Differential Fault Attacks against AES Tampering with the Instruction Flow

Silvia Mella, Filippo Melzani, Andrea Visconti

Abstract

Most of the attacks against the Advanced Encryption Standard based on faults mainly aim at either altering the temporary value of the message or key during the computation. Few other attacks tamper the instruction flow in order to reduce the number of round iterations to one or two. In this work, we extend this idea and present fault attacks against the AES algorithm that exploit the misbehavior of the instruction flow during the last round. In particular, we consider faults that cause the algorithm to skip, repeat or corrupt one of the four AES round functions. In principle, these attacks are applicable against both software and hardware implementations, by targeting the execution of instructions or the control logic. As conclusion countermeasures against fault attacks must also cover the instruction flow and not only the processed data.

References

  1. Balasch, J., Gierlichs, B., and Verbauwhede, I. (2011). An in-depth and black-box characterization of the effects of clock glitches on 8-bit mcus. In (Breveglieri et al., 2011), pages 105-114.
  2. Bar-El, H., Choukri, H., Naccache, D., Tunstall, M., and Whelan, C. (2004). The sorcerer's apprentice guide to fault attacks. IACR Cryptology ePrint Archive, 2004:100.
  3. Biham, E. and Shamir, A. (1997). Differential fault analysis of secret key cryptosystems. In Jr., B. S. K., editor, CRYPTO, volume 1294 of Lecture Notes in Computer Science, pages 513-525. Springer.
  4. Boneh, D., DeMillo, R. A., and Lipton, R. J. (1997). On the importance of checking cryptographic protocols for faults (extended abstract). In Fumy, W., editor, EUROCRYPT, volume 1233 of Lecture Notes in Computer Science, pages 37-51. Springer.
  5. Bousselam, K., Natale, G. D., Flottes, M.-L., and Rouzeyre, B. (2012). On countermeasures against fault attacks on the advanced encryption standard. In (Joye and Tunstall, 2012), pages 89-108.
  6. Breveglieri, L., Guilley, S., Koren, I., Naccache, D., and Takahashi, J., editors (2011). 2011 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC 2011, Tokyo, Japan, September 29, 2011. IEEE.
  7. Chen, C.-N. and Yen, S.-M. (2003). Differential fault analysis on aes key schedule and some coutnermeasures. In Safavi-Naini, R. and Seberry, J., editors, ACISP, volume 2727 of Lecture Notes in Computer Science, pages 118-129. Springer.
  8. Choukri, H. and Tunstall, M. (2005). Round reduction using faults. http://www.geocities.ws/mike.tunstall/papers/CT05.
  9. Giraud, C. (2003). Dfa on aes. IACR Cryptology ePrint Archive, 2003:8.
  10. Joye, M. and Tunstall, M., editors (2012). Fault Analysis in Cryptography. Information Security and Cryptography. Springer.
  11. Kim, C. H. and Quisquater, J.-J. (2008). New differential fault analysis on aes key schedule: Two faults are enough. In Grimaud, G. and Standaert, F.-X., editors, CARDIS, volume 5189 of Lecture Notes in Computer Science, pages 48-60. Springer.
  12. Kömmerling, O. and Kuhn, M. G. (1999). Design principles for tamper-resistant smartcard processors. https://www.cl.cam.ac.uk/ mgk25/sc99-tamper.pdf.
  13. Moradi, A., Shalmani, M. T. M., and Salmasizadeh, M. (2006). A generalized method of differential fault attack against aes cryptosystem. In Goubin, L. and Matsui, M., editors, CHES, volume 4249 of Lecture Notes in Computer Science, pages 91-100. Springer.
  14. Mukhopadhyay, D. (2009). An improved fault based attack of the advanced encryption standard. In Preneel, B., editor, AFRICACRYPT, volume 5580 of Lecture Notes in Computer Science, pages 421-434. Springer.
  15. National Institute for Science and Technology (NIST) (2001). Advanced Encryption Standard (FIPS PUB 197). http://www.csrc.nist.gov/publications/fips/fips197/fips197.pdf.
  16. Park, J., Moon, S., Choi, D., Kang, Y., and Ha, J. (2011). Differential fault analysis for round-reduced aes by fault injection. In ETRI Journal, volume 33, pages 434-442.
  17. Piret, G. and Quisquater, J.-J. (2003). A differential fault attack technique against spn structures, with application to the aes and khazad. In Walter, C. D., C¸etin Kaya Koc¸, and Paar, C., editors, CHES, volume 2779 of Lecture Notes in Computer Science, pages 77-88. Springer.
  18. Quisquater, J.-J. and Samyde, D. (2002). Eddy current for Magnetic Analysis with Active Sensor. In Esmart 2002, Nice, France.
  19. Schmidt, J.-M. and Herbst, C. (2008). A practical fault attack on square and multiply. In Breveglieri, L., Gueron, S., Koren, I., Naccache, D., and Seifert, J.-P., editors, FDTC, pages 53-58. IEEE Computer Society.
  20. Schmidt, J.-M. and Medwed, M. (2012). Countermeasures for symmetric key ciphers. In (Joye and Tunstall, 2012), pages 73-87.
  21. Skorobogatov, S. P. and Anderson, R. J. (2002). Optical fault induction attacks. In Jr., B. S. K., C¸etin Kaya Koc¸, and Paar, C., editors, CHES, volume 2523 of Lecture Notes in Computer Science, pages 2-12. Springer.
  22. Tunstall, M. and Mukhopadhyay, D. (2009). Differential fault analysis of the advanced encryption standard using a single fault. IACR Cryptology ePrint Archive, 2009:575.
  23. van Woudenberg, J. G. J., Witteman, M. F., and Menarini, F. (2011). Practical optical fault injection on secure microcontrollers. In (Breveglieri et al., 2011), pages 91-99.
Download


Paper Citation


in Harvard Style

Mella S., Melzani F. and Visconti A. (2014). Differential Fault Attacks against AES Tampering with the Instruction Flow . In Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014) ISBN 978-989-758-045-1, pages 439-444. DOI: 10.5220/0005112104390444


in Bibtex Style

@conference{secrypt14,
author={Silvia Mella and Filippo Melzani and Andrea Visconti},
title={Differential Fault Attacks against AES Tampering with the Instruction Flow},
booktitle={Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)},
year={2014},
pages={439-444},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005112104390444},
isbn={978-989-758-045-1},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)
TI - Differential Fault Attacks against AES Tampering with the Instruction Flow
SN - 978-989-758-045-1
AU - Mella S.
AU - Melzani F.
AU - Visconti A.
PY - 2014
SP - 439
EP - 444
DO - 10.5220/0005112104390444