Novel fault attack method aiming at Advanced Encryption Standard (AES-128) algorithm

A technology of fault attack and algorithm, applied in encryption device with shift register/memory, key distribution, can solve problems such as strictness, attack, etc.

Inactive Publication Date: 2012-04-04
HANGZHOU MAEN TECH
View PDF3 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] The traditional differential fault attack scheme for the AES-128 algorithm is mainly divided into two types according to the location of the fault induction: the first one is to introduce the fault into the encryption process of the AES-128 algorithm, and to specify the storage unit in the encryption process. Introduce random faults, use the differential characteristics of non-linear changes to recover the initial key of the algorithm. At present, the research on this scheme is relatively m

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Novel fault attack method aiming at Advanced Encryption Standard (AES-128) algorithm
  • Novel fault attack method aiming at Advanced Encryption Standard (AES-128) algorithm
  • Novel fault attack method aiming at Advanced Encryption Standard (AES-128) algorithm

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0066] The present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments.

[0067] A kind of novel fault attack method aimed at AES-128 algorithm that the present embodiment proposes, it mainly comprises the following steps:

[0068] 1) The attacker randomly selects a plaintext, obtains the correct ciphertext of the plaintext under the action of the initial key, and marks the correct ciphertext as C, such as figure 2 as shown, C = SR ( SB ( S ⊕ K 9 ) ) ⊕ K 10 , Among them, S represents the state after the ninth round of column obfuscation in the AES-128 encryption algorithm, and K 9 Indicates the subkey required for the ninth round of key plus operation i...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a novel fault attack method aiming at the Advanced Encryption Standard (AES-128) algorithm, which comprises the steps that: firstly, an attacker randomly selects a plaintext, acquires the correct ciphertext of the plaintext under the action of an initial secret key; and then the attacker encrypts the randomly selected plaintext, optionally selects any one of first three columns of sub-secrete keys at the ninth round in an encryption operation progress, performs multi-byte random fault induction to the one column of sub-secret keys, and acquires a wrong ciphertext comprising random faults; next, the attacker performs multi-byte random fault induction to the rest three columns of sub-secret keys at the ninth round through the same operation till the rest three columns of sub-secret keys are recovered completely and sub-secrete keys at the tenth round are acquired; at last, the initial secret key is acquired through reverse calculation. The novel fault attack method aiming at the AES-12 algorithm disclosed by the invention attacks the sub-secret keys at the ninth round and operates any column of the needed sub-secret keys without affecting operation results of each other, therefore, an AES-128 password system can be treated by differential fault attack by a plurality of equipments at the same time, thus acquiring initial secret key information rapidly and saving more time.

Description

technical field [0001] The invention relates to a fault attack technology of the AES algorithm, in particular to a novel fault attack method for the AES-128 algorithm. Background technique [0002] AES (Advanced Encryption Standard, Advanced Encryption Standard) is a block cipher of a typical substitution-permutation network structure. Its data packet length is 128 bits, and the key length is divided into three forms: 128 bits, 192 bits and 256 bits. In the AES block cipher system, the AES-128 algorithm with a key length of 128 bits is the most widely used. It consists of three parts: encryption algorithm, decryption algorithm and key expansion algorithm. The encryption algorithm and decryption algorithm have the same structure, only the subkey The order of use is reversed. [0003] The AES-128 encryption algorithm requires ten rounds of encryption, such as figure 1 As shown, except that the tenth round does not include the column confusion (MC) operation, each round of en...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/06H04L9/08
Inventor 汪鹏君郝李鹏
Owner HANGZHOU MAEN TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap