Practical DFA strategy for AES under limited-access conditions

Kazuo Sakiyama; Yang Li; Shigeto Gomisawa; Yu Ichi Hayashi; Mitsugu Iwamoto; Naofumi Homma; Takafumi Aoki; Kazuo Ohta

doi:10.2197/ipsjjip.22.142

Practical DFA strategy for AES under limited-access conditions

Kazuo Sakiyama, Yang Li, Shigeto Gomisawa, Yu Ichi Hayashi, Mitsugu Iwamoto, Naofumi Homma, Takafumi Aoki, Kazuo Ohta

Research output: Contribution to journal › Article › peer-review

1 Citation (Scopus)

Abstract

Secret data in embedded devices can be revealed by injecting computational faults using the fault analysis attacks. The fault analysis researches on a cryptographic implementation by far first assumed a certain fault model, and then discussed the key recovery method under some assumptions. We note that a new remote-fault injection method has emerged, which is threatening in practice. Due to its limited accessibility to cryptographic devices, the remotefault injection, however, can only inject uncertain faults. In this surroundings, this paper gives a general strategy of the remote-fault attack on the AES block cipher with a data set of faulty ciphertexts generated by uncertain faults. Our method effectively utilizes all the information from various kinds of faults, which is more realistic than previous researches. As a result, we show that it can provide a decent success probability of key identification even when only a few intended faults are available among 32 millions fault injections.

Original language	English
Pages (from-to)	142-151
Number of pages	10
Journal	Journal of information processing
Volume	22
Issue number	2
DOIs	https://doi.org/10.2197/ipsjjip.22.142
Publication status	Published - 2014

Keywords

Advance encryption standard
Cryptography
Differential fault analysis
Intentional electromagnetic interference
Uncertain faults

ASJC Scopus subject areas

Computer Science(all)

Access to Document

10.2197/ipsjjip.22.142

Fingerprint Dive into the research topics of 'Practical DFA strategy for AES under limited-access conditions'. Together they form a unique fingerprint.

Cite this

@article{eb7ee971239a4b568009f40b6a40a02a,

title = "Practical DFA strategy for AES under limited-access conditions",

abstract = "Secret data in embedded devices can be revealed by injecting computational faults using the fault analysis attacks. The fault analysis researches on a cryptographic implementation by far first assumed a certain fault model, and then discussed the key recovery method under some assumptions. We note that a new remote-fault injection method has emerged, which is threatening in practice. Due to its limited accessibility to cryptographic devices, the remotefault injection, however, can only inject uncertain faults. In this surroundings, this paper gives a general strategy of the remote-fault attack on the AES block cipher with a data set of faulty ciphertexts generated by uncertain faults. Our method effectively utilizes all the information from various kinds of faults, which is more realistic than previous researches. As a result, we show that it can provide a decent success probability of key identification even when only a few intended faults are available among 32 millions fault injections.",

keywords = "Advance encryption standard, Cryptography, Differential fault analysis, Intentional electromagnetic interference, Uncertain faults",

author = "Kazuo Sakiyama and Yang Li and Shigeto Gomisawa and Hayashi, {Yu Ichi} and Mitsugu Iwamoto and Naofumi Homma and Takafumi Aoki and Kazuo Ohta",

year = "2014",

doi = "10.2197/ipsjjip.22.142",

language = "English",

volume = "22",

pages = "142--151",

journal = "Journal of Information Processing",

issn = "0387-5806",

publisher = "Information Processing Society of Japan",

number = "2",

}

TY - JOUR

T1 - Practical DFA strategy for AES under limited-access conditions

AU - Sakiyama, Kazuo

AU - Li, Yang

AU - Gomisawa, Shigeto

AU - Hayashi, Yu Ichi

AU - Iwamoto, Mitsugu

AU - Homma, Naofumi

AU - Aoki, Takafumi

AU - Ohta, Kazuo

PY - 2014

Y1 - 2014

N2 - Secret data in embedded devices can be revealed by injecting computational faults using the fault analysis attacks. The fault analysis researches on a cryptographic implementation by far first assumed a certain fault model, and then discussed the key recovery method under some assumptions. We note that a new remote-fault injection method has emerged, which is threatening in practice. Due to its limited accessibility to cryptographic devices, the remotefault injection, however, can only inject uncertain faults. In this surroundings, this paper gives a general strategy of the remote-fault attack on the AES block cipher with a data set of faulty ciphertexts generated by uncertain faults. Our method effectively utilizes all the information from various kinds of faults, which is more realistic than previous researches. As a result, we show that it can provide a decent success probability of key identification even when only a few intended faults are available among 32 millions fault injections.

AB - Secret data in embedded devices can be revealed by injecting computational faults using the fault analysis attacks. The fault analysis researches on a cryptographic implementation by far first assumed a certain fault model, and then discussed the key recovery method under some assumptions. We note that a new remote-fault injection method has emerged, which is threatening in practice. Due to its limited accessibility to cryptographic devices, the remotefault injection, however, can only inject uncertain faults. In this surroundings, this paper gives a general strategy of the remote-fault attack on the AES block cipher with a data set of faulty ciphertexts generated by uncertain faults. Our method effectively utilizes all the information from various kinds of faults, which is more realistic than previous researches. As a result, we show that it can provide a decent success probability of key identification even when only a few intended faults are available among 32 millions fault injections.

KW - Advance encryption standard

KW - Cryptography

KW - Differential fault analysis

KW - Intentional electromagnetic interference

KW - Uncertain faults

UR - http://www.scopus.com/inward/record.url?scp=84898667181&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84898667181&partnerID=8YFLogxK

U2 - 10.2197/ipsjjip.22.142

DO - 10.2197/ipsjjip.22.142

M3 - Article

AN - SCOPUS:84898667181

VL - 22

SP - 142

EP - 151

JO - Journal of Information Processing

JF - Journal of Information Processing

SN - 0387-5806

IS - 2

ER -