We provide a generalization of their approach that allows to derive parity equations for every AES sizes not given by the authors. We analyze why Chen et al. countermeasure does not properly works. Doing so we are able to extend the coverage of the fault detection to the full expanded key. Finally we suggest optimizations that reduce memory and computation costs, and propose an adaptation to a more general fault model.
Category / Keywords: side-channel analysis, fault attacks, parity check countermeasure, AES key schedule Date: received 9 Sep 2015 Contact author: antoine wurcker at xlim fr Available format(s): PDF | BibTeX Citation Version: 20150913:191826 (All versions of this report) Short URL: ia.cr/2015/877