Fault analysis of DPA-Resistant algorithms

Authors:
Frederic Amiel;Christophe Clavier;Michael Tunstall
Affiliations:
Security Labs, Gemalto, La Ciotat, France;Security Labs, Gemalto, La Ciotat, France;Smart Card Centre, Information Security Group, Royal Holloway, University of London, Egham, Surrey, UK
Venue:
FDTC'06 Proceedings of the Third international conference on Fault Diagnosis and Tolerance in Cryptography
Year:
2006

Citing 8
Cited 3

The art of computer programming, volume 2 (3rd ed.): seminumerical algorithms

The art of computer programming, volume 2 (3rd ed.): seminumerical algorithms
Handbook of Applied Cryptography

Handbook of Applied Cryptography
Towards Sound Approaches to Counteract Power-Analysis Attacks

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Differential Power Analysis

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Differential Fault Analysis of Secret Key Cryptosystems

CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Differential Power Analysis in the Presence of Hardware Countermeasures

CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
An Implementation of DES and AES, Secure against Some Attacks

CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
Experimenting with faults, lattices and the DSA

PKC'05 Proceedings of the 8th international conference on Theory and Practice in Public Key Cryptography

Secret External Encodings Do Not Prevent Transient Fault Analysis

CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
An Efficient Method for Random Delay Generation in Embedded Software

CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Fault analysis study of IDEA

CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology

Quantified Score

Hi-index	0.01

Visualization

Abstract

In this paper several attacks are presented that allow information to be derived on faults injected at the beginning of cryptographic algorithm implementations that use Boolean masking to defend against Differential Power Analysis (DPA). These attacks target the initialisation functions that are used to enable the algorithm to be protected, allowing a fault attack even in the presence of round redundancy. A description of the experiments leading to the development of these attacks is also given.