Differential Fault Analysis against AES-192 and AES-256 with Minimal Faults

2010 Workshop on Fault Diagnosis and Tolerance in Cryptography Pub Date : 2010-08-21 DOI:10.1109/FDTC.2010.10
Chong Hee Kim
{"title":"Differential Fault Analysis against AES-192 and AES-256 with Minimal Faults","authors":"Chong Hee Kim","doi":"10.1109/FDTC.2010.10","DOIUrl":null,"url":null,"abstract":"The naive implementation of AES is known to be vulnerable to Differential Fault Analysis (DFA). We can findthe key of AES-128 (AES with 128-bit key) with one pair of correct and faulty cipher texts. Recently several works on the extension of the attack to AES with 192 and 256-bit key have been published. Due to the longer key size and the characteristic of AES key schedule, we need subtle caution in attacking AES-192and AES-256. We propose new DFA against AES with 192 and256-bit key. We could retrieve AES-192 key with two pairs of correct and faulty cipher texts. With three pairs we could succeed in finding the key of AES-256. These are the minimal faults among the existing methods.","PeriodicalId":127275,"journal":{"name":"2010 Workshop on Fault Diagnosis and Tolerance in Cryptography","volume":"11 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-08-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"60","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 Workshop on Fault Diagnosis and Tolerance in Cryptography","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/FDTC.2010.10","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 60

Abstract

The naive implementation of AES is known to be vulnerable to Differential Fault Analysis (DFA). We can findthe key of AES-128 (AES with 128-bit key) with one pair of correct and faulty cipher texts. Recently several works on the extension of the attack to AES with 192 and 256-bit key have been published. Due to the longer key size and the characteristic of AES key schedule, we need subtle caution in attacking AES-192and AES-256. We propose new DFA against AES with 192 and256-bit key. We could retrieve AES-192 key with two pairs of correct and faulty cipher texts. With three pairs we could succeed in finding the key of AES-256. These are the minimal faults among the existing methods.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
基于最小故障的AES-192和AES-256差分故障分析
AES的初始实现容易受到差分故障分析(DFA)的攻击。我们可以用一对正确和错误的密文找到AES-128(带128位密钥的AES)的密钥。最近发表了一些关于将攻击扩展到具有192和256位密钥的AES的工作。由于AES密钥长度较长和AES密钥调度的特点,我们在攻击AES-192和AES-256时需要谨慎。我们提出了一种新的针对192位和256位密钥的AES的DFA。我们可以用两对正确和错误的密文检索AES-192密钥。通过三对,我们可以成功地找到AES-256的密钥。这些都是现有方法中最小的缺陷。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
2010 Workshop on Fault Diagnosis and Tolerance in Cryptography
2010 Workshop on Fault Diagnosis and Tolerance in Cryptography
自引率
0.00%
发文量
0
期刊最新文献
A Continuous Fault Countermeasure for AES Providing a Constant Error Detection Rate Fault Attacks and Countermeasures on Vigilant's RSA-CRT Algorithm Multi Fault Laser Attacks on Protected CRT-RSA Generic Analysis of Small Cryptographic Leaks Low Cost Built in Self Test for Public Key Crypto Cores
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1