A Generalized Method of Differential Fault Attack Against AES Cryptosystem

  • Amir Moradi
  • Mohammad T. Manzuri Shalmani
  • Mahmoud Salmasizadeh
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4249)


In this paper we describe two differential fault attack techniques against Advanced Encryption Standard (AES). We propose two models for fault occurrence; we could find all 128 bits of key using one of them and only 6 faulty ciphertexts. We need approximately 1500 faulty ciphertexts to discover the key with the other fault model. Union of these models covers all faults that can occur in the 9th round of encryption algorithm of AES-128 cryptosystem. One of main advantage of proposed fault models is that any fault in the AES encryption from start (AddRoundKey with the main key before the first round) to MixColumns function of 9th round can be modeled with one of our fault models. These models cover all states, so generated differences caused by diverse plaintexts or ciphertexts can be supposed as faults and modeled with our models. It establishes a novel technique to cryptanalysis AES without side channel information. The major difference between these methods and previous ones is on the assumption of fault models. Our proposed fault models use very common and general assumption for locations and values of occurred faults.


AES Fault Attacks Smart Card Side Channel Attacks Cryptanalysis 


  1. 1.
    Boneh, D., DeMillo, R.A., Lipton, R.J.: On the Importance of Eliminating Errors in Cryptographic Computations. Journal of Cryptology 14(2), 101–120 (2001)zbMATHCrossRefMathSciNetGoogle Scholar
  2. 2.
    Biham, E., Shamir, A.: Differential Fault Analysis of Secret Key Cryptosystems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997)Google Scholar
  3. 3.
    Blömer, J., Seifert, J.-P.: Fault Based Cryptanalysis of the Advanced Encryption Standard (AES). In: Financial Cryptography 2003. LNCS. Springer, Heidelberg (2003), Also available at: Google Scholar
  4. 4.
    Dusart, P., Letourneux, G., Vivolo, O.: Differential Fault Analysis on A.E.S, Available at:
  5. 5.
    Giraud, C.: DFA on AES. In: Dobbertin, H., Rijmen, V., Sowa, A. (eds.) AES 2005. LNCS, vol. 3373, pp. 27–41. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  6. 6.
    Piret, G., Quisquater, J.J.: A Differential Fault Attack Technique against SPN Structures, with Application to the AES and Khazad. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 77–88. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  7. 7.
    National Institute of Standards and Technology, Advanced Encryption Standard, NIST FIPS PUB 197 (2001)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Amir Moradi
    • 1
  • Mohammad T. Manzuri Shalmani
    • 1
  • Mahmoud Salmasizadeh
    • 2
  1. 1.Department of Computer EngineeringSharif University of TechnologyTehranIran
  2. 2.Electronic Research CenterSharif University of TechnologyTehranIran

Personalised recommendations