Yet another fault-based leakage in non-uniform faulty ciphertexts

Yang Li, Yu-Ichi Hayashi, Arisa Matsubara, Naofumi Homma, Takafumi Aoki, Kazuo Ohta, Kazuo Sakiyama

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Citations (Scopus)


This paper discusses the information leakage that comes from the non-uniform distribution of the faulty calculation results for hardware AES implementations under setup-time violations. For the setup-time violation, it is more difficult to predict the faulty value than the introduced difference itself. Therefore, the faulty calculation results have been always paired with the fault-free calculations as the information leakage. However, the faulty calculation results under statistical analyses can directly leak the secret. This leakage is mainly caused by the circuit structure rather than the transition differences for variant input data. Generally, this work explains the mechanism of the non-uniform distribution of faulty calculation results. For the widely used composite field based AES S-box, we explain and demonstrate that the probability of the emergence of a particular faulty value is much higher than other values. We use the key recovery method proposed by Fuhr et al., and show the successful key recovery using only the faulty calculation results. In addition, against the attack target that encrypts random plaintexts, we extend the attack in case the faults are injected remotely using electromagnetic interference without any injection timing trigger.

Original languageEnglish
Title of host publicationFoundations and Practice of Security - 6th International Symposium, FPS 2013, Revised Selected Papers
PublisherSpringer Verlag
Number of pages16
ISBN (Print)9783319053011
Publication statusPublished - 2014
Event6th International Symposium on Foundations and Practice of Security, FPS 2013 - La Rochelle, France
Duration: 2013 Oct 212013 Oct 22

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8352 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Other6th International Symposium on Foundations and Practice of Security, FPS 2013
CityLa Rochelle


  • Fault analysis
  • Non-uniform mapping
  • Setup-time violation

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)


Dive into the research topics of 'Yet another fault-based leakage in non-uniform faulty ciphertexts'. Together they form a unique fingerprint.

Cite this