Browse > Article
http://dx.doi.org/10.13089/JKIISC.2020.30.6.1263

Novel Differential Fault Attack Using Function-Skipping on AES  

Kim, Ju-Hwan (Department of Mathematics, Kookmin University)
Lee, JongHyeok (Department of Financial Information Security, Kookmin University)
Han, Dong-Guk (Department of Financial Information Security, Kookmin University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.30, no.6, 2020 , pp. 1263-1270 More about this Journal
Abstract
The differential fault attacks (DFA) are cryptoanalysis methods that reveal the secret key utilizing differences between the normal and faulty ciphertexts, which occurred when artificial faults are injected into an encryption device. The conventional DFA methods use faults to falsify intermediate values. Meanwhile, we propose the novel DFA method that uses a fault to skip a function. The proposed method has a very low attack complexity that reveals the secret key using one fault injected ciphertext within seconds. Also, we proposed a method that filters out ciphertexts where the injected faults did not occur the function-skipping. It makes our method realistic. To demonstrate the proposed method, we performed fault injection on the Riscure's Piñata board. As a result, the proposed method can filter out and reveal the secret key within seconds on a real device.
Keywords
Side-Channel Attack; Differential Fault Attack; AES; Instruction Skipping; Function Skipping;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 D. Boneh, R. DeMillo, and R. Lipton., "On the importance of checking cryptographic protocols for faults," Advances in Cryptology, EUROCRYPT'97, LNCS 1233, pp. 37-51, May. 1997.
2 O. Kommerling and M. Kuhn, "Design principles for tamper-resistant smart-card processors," Proceedings of the 1st Workshop on Smartcard Technology, pp. 9-20, May. 1999.
3 E. Biham and A. Shamir, "Differential fault analysis of secret key cryptosystems," Advances in Cryptology, CRYPTO'97, LNCS 1294, pp. 513-525, Aug, 1997.
4 J. Schmidt and C. Herbst, "A practical fault attack on square and multiply," Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 53-58, Aug. 2008.
5 D. Kumar, S. Patranabis, J. Breier, D. Mukhopadhyay, S. Bhasin, A. Chattopadhyay, and A. Baksi "A practical fault attack on ARX-like ciphers with a case study on ChaCha20," Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 33-40, Sep. 2017.
6 J. Park, S. Moon, D. Choi, Y. Kang, and J. Ha, "Differential fault analysis for round-reduced AES by fault injection," ETRI Journal, 33(3), pp. 434-442, Jun. 2011.   DOI
7 M. Dworkin, E. Barker, J. Nechvatal, J. Foti, L. Bassham, E. Roback, and J. Dray Jr., "Advanced Encryption Standard (AES)," NIST FIPS 197, Nov. 2001.
8 H. Choukri and M. Tunstall, "Round reduction using faults," Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 13-24, Sep. 2005.
9 J. Blomer and JP. Seifert, "Fault based cryptanalysis of the Advanced Encryption Standard (AES)," financial cryptography, LNCS 2742, pp. 162-181, Jan. 2003.
10 C. Chen and S. Yen, "Differential fault analysis on AES key schedule and Some countermeasures," Australasian Conference on Information Security and Privacy, LNCS 2727. pp. 118-129, Jul. 2003.
11 J. Breier, D. Jap, and C. Chen, "Laser profiling for the back-side fault attacks: with a practical laser skip Instruction attack on AES," Worksohp on Cyber-Physical System Security, pp. 99-103, Apr. 2015.