摘要
Differential Fault Attack (DFA) is a powerful cryptanalytic technique to retrieve secret keys by exploiting the faulty ciphertexts generated during encryption procedure. This article proposes a novel DFA attack that is effective on ITUbee, a software-oriented block cipher for resource-constrained devices. Different from other DFA, our attack makes use of not only faulty values, but also differences between fault-free intermediate values corresponding to 2 plaintexts, which combine traditional differential analysis with DFA. The possible injection positions with different number of faults are discussed. The most efficient attack takes 225 round function operations with 4 faults, which is achieved in a few seconds on a PC.
| 源语言 | 英语 |
|---|---|
| 文章编号 | 54 |
| 期刊 | Transactions on Embedded Computing Systems |
| 卷 | 16 |
| 期 | 2 |
| DOI | |
| 出版状态 | 已出版 - 12月 2016 |