Paper 2024/284

Practical Improvements to Statistical Ineffective Fault Attacks

Barış Ege, Riscure B.V., Delft, The Netherlands
Bob Swinkels, Riscure B.V., Delft, The Netherlands
Dilara Toprakhisar, KU Leuven, Leuven, Belgium
Praveen Kumar Vadnala, Riscure B.V., Delft, The Netherlands

Statistical Fault Attacks (SFA), introduced by Fuhr et al., exploit the statistical bias resulting from injected faults. Unlike prior fault analysis attacks, which require both faulty and correct ciphertexts under the same key, SFA leverages only faulty ciphertexts. In CHES 2018, more powerful attacks called Statistical Ineffective Fault Attacks (SIFA) have been proposed. In contrast to the previous fault attacks that utilize faulty ciphertexts, SIFA exploits the distribution of the intermediate values leading to fault-free ciphertexts. As a result, the SIFA attacks were shown to be effective even in the presence of widely used fault injection countermeasures based on detection and infection. In this work, we build upon the core idea of SIFA, and provide two main practical improvements over the previously proposed analysis methods. Firstly, we show how to perform SIFA from the input side, which in contrast to the original SIFA, requires injecting faults in the earlier rounds of an encryption or decryption operation. If we consider the start of the operation as the trigger for fault injection, the cumulative jitter in the first few rounds of a cipher is much lower than the last rounds. Hence, performing the attack in the first or second round requires a narrower parameter range for fault injection and hence less fault injection attempts to recover the secret key. Secondly, in comparison to the straightforward SIFA approach of guessing 32-bits at a time, we propose a chosen input approach that reduces the guessing effort to 16-bits at a time. This decreases the key search space for full key recovery of an AES-128 implementation from $2^{34}$ to $2^{19}$.

Available format(s)
Attacks and cryptanalysis
Publication info
Published elsewhere. Minor revision. COSADE
Fault attacksSIFAAESChosen plaintext attack
Contact author(s)
ege @ riscure com
swinkels @ riscure com
dilara toprakhisar @ esat kuleuven be
vadnala @ riscure com
2024-02-23: approved
2024-02-20: received
See all versions
Short URL
Creative Commons Attribution


      author = {Barış Ege and Bob Swinkels and Dilara Toprakhisar and Praveen Kumar Vadnala},
      title = {Practical Improvements to Statistical Ineffective Fault Attacks},
      howpublished = {Cryptology ePrint Archive, Paper 2024/284},
      year = {2024},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.