A Fault-Resistant AES Implementation
Using Differential Characteristic of Input and Output
JeongSoo Park1, KiSeok Bae2, YongJe Choi3, DooHo Choi3, and JaeCheol Ha1*
1Hoseo University
Asan, ChungNam, Korea
sizeplay@nate.com, jcha@hoseo.edu
2Kyungpook National
University
Daegu, Korea
gith@ee.knu.ac.kr
3ETRI
Daejeon, Korea
{choiyj, dhchoi}@etri.re.kr
Abstract
The goal of a fault injection attack is to extract a
secret key which is embedded in a cryptographic
device by
injecting a fault during execution of the algorithm. In particular, an attacker
can extract
the master key of the
advanced encryption standard (AES) using only a one-byte fault injection. We
propose a new
countermeasure method resistant to fault injection attacks by checking the
differential
byte of the input and
output in the encryption process and key expansion process, respectively. Based
on the result of
computer simulations and practical experiments, we suggest that our proposed
AES
implementation against fault attack has a superior error detection ability and improved
efficiency
compared with
previous existing methods.
Keywords: fault
attack, countermeasure, AES, differential characteristic
*Corresponding author: Dept. of Information Security, Hoseo University, 165 Sechul-Ri, Baebang-Eup,
Asan-Si, Chungnam, 336-795
Korea, Tel: +82-41-540-5991
Journal of Internet Services and Information
Security (JISIS), 2(3/4): 93-109, November 2012 [pdf]