DFA Mechanism on the AES Key Schedule

This paper describes a DFA (differential fault analysis) mechanism on the AES key scheduling process and shows how an entire 128-bit AES key can be retrieved. We make a detailed analysis of the DFA mechanism on the AES key schedule and propose general attack rules. As a result of reconsidering the b...

Full description

Saved in:
Bibliographic Details
Published inWorkshop on Fault Diagnosis and Tolerance in Cryptography : FDTC 2007 : proceedings : 10 September, 2007, Vienna, Austria pp. 62 - 74
Main Authors Takahashi, J., Fukunaga, T., Yamakoshi, K.
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.09.2007
Subjects
Algorithm design and analysis
Cryptography
Doped fiber amplifiers
Equations
Fault diagnosis
Information analysis
Laboratories
Processor scheduling
Telegraphy
Telephony
Online AccessGet full text
ISBN0769529828
9780769529820
DOI10.1109/FDTC.2007.13

Cover

More Information
Summary:This paper describes a DFA (differential fault analysis) mechanism on the AES key scheduling process and shows how an entire 128-bit AES key can be retrieved. We make a detailed analysis of the DFA mechanism on the AES key schedule and propose general attack rules. As a result of reconsidering the best attack approach on the basis of analysis, we present a more efficient attack than the previous one. We show that we can retrieve an entire 128-bit AES key using 2-pairs of correct and faulty ciphertexts with a 48-bit brute-force search, 4-pairs of them with a 16-bit brute-force search and 7-pairs of them without brute-force search. These steps are enough to calculate the key with feasible computation resources.
ISBN:0769529828
9780769529820
DOI:10.1109/FDTC.2007.13