Browse > Article
http://dx.doi.org/10.4218/etrij.11.0110.0478

Differential Fault Analysis for Round-Reduced AES by Fault Injection  

Park, Jea-Hoon (Graduate School of Electrical Engineering and Computer Science, Kyungpook National University)
Moon, Sang-Jae (School of Electronics Engineering, Kyungpook National University)
Choi, Doo-Ho (Software Research Laboratory, ETRI)
Kang, You-Sung (Software Research Laboratory, ETRI)
Ha, Jae-Cheol (Department of Information Security, Hoseo University)
Publication Information
ETRI Journal / v.33, no.3, 2011 , pp. 434-442 More about this Journal
Abstract
This paper presents a practical differential fault analysis method for the faulty Advanced Encryption Standard (AES) with a reduced round by means of a semi-invasive fault injection. To verify our proposal, we implement the AES software on the ATmega128 microcontroller as recommended in the standard document FIPS 197. We reduce the number of rounds using a laser beam injection in the experiment. To deduce the initial round key, we perform an exhaustive search for possible key bytes associated with faulty ciphertexts. Based on the simulation result, our proposal extracts the AES 128-bit secret key in less than 10 hours with 10 pairs of plaintext and faulty ciphertext.
Keywords
AES; fault attack; differential fault attack;
Citations & Related Records

Times Cited By Web Of Science : 3  (Related Records In Web of Science)
Times Cited By SCOPUS : 6
연도 인용수 순위
1 C. Giraud, "DFA on AES," Proc. AES, LNCS, vol. 3373, 2005, pp. 27-41.
2 J. Takahashi, T. Fikunaga, and K. Yamakoshi, "DFA Mechanism on the AES Key Schedule," Proc. FDTC, 2007, pp. 62-72.
3 C. Kim and J. Quisquater, "New Differential Fault Analysis on AES Key Schedule: Two Faults Are Enough," Proc. CARDIS, LNCS, vol. 5189, 2008, pp. 48-60.
4 H. Choukri and M. Tunstall, "Round Reduction Using Faults," Proc. FDTC, 2005, pp.13-24.
5 T. Shirai et al., "The 128-Bit Block Cipher CLEFIA (Extended Abstract)," Proc. FSE, LNCS, vol. 4953, 2007, pp. 181-195.
6 W. Li, D. Gu, and J. Li, "Differential Fault Analysis on the ARIA Algorithm," Information Sciences, Elsevier, vol. 178, no. 19, Oct. 2008, pp. 3727-3737.   DOI   ScienceOn
7 H. Chen, W. Wu, and D. Feng, "Differential Fault Analysis on CLEFIA," Proc. ICICS, LNCS, vol. 4861, 2007, pp. 284-295.
8 Atmel Corp. Available: http://www.atmel.com/dyn/resources/ prod documents/doc2467.pdf
9 New Wave Research Available: http://www.new-wave.com/ 1nwrProducts/EZLaze3.htm
10 NIST, "Announcing the Advanced Encryption Standard," FIPS 197, 2001. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
11 C. Chen and S. Yen, "Differential Fault Analysis on AES Key Schedule and Some Countermeasures," Proc. ACISP'03, LNCS, vol. 2727, 2003, pp. 118-129.
12 E. Biham and A. Shamir, "Differential Fault Analysis of Secret Key Cryptosystems," Proc. CRYPTO, LNCS, vol. 1294, 1997, pp. 513-525.
13 L. Hemme, "A Differential Fault Analysis Against Early Rounds of (Triple-) DES," Proc. CHES, LNCS, vol. 3156, 2004, pp. 254- 267.
14 J. BlÄomer and J. Seifert, "Fault Based Cryptanalysis of the Advanced Encryption Standard (AES)," Proc. FC, LNCS, vol. 2742, 2003, pp. 162-181.
15 G. Piret and J. Quisquater, "A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD," Proc. CHES, LNCS, vol. 2779, 2003, pp. 77-88.
16 P. Dusart, G. Letourneux, and O. Vivolo, "Differential Fault Analysis on AES," Proc. ACNS, LNCS, vol. 2846, 2003, pp. 293- 306.
17 A. Moradi, M. Shalmani, and M. Salmasizadeh, "A Generalized Method of Differential Fault Attack against AES Cryptosystem," Proc. CHES, LNCS, vol. 4249, 2006, pp. 91-100.