Differential Fault Analysis of AES-128 Key Schedule Using a Single Multi-byte Fault

In this paper we propose an improved multi-byte differential fault analysis of AES-128 key schedule using a single pair of fault-free and faulty ciphertexts. We propose a four byte fault model where the fault is induced at ninth round key. The induced fault corrupts all the four bytes of the first column of the ninth round key which subsequently propagates to the entire tenth round key. The elegance of the proposed attack is that it requires only a single faulty ciphertext and reduce the search space of the key to 232 possible choices. Using two faulty ciphertexts the attack uniquely determines the key. The attack improves the existing DFA of AES-128 key schedule, which requires two faulty ciphertexts to reduce the key space of AES-128 to 232, and four faulty ciphertexts to uniquely retrieve the key. Therefore, the proposed attack is more lethal than the existing attack as it requires lesser number of faulty ciphertexts. The simulated attack takes less than 20 minutes to reveal 128-bit secret key; running on a 8 core Intel Xeon E5606 processor at 2.13 GHz speed.

[1]  Debdeep Mukhopadhyay,et al.  Differential Fault Analysis of AES using a Single Multiple-Byte Fault , 2010, IACR Cryptol. ePrint Arch..

[2]  Jean-Jacques Quisquater,et al.  New Differential Fault Analysis on AES Key Schedule: Two Faults Are Enough , 2008, CARDIS.

[3]  Mitsuru Matsui,et al.  Cryptographic Hardware and Embedded Systems - CHES 2006, 8th International Workshop, Yokohama, Japan, October 10-13, 2006, Proceedings , 2006, CHES.

[4]  Sung-Ming Yen,et al.  Differential Fault Analysis on AES Key Schedule and Some Coutnermeasures , 2003, ACISP.

[5]  尚弘 島影 National Institute of Standards and Technologyにおける超伝導研究及び生活 , 2001 .

[6]  Burton S. Kaliski Advances in Cryptology - CRYPTO '97 , 1997 .

[7]  Junko Takahashi,et al.  DFA Mechanism on the AES Key Schedule , 2007 .

[8]  Debdeep Mukhopadhyay,et al.  Differential Fault Analysis of the Advanced Encryption Standard Using a Single Fault , 2011, WISTP.

[9]  Bart Preneel Progress in Cryptology - AFRICACRYPT 2009, Second International Conference on Cryptology in Africa, Gammarth, Tunisia, June 21-25, 2009. Proceedings , 2009, AFRICACRYPT.

[10]  Sylvain Guilley,et al.  Practical Setup Time Violation Attacks on AES , 2008, 2008 Seventh European Dependable Computing Conference.

[11]  Breveglieri Luca,et al.  Sixth International Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC 2009, Lausanne, Switzerland, 6 September 2009 , 2009, FDTC.

[12]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2002 , 2003, Lecture Notes in Computer Science.

[13]  Jean-Louis Lanet,et al.  Smart Card Research and Advanced Application, 9th IFIP WG 8.8/11.2 International Conference, CARDIS 2010, Passau, Germany, April 14-16, 2010. Proceedings , 2010, CARDIS.

[14]  Alessandro Barenghi,et al.  Low Voltage Fault Attacks on the RSA Cryptosystem , 2009, 2009 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC).

[15]  Jean-Pierre Seifert,et al.  Fault Based Cryptanalysis of the Advanced Encryption Standard (AES) , 2003, Financial Cryptography.

[16]  Information Security and Privacy , 1996, Lecture Notes in Computer Science.

[17]  Patel,et al.  Information Security: Theory and Practice , 2008 .

[18]  Amir Moradi,et al.  A Generalized Method of Differential Fault Attack Against AES Cryptosystem , 2006, CHES.

[19]  Christophe Giraud,et al.  DFA on AES , 2004, AES Conference.

[20]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[21]  Jean-Jacques Quisquater,et al.  A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD , 2003, CHES.

[22]  Pierre Dusart,et al.  Differential Fault Analysis on A.E.S , 2003, ACNS.

[23]  Debdeep Mukhopadhyay,et al.  An Improved Fault Based Attack of the Advanced Encryption Standard , 2009, AFRICACRYPT.

[24]  Debdeep Mukhopadhyay,et al.  Acceleration of Differential Fault Analysis of the Advanced Encryption Standard Using Single Fault , 2010, IACR Cryptol. ePrint Arch..

[25]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2003 , 2003, Lecture Notes in Computer Science.

[26]  Junko Takahashi,et al.  Practical Fault Attack on a Cryptographic LSI with ISO/IEC 18033-3 Block Ciphers , 2009, 2009 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC).

[27]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[28]  Simon Heron,et al.  Encryption: Advanced Encryption Standard (AES) , 2009 .

[29]  Walter Fumy,et al.  Advances in Cryptology — EUROCRYPT ’97 , 2001, Lecture Notes in Computer Science.

[30]  Debdeep Mukhopadhyay,et al.  A Differential Fault Analysis on AES Key Schedule Using Single Fault , 2011, 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[31]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.