CryptoDB
Differential Fault Analysis on SMS4 Using a Single Fault
| Authors: | |
|---|---|
| Download: | |
| Abstract: | Differential Fault Analysis (DFA) attack is a powerful cryptanalytic technique that could be used to retrieve the secret key by exploiting computational errors in the encryption (decryption) procedure. In the present paper, we propose a new DFA attack on SMS4 using a single fault. We show that if a random byte fault is induced into either the second, third, or forth word register at the input of the $28$-th round, the $128$-bit master key could be recovered with an exhaustive search of $22.11$ bits on average. The proposed attack makes use of the characteristic of the cipher's structure, the speciality of the diffusion layer, and the differential property of the S-box. Furthermore, it can be tailored to any block cipher employing a similar structure and an SPN-style round function as that of SMS4. |
BibTeX
@misc{eprint-2010-22964,
title={Differential Fault Analysis on SMS4 Using a Single Fault},
booktitle={IACR Eprint archive},
keywords={secret-key cryptography / fault attacks, differential fault analysis, block cipher, SMS4},
url={http://eprint.iacr.org/2010/063},
note={ securitylrl@gmail.com 14763 received 6 Feb 2010, last revised 2 Jun 2010},
author={Ruilin Li and Bing Sun and Chao Li and Jianxiong You},
year=2010
}