Paper 2010/063

Differential Fault Analysis on SMS4 Using a Single Fault

Ruilin Li, Bing Sun, Chao Li, and Jianxiong You

Abstract

Differential Fault Analysis (DFA) attack is a powerful cryptanalytic technique that could be used to retrieve the secret key by exploiting computational errors in the encryption (decryption) procedure. In the present paper, we propose a new DFA attack on SMS4 using a single fault. We show that if a random byte fault is induced into either the second, third, or fourth word register at the input of the -th round, the 128-bit master key could be recovered with an exhaustive search of bits on average. The proposed attack makes use of the characteristic of the cipher's structure, the speciality of the diffusion layer, and the differential property of the S-box. Furthermore, it can be tailored to any block cipher employing a similar structure and an SPN-style round function as that of SMS4.

Note: Some typos are corrected.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. An extended abstract of this paper appears in "Information Processing Letters"
Keywords
fault attacksdifferential fault analysisblock cipherSMS4
Contact author(s)
securitylrl @ gmail com
History
2010-12-10: last of 4 revisions
2010-02-08: received
See all versions
Short URL
https://ia.cr/2010/063
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2010/063,
      author = {Ruilin Li and Bing Sun and Chao Li and Jianxiong You},
      title = {Differential Fault Analysis on {SMS4} Using a Single Fault},
      howpublished = {Cryptology {ePrint} Archive, Paper 2010/063},
      year = {2010},
      url = {https://eprint.iacr.org/2010/063}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.