Skip to main content
SpringerLink
Log in

Differential fault analysis of AES: towards reaching its limits

  • Regular Paper
  • Published:
Journal of Cryptographic Engineering Aims and scope Submit manuscript

Abstract

In this paper, we present a theoretical analysis of the limits of the differential fault analysis (DFA) of AES by developing an inter-relationship between conventional cryptanalysis of AES and DFAs. We show that the existing attacks have not reached these limits and present techniques to reach these. More specifically, we propose optimal DFA on states of AES-128 and AES-256. We also propose attacks on the key schedule of the three versions of AES, and demonstrate that these are some of the most efficient attacks on AES to date. Our attack on AES-128 key schedule is optimal, and the attacks on AES-192 and AES-256 key schedule are very close to optimal. Detailed experimental results have been provided for the developed attacks. The work has been compared to other works and also the optimal limits of DFA of AES.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15

Similar content being viewed by others

Notes

  1. This assumption is not entirely true since an attack on the full AES-128 has recently been published [6]. However, this attack is marginal and will not affect our reasoning with regard to collision attacks.

  2. For the sake of simplicity we do not consider the four solutions cases.

References

  1. Ali, S., Mukhopadhyay, D., Tunstall, M.: Differential Fault Analysis of AES using a Single Multiple-Byte Fault. Cryptology ePrint Archive, Report 2010/636 (2010). http://eprint.iacr.org/

  2. Barenghi, A., Bertoni, G., Breveglieri, L., Pellicioli, M., Pelosi, G.: Low Voltage Fault Attacks to AES and RSA on General Purpose Processors. Cryptology ePrint Archive, Report 2010/130 (2010). http://eprint.iacr.org/

  3. Biham, E.: New types of cryptanalytic attacks using related keys. In: Helleseth, T. (ed.) EUROCRYPT ’93. LNCS, vol. 765, pp. 398–409. Springer, Berlin (1993)

  4. Biham, E., Shamir, A.: Differential Fault Analysis of Secret Key Cryptosystems. In: Kaliski, B.S. (ed.) Advances in Cryptology—CRYPTO ’97. LNCS, vol. 1294, pp. 513–525. Springer, Berlin (1997)

  5. Blömer, J., Seifert, J.P.: Fault Based Cryptanalysis of the Advanced Encryption Standard (AES). In: Wright, R.N. (ed.) Financial Cryptography. Lecture Notes in Computer Science, vol. 2742, pp. 162–181. Springer, Berlin (2003)

  6. Bogdanov, A., Khovratovich, D., Rechberger, C.: Biclique Cryptanalysis of the Full AES. Cryptology ePrint Archive, Report 2011/449 (2011). http://eprint.iacr.org/

  7. Boneh, D., DeMillo, R., Lipton, R.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) Advances in Cryptology—EUROCRYPT ’97. LNCS, vol. 1233, pp. 37–51. Springer, Berlin (1997)

  8. Chen, C.N., Yen, S.M.: Differential fault analysis on AES key schedule and some countermeasures. In: Goos, G., Hartmanis, J., van Leeuwen, J. (eds.) ACISP 2003. LNCS, vol. 2727, pp. 118–129. Springer, Berlin (2003)

  9. Giraud, C.: DFA on AES. In: Dobbertin, H., Rijmen, V., Sowa, A. (eds.) AES Conference. Lecture Notes in Computer Science, vol. 3373, pp. 27–41. Springer, Berlin (2004)

  10. Dusart, P., Letourneux, G., Vivolo, O.: Differential Fault Analysis on AES. Cryptology ePrint Archive, Report 2003/010 (2003). http://eprint.iacr.org/

  11. FIPS PUB 197: Advanced encryption standard (AES). Federal Information Processing Standards Publication 197, National Institute of Standards and Technology (NIST), Gaithersburg, MD, USA (2001)

  12. Floissac, N., L’Hyver, Y.: From AES-128 to AES-192 and AES-256, How to Adapt Differential Fault Analysis Attacks. Cryptology ePrint Archive, Report 2010/396 (2010). http://eprint.iacr.org/

  13. Fukunaga, T., Takahashi, J.: Practical fault attack on a cryptographic LSI with ISO/IEC 18033-3 block ciphers. In: Breveglieri, L., Gueron, S., Koren, I., Naccache, D., Seifert, J.P. (eds.) FDTC, pp. 84–92. IEEE Computer Society (2009)

