Paper 2014/782

Precise Fault-Injections using Voltage and Temperature Manipulation for Differential Cryptanalysis

Raghavan Kumar, Philipp Jovanovic, and Ilia Polian


State-of-the-art fault-based cryptanalysis methods are capable of breaking most recent ciphers after only a few fault injections. However, they require temporal and spatial accuracies of fault injection that were believed to rule out low-cost injection techniques such as voltage, frequency or temperature manipulation. We investigate selection of supply-voltage and temperature values that are suitable for high-precision fault injection even up to a single bit. The object of our studies is an ASIC implementation of the recently presented block cipher PRINCE, for which a two-stage fault attack scheme has been suggested lately. This attack requires, on average, about four to five fault injections in well-defined locations. We show by electrical simulations that voltage-temperature points exist for which faults show up at locations required for a successful attack with a likelihood of around 0.1\%. This implies that the complete attack can be mounted by approximately 4,000 to 5,000 fault injection attempts, which is clearly feasible.

Available format(s)
Secret-key cryptography
Publication info
Published elsewhere. Minor revision. On-Line Testing Symposium (IOLTS), 2014 IEEE 20th International
fault-based attacksdifferential fault analysisPRINCEblock ciphervoltage manipulationtemperature manipulation
Contact author(s)
jovanovic @ fim uni-passau de
2014-10-06: revised
2014-10-06: received
See all versions
Short URL
Creative Commons Attribution


      author = {Raghavan Kumar and Philipp Jovanovic and Ilia Polian},
      title = {Precise Fault-Injections using Voltage and Temperature Manipulation for Differential Cryptanalysis},
      howpublished = {Cryptology ePrint Archive, Paper 2014/782},
      year = {2014},
      doi = {10.1109/IOLTS.2014.6873670},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.