Title :
Masking Does Not Protect Against Differential Fault Attacks
Author :
Boscher, Arnaud ; Handschuh, Helena
Author_Institution :
Spansion, Levallois-Perret
Abstract :
Over the past ten years, cryptographic algorithms have been found to be vulnerable against side-channel attacks such as power analysis attacks, timing attacks, electromagnetic radiation attacks and fault attacks. These attacks capture leaking information from an implementation of the algorithm in software or in hardware and apply cryptanalytical and statistical tools to recover the secret keys. A very well-known countermeasure against these attacks is to randomize every execution of the algorithm and every intermediate piece of data with a so-called masking method. In this paper we demonstrate that traditional countermeasures such as masking methodsfor symmetric cryptosystems are completely inefficient against fault attacks. In other words, differential fault attacks still apply on masked data. As an example we show how to recover secret keys from two masked AES implementations using a basic differential fault attack.
Keywords :
cryptography; cryptographic algorithms; differential fault attacks; masking method; secret keys recovery; symmetric cryptosystems; Algorithm design and analysis; Electromagnetic analysis; Electromagnetic radiation; Elliptic curve cryptography; Fault diagnosis; Hardware; Protection; Public key cryptography; Software algorithms; Timing; AES; Fault Attacks; Masking Schemes;
Conference_Titel :
Fault Diagnosis and Tolerance in Cryptography, 2008. FDTC '08. 5th Workshop on
Conference_Location :
Washington, DC
Print_ISBN :
978-0-7695-3314-8
DOI :
10.1109/FDTC.2008.12
