Differential Fault Analysis against AES-192 and AES-256 with Minimal Faults

The naive implementation of AES is known to be vulnerable to Differential Fault Analysis (DFA). We can find the key of AES-128 (AES with 128-bit key) with one pair of correct and faulty cipher texts. Recently several works on the extension of the attack to AES with 192 and 256-bit key have been publ...

Full description

Saved in:
Bibliographic Details
Main Author: Chong Hee Kim
Format: Conference Proceeding
Language:English
Subjects:
AES
Cryptography
DFA
Differential equations
Differential Fault Analysis
Doped fiber amplifiers
Fault attack
Mathematical model
Polynomials
Schedules
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The naive implementation of AES is known to be vulnerable to Differential Fault Analysis (DFA). We can find the key of AES-128 (AES with 128-bit key) with one pair of correct and faulty cipher texts. Recently several works on the extension of the attack to AES with 192 and 256-bit key have been published. Due to the longer key size and the characteristic of AES key schedule, we need subtle caution in attacking AES-192 and AES-256. We propose new DFA against AES with 192 and 256-bit key. We could retrieve AES-192 key with two pairs of correct and faulty cipher texts. With three pairs we could succeed in finding the key of AES-256. These are the minimal faults among the existing methods.
DOI:10.1109/FDTC.2010.10