Attack on a DFA Protected AES by Simultaneous Laser Fault Injections

Bodo Selmke, Johann Heyszl, Georg Sigl

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

50 Scopus citations

Abstract

This paper demonstrates a Fault Attack on anAES core protected by an infection type countermeasure. The redundant AES is implemented on a Xilinx Spartan-6FPGA, with a feature size of 45 nm. By injecting exactlythe same fault in both state registers of the redundantimplementation using lasers, we are able to annul theprotection added by the countermeasure and thus performa successful Differential Fault Analysis. This requires ahigh precision double laser setup in order to hit twodifferent locations on the chip at the same point intime. With a priori knowledge about the location of bothstate registers, we were able to generate applicable faultyciphertexts within minutes. Our results show that forapplications demanding a high level of security, relyingon a duplication of hardware is not sufficient.

Original languageEnglish
Title of host publicationProceedings - 2016 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC 2016
EditorsPhilippe Maurine, Michael Tunstall
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages36-46
Number of pages11
ISBN (Electronic)9781509011087
DOIs
StatePublished - 5 Dec 2016
Event13th Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC 2016 - Santa Barbara, United States
Duration: 16 Aug 2016 → …

Publication series

NameProceedings - 2016 Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC 2016

Conference

Conference13th Workshop on Fault Diagnosis and Tolerance in Cryptography, FDTC 2016
Country/TerritoryUnited States
CitySanta Barbara
Period16/08/16 → …

Keywords

  • AES
  • DFA
  • FPGA
  • Infection Countermeasure
  • Laser Fault Injection
  • Multi Fault

Fingerprint

Dive into the research topics of 'Attack on a DFA Protected AES by Simultaneous Laser Fault Injections'. Together they form a unique fingerprint.

Cite this