Automation of Fault Analysis
In the previous chapters, the reader has been acquainted with a number of different fault attack methodologies, including differential fault analysis (DFA), fault sensitivity analysis (FSA) and differential fault intensity analysis (DFIA). It is now amply clear that fault analysis attacks typically follow a common strategy of identifying an efficient key distinguisher, resulting from the diffusion of faults, followed by systematic elimination of wrong key candidates. This approach has been adapted for analyzing different ciphers till date, with certain cipher-specific optimizations requiring significant manual effort. An alternative approach, called Algebraic Fault Analysis (AFA), which combines so-called algebraic cryptanalysis with standard differential fault analysis, is recently gaining popularity. As a generic automated framework for fault analysis, AFA is found to have a lot of the potential. We dedicate this chapter for the study of AFA in detail, mainly in the context of lightweight block ciphers, for which it has been widely studied.