Differential fault analysis of the advanced encryption standard

Abstract

In October 2000, Rijndael was selected as the Advanced Encryption Standard (AES). Since then, this cryptosystem has been widely used to ensure the confidentiality of information stored in embedded devices. Therefore, over the last decade many researchers have studied this algorithm, leading to the publication of many Differential Fault Analyses (DFAs) on the AES. In this chapter, we present the state of the art of DFA of the AES. After describing the AES, we present in detail three of the most efficient DFAs on this cryptosystem. These attacks have different characteristics, allowing an attacker to recover the secret key from one faulty ciphertext or if faults have been induced in the middle rounds of the AES. We then present a table summarizing the characteristics of each and every DFA on the AES published so far. Finally, we present the main countermeasures proposed to counter fault injection attacks on the AES.