Cryptology ePrint Archive: Report 2018/357

Statistical Ineffective Fault Attacks on Masked AES with Fault Countermeasures

Christoph Dobraunig and Maria Eichlseder and Hannes Gross and Stefan Mangard and Florian Mendel and Robert Primas

Abstract: Implementation attacks like side-channel and fault attacks are a threat to deployed devices especially if an attacker has physical access. As a consequence, devices like smart cards and IoT devices usually provide countermeasures against implementation attacks, such as masking against side-channel attacks and detection-based countermeasures like temporal or spacial redundancy against fault attacks. In this paper, we show how to attack implementations protected with both masking and detection-based fault countermeasures by using statistical ineffective fault attacks using a single fault induction per execution. Our attacks are largely unaffected by the deployed protection order of masking and the level of redundancy of the detection-based countermeasure. These observations show that the combination of masking plus error detection alone may not provide sufficient protection against implementation attacks.

Category / Keywords: secret-key cryptography / Implementation attack, Fault attack, SFA, SIFA

Original Publication (with minor differences): IACR-ASIACRYPT-2018

Date: received 16 Apr 2018, last revised 8 Sep 2018

Contact author: robert primas at iaik tugraz at

Available format(s): PDF | BibTeX Citation

Note: Camera ready version for asiacrypt

Version: 20180908:200950 (All versions of this report)

Short URL: ia.cr/2018/357


[ Cryptology ePrint archive ]