Paper 2018/357

Statistical Ineffective Fault Attacks on Masked AES with Fault Countermeasures

Christoph Dobraunig, Maria Eichlseder, Hannes Gross, Stefan Mangard, Florian Mendel, and Robert Primas


Implementation attacks like side-channel and fault attacks are a threat to deployed devices especially if an attacker has physical access. As a consequence, devices like smart cards and IoT devices usually provide countermeasures against implementation attacks, such as masking against side-channel attacks and detection-based countermeasures like temporal or spacial redundancy against fault attacks. In this paper, we show how to attack implementations protected with both masking and detection-based fault countermeasures by using statistical ineffective fault attacks using a single fault induction per execution. Our attacks are largely unaffected by the deployed protection order of masking and the level of redundancy of the detection-based countermeasure. These observations show that the combination of masking plus error detection alone may not provide sufficient protection against implementation attacks.

Note: Camera ready version for asiacrypt

Available format(s)
Secret-key cryptography
Publication info
A minor revision of an IACR publication in ASIACRYPT 2018
Implementation attackFault attackSFASIFA
Contact author(s)
robert primas @ iaik tugraz at
2018-09-08: revised
2018-04-18: received
See all versions
Short URL
Creative Commons Attribution


      author = {Christoph Dobraunig and Maria Eichlseder and Hannes Gross and Stefan Mangard and Florian Mendel and Robert Primas},
      title = {Statistical Ineffective Fault Attacks on Masked AES with Fault Countermeasures},
      howpublished = {Cryptology ePrint Archive, Paper 2018/357},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.