Differential Fault Analysis

From Wikipedia, the free encyclopedia

The DFA works in the following way (with a smartcard as attacked example): While the smartcard ist performing the cryptographic operation, physical stress is induced. Types of physical stress (which can also be combined) are:

  • high temperature
  • unspecified supply voltages
  • high clock frequency or strokes
  • strong electronic fields
  • ionizing radiation energy

With this physical stress applied to the smart card, single bits can flip during calculation. The attacker can repeat this several times to gain additional information, and with some mathematics it is possible to break DES, Triple-DES, Idea, RC5, Feal, and so on. [1][2] For DES and Triple-DES about 200 single-flipped bits are necessary to obtain the key. [3]


[edit] References

  1. ^ Eli Biham, Adi Shamir: The next Stage of Differential Fault Analysis: How to break completely unknown cryptosystems (1996)
  2. ^ Dan Boneh and Richard A. DeMillo and Richard J. Lipton: On the Importance of Checking Computations, Eurocrypt (1996)
  3. ^ Ramesh Karri, et al.: Fault-Based Side-Channel Cryptanalysis Tolerant Rijndael Symmetric Block Cipher Architecture (2002)