Advertisement

Fault Based Collision Attacks on AES

  • Johannes Blömer
  • Volker Krummel
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4236)

Abstract

In this paper we present a new class of collision attacks that are based on inducing faults into the encryption process. We combine the classical fault attack of Biham and Shamir with the concept of collision attacks of Schramm et al. Unlike previous fault attacks by Blömer and Seifert our new attacks only need bit flips not bit resets. Furthermore, the new attacks do not need the faulty ciphertext to derive the secret key. We only need the weaker information whether a collision has occurred or not. This is an improvement over previous attacks presented for example by Dusart, Letourneux and Vivolo, Giraud, Chen and Yen or Piret and Quisquater. As it turns out the new attacks are very powerful even against sophisticated countermeasures like error detection and memory encryption.

Keywords

Side Channel Encryption Process Side Channel Attack Collision Attack Fault Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997)Google Scholar
  2. 2.
    Blömer, J., Guajardo, J., Krummel, V.: Provably secure masking of AES. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 69–83. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  3. 3.
    Blömer, J., Seifert, J.-P.: Fault based cryptanalysis of the advanced encryption standard (AES). In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 162–181. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  4. 4.
    Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults (extended abstract). In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)Google Scholar
  5. 5.
    Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener [21], pp. 398–412 (1999)Google Scholar
  6. 6.
    Chen, C.-N., Yen, S.-M.: Differential fault analysis on AES key schedule and some countermeasures. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727, pp. 118–129. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  7. 7.
    Daemen, J., Rijmen, V.: The Design of Rijndael: Information Security and Cryptography. Springer, Heidelberg (2002)Google Scholar
  8. 8.
    Dhem, J.-F., Koeune, F., Leroux, P.-A., Mestré, P., Quisquater, J.-J., Willems, J.-L.: A practical implementation of the timing attack. In: Schneier, B., Quisquater, J.-J. (eds.) CARDIS 1998. LNCS, vol. 1820, pp. 167–182. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  9. 9.
    Dusart, P., Letourneux, G., Vivolo, O.: Differential fault analysis on A.E.S. In: Zhou, J., Yung, M., Han, Y. (eds.) ACNS 2003. LNCS, vol. 2846, pp. 293–306. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  10. 10.
    Giraud, C.: DFA on AES. In: Dobbertin, H., Rijmen, V., Sowa, A. (eds.) AES 2005. LNCS, vol. 3373, pp. 27–41. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    Golic, J.D., Tymen, C.: Multiplicative masking and power analysis of AES. In: Kaliski Jr., et al. (eds.) [12], pp. 198–212Google Scholar
  12. 12.
    Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.): CHES 2002. LNCS, vol. 2523. Springer, Heidelberg (2003)Google Scholar
  13. 13.
    Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
  14. 14.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener [21], pp. 388–397Google Scholar
  15. 15.
    Koeune, F., Quisquater, J.-J.: A timing attack against Rijndael. Technical Report CG-1999/1, Université Catholique de Louvain (1999)Google Scholar
  16. 16.
    Messerges, T.S.: Securing the AES finalists against power analysis attacks. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 150–164. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  17. 17.
    Piret, G., Quisquater, J.-J.: A differential fault attack technique against SPN structures, with application to the AES and KHAZAD. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 77–88. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  18. 18.
    Schramm, K., Leander, G., Felke, P., Paar, C.: A collision-attack on AES: Combining side channel- and differential-attack. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 163–175. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  19. 19.
    Schramm, K., Wollinger, T.J., Paar, C.: A new class of collision attacks and its application to DES. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 206–222. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  20. 20.
    Skorobogatov, S.P., Anderson, R.J., et al.: Optical fault induction attacks. In: Kaliski Jr., et al. (eds.) [12], pp. 2–12Google Scholar
  21. 21.
    Wiener, M.J. (ed.): CRYPTO 1999. LNCS, vol. 1666. Springer, Heidelberg (1999)MATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Johannes Blömer
    • 1
  • Volker Krummel
    • 1
  1. 1.Faculty of Computer Science, Electrical Engineering and MathematicsUniversity of PaderbornGermany

Personalised recommendations