Differential Fault Analysis on SMS4 using a single fault

Ruilin Li, Bing Sun, Chao Li, Jianxiong You
2011 Information Processing Letters  
Differential Fault Analysis (DFA) attack is a powerful cryptanalytic technique that could be used to retrieve the secret key by exploiting computational errors in the encryption (decryption) procedure. In the present paper, we propose a new DFA attack on SMS4 using a single fault. We show that if a random byte fault is induced into either the second, third, or fourth word register at the input of the 28-th round, the 128-bit master key could be recovered with an exhaustive search of 22.11 bits
more » ... n average. The proposed attack makes use of the characteristic of the cipher's structure, the speciality of the diffusion layer, and the differential property of the S-box. Furthermore, it can be tailored to any block cipher employing a similar structure and an SPN-style round function as that of SMS4.
doi:10.1016/j.ipl.2010.11.011 fatcat:6kgxzdn5ufgvxgi56uiomkhy74