Differential fault attacks against AES tampering with the instruction flow

Most of the attacks against the Advanced Encryption Standard based on faults mainly aim at either altering the temporary value of the message or key during the computation. Few other attacks tamper the instruction flow in order to reduce the number of round iterations to one or two. In this work, we extend this idea and present fault attacks against the AES algorithm that exploit the misbehavior of the instruction flow during the last round. In particular, we consider faults that cause the algorithm to skip, repeat or corrupt one of the four AES round functions. In principle, these attacks are applicable against both software and hardware implementations, by targeting the execution of instructions or the control logic. As conclusion countermeasures against fault attacks must also cover the instruction flow and not only the processed data.

[1]  SangJae Moon,et al.  Differential Fault Analysis for Round‐Reduced AES by Fault Injection , 2011 .

[2]  David Naccache,et al.  The Sorcerer's Apprentice Guide to Fault Attacks , 2006, Proceedings of the IEEE.

[3]  Ingrid Verbauwhede,et al.  An In-depth and Black-box Characterization of the Effects of Clock Glitches on 8-bit MCUs , 2011, 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[4]  Ludger Hemme,et al.  A Differential Fault Attack Against Early Rounds of (Triple-)DES , 2004, CHES.

[5]  Giorgio Di Natale,et al.  On Countermeasures Against Fault Attacks on the Advanced Encryption Standard , 2012, Fault Analysis in Cryptography.

[6]  Junko Takahashi,et al.  Improved Differential Fault Analysis on CLEFIA , 2008, 2008 5th Workshop on Fault Diagnosis and Tolerance in Cryptography.

[7]  Jean-Pierre Seifert,et al.  Fault Based Cryptanalysis of the Advanced Encryption Standard (AES) , 2003, Financial Cryptography.

[8]  Jean-Jacques Quisquater,et al.  New Differential Fault Analysis on AES Key Schedule: Two Faults Are Enough , 2008, CARDIS.

[9]  Jörn-Marc Schmidt,et al.  Countermeasures for Symmetric Key Ciphers , 2012, Fault Analysis in Cryptography.

[10]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.

[11]  Moti Yung,et al.  A Comparative Cost/Security Analysis of Fault Attack Countermeasures , 2006, FDTC.

[12]  Hua Chen,et al.  Differential Fault Analysis on CLEFIA , 2007, ICICS.

[13]  Jasper G. J. van Woudenberg,et al.  Practical Optical Fault Injection on Secure Microcontrollers , 2011, 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[14]  Jörn-Marc Schmidt,et al.  A Practical Fault Attack on Square and Multiply , 2008, 2008 5th Workshop on Fault Diagnosis and Tolerance in Cryptography.

[15]  Ingrid Verbauwhede,et al.  The Fault Attack Jungle - A Classification Model to Guide You , 2011, 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[16]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[17]  Debdeep Mukhopadhyay,et al.  Differential Fault Analysis of the Advanced Encryption Standard Using a Single Fault , 2011, WISTP.

[18]  Sung-Ming Yen,et al.  Differential Fault Analysis on AES Key Schedule and Some Coutnermeasures , 2003, ACISP.

[19]  Marc Joye,et al.  Fault Analysis in Cryptography , 2012, Information Security and Cryptography.

[20]  Christophe Giraud,et al.  DFA on AES , 2004, AES Conference.

[21]  Michael Tunstall,et al.  Round Reduction Using Faults , 2005 .

[22]  Georg Sigl,et al.  2011 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC 2011, Tokyo, Japan, September 29, 2011 , 2011, FDTC.

[23]  M. Kuhn,et al.  The Advanced Computing Systems Association Design Principles for Tamper-resistant Smartcard Processors Design Principles for Tamper-resistant Smartcard Processors , 2022 .

[24]  Jean-Jacques Quisquater,et al.  A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD , 2003, CHES.

[25]  Debdeep Mukhopadhyay,et al.  An Improved Fault Based Attack of the Advanced Encryption Standard , 2009, AFRICACRYPT.

[26]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[27]  Amir Moradi,et al.  A Generalized Method of Differential Fault Attack Against AES Cryptosystem , 2006, CHES.