This letter proposes a differential fault analysis on the AES key schedule and shows how an entire 128-bit AES key can be retrieved. In the workshop at FDTC 2007, we presented the DFA mechanism on the AES key schedule and proposed general attack rules. Using our proposed rules, we showed an efficient attack that can retrieve 80 bits of the 128-bit key. Recently, we have found a new attack that ...

We complete the study of [16] and [20] about the Miller algorithm. The Miller algorithm is a central step to compute the Weil, Tate and Ate pairings. The aim of this article is to analyse the weakness of the Miller algorithm when it undergoes a fault attack. We prove that the Miller algorithm is vulnerable to a fault attack which is valid in all coordinate systems, through the resolution of a n...

This paper describes a differential fault analysis (DFA) on AES with 192 and 256-bit keys. We show a new attack in which both 192 and 256-bit keys are retrieved within a feasible computational time. In order to verify the proposed attack and estimate the calculation time, we implement the proposed attack using C code on a PC. As a result, we successfully recover the original 192-bit key using 3...

This research presents the survey, analysis, comparisons and implementation of the most threatening new kind of cryptographic attacks known as fault attacks or implementation attacks against Advanced Encryption Standard (AES) algorithm. AES algorithm is used in various applications and is considered the most secure against conventional cryptanalytic attacks which exploits the algebraic or mathe...

Recently, the side channel keeps the attention of researchers in theory of pairing, since, several studies have been done in this subject and all they have the aim in order to attack the cryptosystems of Identification Based Encryption (IBE) which are integrated into Smart Cards (more than 80% of those cryptosystems are based on a pairing). The great success and the remarkable development of th...

This paper proposes a new fault-based attack called the Fault Sensitivity Analysis (FSA) attack, which unlike most existing fault-based analyses including Differential Fault Analysis (DFA) does not use values of faulty ciphertexts. Fault sensitivity means the critical condition when a faulty output begins to exhibit some detectable characteristics, e.g., the clock frequency when fault operation...

We present the first fault attack on cryptosystems based on supersingular isogenies. During the computation of the auxiliary points, the attack aims to change the base point to a random point on the curve via a fault injection. We will show that this would reveal the secret isogeny with one successful perturbation with high probability. We will exhibit the attack by placing it against signature...

Attacks on cryptosystem implementations (e.g. security fault injection, timing analysis and differential power analysis) are amongst the most exciting developments in cryptanalysis of the past decade. Altering the internal state of a cryptosystem or profiling the system’s computational dynamics can be used to gain a huge amount of information. This paper shows how fault injection and timing ana...

This paper presents a complete scheme for protection of transmission lines, including fault detection, fault classification as well as fault location. The fault location module utilizes the modeling of transmission lines through their differential equations. The differential equation for the line is solved having its resistence and inductance as parameters. In this approach there is no need for...