DFA-exploitable faults, and we find that the fault coverage of most of these techniques are significantly lower than the one they claimed. We stress that for security, it is imperative that CED should provide 100% fault coverage for DFA-exploitable faults. We further propose an invariance-based CED which provides 100% provable security against all known DFA of AES.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Under IEEE journal review
Keywords
Differential fault analysis
Contact author(s)
xguo02 @ students poly edu
History
2014-02-27: last of 3 revisions
2012-09-27: received
See all versions
Short URL
https://ia.cr/2012/552
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2012/552,
      author = {Xiaofei Guo and Debdeep Mukhopadhyay and Ramesh Karri},
      title = {Provably Secure Concurrent Error Detection Against Differential Fault Analysis},
      howpublished = {Cryptology {ePrint} Archive, Paper 2012/552},
      year = {2012},
      url = {https://eprint.iacr.org/2012/552}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.