Electromagnetic Glitch on the AES Round Counter

  • Amine Dehbaoui
  • Amir-Pasha Mirbaha
  • Nicolas Moro
  • Jean-Max Dutertre
  • Assia Tria
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7864)


This article presents a Round Addition Analysis on a software implementation of the Advanced Encryption Standard (aes) algorithm. The round keys are computed on-the-fly during each encryption. A non-invasive transient fault injection is achieved on the aes round counter. The attack is performed by injecting a very short electromagnetic glitch on a 32-bit microcontroller based on the arm Cortex-M3 processor. Using this experimental setup, we are able to disrupt the round counter increment at the end of the penultimate round and execute one additional round. This faulty execution enables us to recover the encryption key with only two pairs of corresponding correct and faulty ciphertexts.


Advance Encryption Standard Fault Injection Fault Attack Faulty Ciphertext Fault Injection Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    ARM. ARM Debug Interface v5 (2008)Google Scholar
  2. 2.
    ARM. Documentation about Cortex-M3 processors (2010)Google Scholar
  3. 3.
    Bae, K., Moon, S., Choi, D., Choi, Y., Choi, D.-S., Ha, J.: Differential fault analysis on AES by round reduction. In: Proceedings of ICCIT 2011, pp. 607–612. IEEE (2011)Google Scholar
  4. 4.
    Balasch, J., Gierlichs, B., Verbauwhede, I.: An in-depth and black-box characterization of the effects of clock glitches on 8-bit MCUs. In: Proceedings of FDTC 2011, pp. 105–114 (2011)Google Scholar
  5. 5.
    Barenghi, A., Breveglieri, L., Koren, I., Naccache, D.: Fault injection attacks on cryptographic devices: Theory, practice, and countermeasures. In: Proceedings of the IEEE (2012)Google Scholar
  6. 6.
    Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  7. 7.
    Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  8. 8.
    Choukri, H., Tunstall, M.: Round reduction using faults. In: Proceedings of FDTC 2005, pp. 13–24 (2005)Google Scholar
  9. 9.
    Dehbaoui, A., Dutertre, J.-M., Robisson, B., Tria, A.: Electromagnetic transient faults injection on a hardware and a software implementations of AES. In: Proceedings of FDTC 2012, pp. 7–15. IEEE (2012)Google Scholar
  10. 10.
    Dutertre, J.-M., Mirbaha, A.-P., Naccache, D., Ribotta, A.-L., Tria, A., Vaschalde, T.: Fault round modification analysis of the advanced encryption standard. In: Proceedings of HOST 2012. IEEE (2012)Google Scholar
  11. 11.
    Kim, C.H., Quisquater, J.-J.: Fault attacks for CRT based RSA: New attacks, new results, and new countermeasures. In: Sauveron, D., Markantonakis, K., Bilas, A., Quisquater, J.-J. (eds.) WISTP 2007. LNCS, vol. 4462, pp. 215–228. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  12. 12.
    NIST. Announcing the Advanced Encryption Standard (aes). Federal Information Processing Standards Publication, n. 197 (November 26, 2001)Google Scholar
  13. 13.
    Park, J., Moon, S., Choi, D., Kung, Y., Ha, J.: Differential fault analysis for round-reduced AES by fault injection. ETRI Journal 33(3), 434–442 (2011)CrossRefGoogle Scholar
  14. 14.
    Poucheret, F., Tobich, K., Lisart, M., Robisson, B., Chusseau, L., Maurine, P.: Local and direct EM injection of power into CMOS integrated circuits. In: Proceedings of FDTC 2011. IEEE (2011)Google Scholar
  15. 15.
    Quisquater, J.-J., Samyde, D.: Eddy current for magnetic analysis with active sensor. In: Proceedings of Esmart 2002 (2002)Google Scholar
  16. 16.
    Schmidt, J.-M., Herbst, C.: A practical fault attack on square and multiply. In: Proceedings of FDTC 2008, pp. 53–58 (2008)Google Scholar
  17. 17.
    Schmidt, J.-M., Hutter, M.: Optical and EM fault-attacks on CRT-based RSA: Concrete results. In: Proceedings of Austrochip 2007, pp. 61–67. Verlag der Technischen Universität (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Amine Dehbaoui
    • 1
  • Amir-Pasha Mirbaha
    • 2
  • Nicolas Moro
    • 1
  • Jean-Max Dutertre
    • 2
  • Assia Tria
    • 1
  1. 1.CEA-LETIGardanneFrance
  2. 2.École nationale supérieure des Mines de Saint-ÉtienneGardanneFrance

Personalised recommendations