Cryptography Reference
In-Depth Information
Though applications of DFA to DES [49] and AES [127, 160] as described in
Sects.
3.3
and
4.2
have proven to be quite effective, other techniques have also been
invented which can threaten block ciphers in different ways. This chapter presents
some of these fault analysis methods, which depart from DFA by the fault model they
rely on, by their ability to defeat classical countermeasures against DFA or DPA, or
by their applicability to specific implementations.
An important class of such attack methods is referred to as Collision Fault Analysis
(CFA) and has a close variant referred to as Ineffective Fault Analysis (IFA). The
first section of this chapter is devoted to the presentation of these two techniques
and their successive usages ranging from a first trivial CFA/IFA on unprotected
implementations of AES-like algorithms to more elaborate attacks which can either
attack implementations protected against both DFA and High-Order DPA, or even
reveal the key of a so-called externally encoded DES whose precise specification
is unknown to an attacker. Other fault attacks on block ciphers are presented in the
second section, including some that explicitly aim to reduce the number of rounds,
and others which exploit a perturbation of the initial randomization of substitution
tables in DPA-resistant implementations.
2.2 Attacks on Block Ciphers by Exploitation of Identical
Outputs
2.2.1 Three Resemblant but Different Fault Analysis Methods
2.2.1.1 Collision Fault Analysis
While DFA exploits a differential between a genuine and a faulty ciphertext where the
fault occurred in one of the last few rounds of an encryption function
E
,CFAgains
information from a collision event where the two ciphertexts
C
and
C
respectively
obtained from a normal and a faulty encryption are equal. An attacker typically first
obtains the faulty encryption
C
=
E
(
of an arbitrary plaintext
M
0
, and then
searches for some particular
M
which gives the same ciphertext
E
M
0
)
C
without any fault. Intuitively, it may appear difficult to produce a collision between
two outputs of a cryptographic function designed to closely behave as a random
function. This difficulty is circumvented by producing the fault very early in the
encryption process in order to avoid the avalanche effect between the encryptions of
M
and
M
0
, and by relying on a specific fault model.
One usually adopts a fault model where the fault has a predictable effect on a
small portion—a bit or a word—of the intermediate result. Such a classical fault
model assumes that a fault occurring during a logical or an arithmetic operation,
e.g. an XOR between two bytes, produces a result equal to some constant value
(
M
)
=
C
=
