International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Paper: DFA on AES

Authors:
Christophe Giraud
Download:
URL: http://eprint.iacr.org/2003/008
Search ePrint
Search Google
Abstract: In this paper we describe two different DFA attacks on the AES. The first one uses a fault model that induces a fault on only one bit of an intermediate result, hence allowing us to obtain the key by using 50 faulty ciphertexts for an AES-128. The second attack uses a more realistic fault model: we assume that we may induce a fault on a whole byte. For an AES-128, this second attack provides the key by using less than 250 faulty ciphertexts. Moreover, this attack has been successfully put into practice on a smart card.
BibTeX
@misc{eprint-2003-11726,
  title={DFA on AES},
  booktitle={IACR Eprint archive},
  keywords={AES, DFA, side-channel attacks, smartcards.},
  url={http://eprint.iacr.org/2003/008},
  note={The first version of this paper was submitted in April 2002 to CHES'02. c.giraud@oberthurcs.com 12186 received 20 Jan 2003, last revised 14 May 2003},
  author={Christophe Giraud},
  year=2003
}