Differential Fault Analysis of AES-128 Key Schedule Using a Single Multi-byte Fault - Smart Card Research and Advanced Applications
Conference Papers Year : 2011

Differential Fault Analysis of AES-128 Key Schedule Using a Single Multi-byte Fault

Sk Subidh Ali
  • Function : Author
  • PersonId : 1014557
Debdeep Mukhopadhyay
  • Function : Author
  • PersonId : 1014556

Abstract

In this paper we propose an improved multi-byte differential fault analysis of AES-128 key schedule using a single pair of fault-free and faulty ciphertexts. We propose a four byte fault model where the fault is induced at ninth round key. The induced fault corrupts all the four bytes of the first column of the ninth round key which subsequently propagates to the entire tenth round key. The elegance of the proposed attack is that it requires only a single faulty ciphertext and reduce the search space of the key to 232 possible choices. Using two faulty ciphertexts the attack uniquely determines the key. The attack improves the existing DFA of AES-128 key schedule, which requires two faulty ciphertexts to reduce the key space of AES-128 to 232, and four faulty ciphertexts to uniquely retrieve the key. Therefore, the proposed attack is more lethal than the existing attack as it requires lesser number of faulty ciphertexts. The simulated attack takes less than 20 minutes to reveal 128-bit secret key; running on a 8 core Intel Xeon E5606 processor at 2.13 GHz speed.
Fichier principal
Vignette du fichier
978-3-642-27257-8_4_Chapter.pdf (180.94 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01596300 , version 1 (27-09-2017)

Licence

Identifiers

Cite

Sk Subidh Ali, Debdeep Mukhopadhyay. Differential Fault Analysis of AES-128 Key Schedule Using a Single Multi-byte Fault. 10th Smart Card Research and Advanced Applications (CARDIS), Sep 2011, Leuven, Belgium. pp.50-64, ⟨10.1007/978-3-642-27257-8_4⟩. ⟨hal-01596300⟩
131 View
636 Download

Altmetric

Share

More