Paper 2010/063
Differential Fault Analysis on SMS4 Using a Single Fault
Ruilin Li, Bing Sun, Chao Li, and Jianxiong You
Abstract
Differential Fault Analysis (DFA) attack is a powerful cryptanalytic technique that could be used to retrieve the secret key by exploiting computational errors in the encryption (decryption) procedure. In the present paper, we propose a new DFA attack on SMS4 using a single fault. We show that if a random byte fault is induced into either the second, third, or fourth word register at the input of the $28$-th round, the 128-bit master key could be recovered with an exhaustive search of $22.11$ bits on average. The proposed attack makes use of the characteristic of the cipher's structure, the speciality of the diffusion layer, and the differential property of the S-box. Furthermore, it can be tailored to any block cipher employing a similar structure and an SPN-style round function as that of SMS4.
Note: Some typos are corrected.
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. An extended abstract of this paper appears in "Information Processing Letters"
- Keywords
- fault attacksdifferential fault analysisblock cipherSMS4
- Contact author(s)
- securitylrl @ gmail com
- History
- 2010-12-10: last of 4 revisions
- 2010-02-08: received
- See all versions
- Short URL
- https://ia.cr/2010/063
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2010/063,
author = {Ruilin Li and Bing Sun and Chao Li and Jianxiong You},
title = {Differential Fault Analysis on SMS4 Using a Single Fault},
howpublished = {Cryptology ePrint Archive, Paper 2010/063},
year = {2010},
note = {\url{https://eprint.iacr.org/2010/063}},
url = {https://eprint.iacr.org/2010/063}
}