  14. Giraud, C., Thillard, A.: Piret and Quisquater’s DFA on AES Revisited. Cryptology ePrint Archive, Report 2010/440 (2010). http://eprint.iacr.org/

  15. Kim, C.: Improved differential fault analysis on AES key schedule. IEEE Trans. Inf. Forensics Secur. (99), 1 (2011). doi:10.1109/TIFS.2011.2161289

  16. Kim, C.H.: Differential fault analysis against AES-192 and AES-256 with minimal faults. In: Breveglieri, L., Joye, M., Koren, I., Naccache, D., Verbauwhede, I. (eds.) Fault Diagnosis and Tolerance in Cryptography—FDTC 2010, pp. 3–9. IEEE Computer Society (2010)

  17. Kim, C.H., Quisquater, J.J.: New differential fault analysis on AES key schedule: two faults are enough. In: Grimaud, G., Standaert, F.X. (eds.) CARDIS. LNCS, vol. 5189, pp. 48–60. Springer, Berlin (2008)

  18. Li, W., Gu, D., Wang, Y., Li, J., Liu, Z.: An extension of differential fault analysis on AES. In: Third International Conference on Network and System Security, pp. 443–446. NSS (2009)

  19. Li, Y., Gomisawa, S., Sakiyama, K., Ohta, K.: An Information Theoretic Perspective on the Differential Fault Analysis against AES. Cryptology ePrint Archive, Report 2010/032 (2010). http://eprint.iacr.org/

  20. Moradi, A., Shalmani, M.T.M., Salmasizadeh, M.: A generalized method of differential fault attack against AES cryptosystem. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 91–100. Springer, Berlin (2006)

  21. Nyberg, K.: Differentially uniform mappings for cryptography. In: EUROCRYPT, pp. 55–64 (1993)

  22. Peacham, D., Thomas, B.: A DFA attack against the AES key schedule. SiVenture White Paper 001, 26 October 2006

  23. Piret, G., Quisquater, J.J.: A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES. Lecture Notes in Computer Science, vol. 2779, pp. 77–88. Springer, Berlin (2003)

  24. Saha, D., Mukhopadhyay, D., RoyChowdhury, D.: A Diagonal Fault Attack on the Advanced Encryption Standard. Cryptology ePrint Archive, Report 2009/581 (2009). http://eprint.iacr.org/

  25. Selmane, N., Guilley, S., Danger, J.L.: Practical setup time violation attacks on AES. In: EDCC, pp. 91–96 (2008)

  26. Skorobogatov, S.P., Anderson, R.J.: Optical fault induction attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES. Lecture Notes in Computer Science, vol. 2523, pp. 2–12. Springer, Berlin (2002)

  27. Takahashi, J., Fukunaga, T.: Differential fault analysis on AES with 192 and 256-bit keys. Cryptology ePrint Archive, Report 2010/023 (2010). http://eprint.iacr.org/

  28. Takahashi, J., Fukunaga, T., Yamakoshi, K.: DFA mechanism on the AES key schedule. In: Breveglieri, L., Gueron, S., Koren, I., Naccache, D., Seifert, J.P. (eds.) FDTC, pp. 62–74. IEEE Computer Society (2007)

Download references

Acknowledgments

The work described in this paper has been supported in part by the European Commission through the ICT Programme under Contract ICT-2007-216676 ECRYPT II and the EPSRC via grant EP/I005226/1.

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Indian Institute of Technology, Kharagpur, 721302, West Bengal, India

    Sk Subidh Ali & Debdeep Mukhopadhyay

  2. Department of Computer Science, University of Bristol, Merchant Venturers Building, Woodland Road, Bristol, BS8 1UB, UK

    Michael Tunstall

Authors
  1. Sk Subidh Ali
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Debdeep Mukhopadhyay
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Michael Tunstall
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sk Subidh Ali.

Additional information

This paper is an extended work of our previous work published in the Proceedings of WISTP 2011, AfricaCrypt 2011 and FDTC 2011.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Ali, S.S., Mukhopadhyay, D. & Tunstall, M. Differential fault analysis of AES: towards reaching its limits. J Cryptogr Eng 3, 73–97 (2013). https://doi.org/10.1007/s13389-012-0046-y

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13389-012-0046-y

Keywords

Search

Navigation