Differential fault analysis (DFA) aiming at the advanced encryption standard (AES) hardware implementations has become a widely research topic. Unlike theoretical model, in real attack scenarios, popular and practical fault injection methods like supply voltage variation will introduce faults with random locations, unknown values and multibyte. For analyzing this kind of faults, the previous fault model needed six pairs of correct and faulty ciphertexts to recover the secret round-key. In this paper, on the premise of accuracy, a more efficient DFA attack with unknown and random faults is proposed. We introduce the concept of theoretical candidate number in the fault analysis. Based on this concept, the correct round-key can be identified in advance, so the proposed attack method can always use the least pairs of correct and faulty ciphertexts to accomplish the DFA attacks. To further support our opinion, random fault attacks based on voltage violation were taken on an FPGA board. Experiment results showed that about 97.3\% of the attacks can be completed within 3 pairs of correct and faulty ciphertexts. Moreover, on average only 2.17 pairs of correct and faulty ciphertexts were needed to find out the correct round-key, showing significant advantage of efficiency compared with previous fault models. On the other hand, less amount of computation in the analyses can be realized with a high probability with our model, which also effectively improves the time efficiency in DFA attacks with unknown and random faults.
Natural Science Foundation of Guangdong Province(2015A030313147)
National Basic Research Program of China(973)
R&D Project of Guangdong Government(2014B090913001)
National Natural Science Foundation of China(61306040)
Natural Science Foundation of Beijing(4152020)
"source" : null , "contract" : "2015CB057201"
This work was supported by National Natural Science Foundation of China (Grant No. 61306040), National Basic Research Program of China (973) (Grant No. 2015CB057201), Natural Science Foundation of Beijing (Grant No. 4152020), Natural Science Foundation of Guangdong Province (Grant No. 2015A030313147), and R&D Project of Guangdong Government (Grant No. 2014B090913001).
Copyright 2020 Science China Press Co., Ltd. 《中国科学》杂志社有限责任公司 版权所有