Cryptography Reference
In-Depth Information
Table 2.2
Number of key
hypotheses generated by
attacking compressed
S-Boxes initialized in random
order
Plaintexts
Hypotheses per
Hypotheses for
Whole
S-box pair
the first round key
key space
2
46
.
4
2
54
.
4
1
55.5
2
44
.
7
2
52
.
7
2
48.2
2
43
.
2
2
51
.
2
3
42.1
2
40
.
2
2
48
.
2
5
32.5
2
33
.
7
2
41
.
7
10
18.5
2
29
.
1
2
37
.
1
15
12.4
2
26
.
4
2
34
.
4
20
9.71
2.3.2.2 Modifying Unknown S-box Values
If the attacker does not know which S-box index he has modified (for instance, if
Algorithm 2.3 is actually used), then the previous attack does not work. In that case it
is possible to derive an attack based on the exploitation of the event that the modified
S-box value has been used only in the fifteenth round. This kind of event is easily
identifiable from the normal and faulty ciphertexts by analyzing the differential at the
end of the round.
17
Each time this event occurs it can be exploited by simply using
the classical DFA method [49]. The probability of such event is 0
.
0123 when the
S-Boxes are not compressed, and 0
0192 when they are. The number of faults needed
for this attack is thus significantly larger than for a DFA where the fault directly targets
the fifteenth round, but the advantage of the present attack is that it is not prevented
by the computation verification countermeasure unless the S-box randomization is
performed again between the two DES computations.
.
17
It may happen that a corrupted S-box value used only in the fourteenth round is misinterpreted as
being used only in the fifteenth round. We refer to [92] for a detailed analysis of these false positives
which, as mentioned in [163], do not have much impact on the success of the attack.
