<p>Persistent fault analysis is effective when a single element of the S-box is altered. However, most fault injection techniques tend to induce multiple faults. In such multiple-fault scenarios, existing key recovery methods either fail to identify the unique key or require high computational complexity. To address this, we propose the count-ranking method to accelerate Persistent-Fault Based Differential Analysis (PFDA). The method counts subkey byte frequencies and selects the most frequent value per byte. Additionally, this approach allows us to further explore faults occurring during deeper rounds of encryption, as it independently determines the unique value of each subkey byte. Consequently, we successfully recover the unique key for both serial and parallel implementations of AES with a complexity of <InlineEquation ID="IEq1"> <EquationSource Format="TEX">\(O(N_f^2 \times N_c)\)</EquationSource> <EquationSource Format="MATHML"><math> <mrow> <mi>O</mi> <mo stretchy="false">(</mo> <msubsup> <mi>N</mi> <mi>f</mi> <mn>2</mn> </msubsup> <mo>×</mo> <msub> <mi>N</mi> <mi>c</mi> </msub> <mo stretchy="false">)</mo> </mrow> </math></EquationSource> </InlineEquation> table lookups. Finally, the count-ranking method facilitates the recovery of several subkeys in Feistel ciphers without dramatically increasing the number of key candidates. We apply the revised PFDA to both DES and Camellia, efficiently achieving full-key recovery. These results demonstrate the practical applicability of the extended PFDA across both serial and parallel cipher architectures.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Extended persistent-fault based differential analysis in the multiple-fault scenario

  • Yingyan Chen,
  • Shihui Zheng,
  • Jiayu Zhang

摘要

Persistent fault analysis is effective when a single element of the S-box is altered. However, most fault injection techniques tend to induce multiple faults. In such multiple-fault scenarios, existing key recovery methods either fail to identify the unique key or require high computational complexity. To address this, we propose the count-ranking method to accelerate Persistent-Fault Based Differential Analysis (PFDA). The method counts subkey byte frequencies and selects the most frequent value per byte. Additionally, this approach allows us to further explore faults occurring during deeper rounds of encryption, as it independently determines the unique value of each subkey byte. Consequently, we successfully recover the unique key for both serial and parallel implementations of AES with a complexity of \(O(N_f^2 \times N_c)\) O ( N f 2 × N c ) table lookups. Finally, the count-ranking method facilitates the recovery of several subkeys in Feistel ciphers without dramatically increasing the number of key candidates. We apply the revised PFDA to both DES and Camellia, efficiently achieving full-key recovery. These results demonstrate the practical applicability of the extended PFDA across both serial and parallel cipher architectures.