Fault attacks on AES and their countermeasures

Subidh Ali, Xiaofei Guo, Ramesh Karri, Debdeep Mukhopadhyay

Research output: Chapter in Book/Report/Conference proceedingChapter


Fault Attacks exploit malicious or accidental faults injected during the computation of a cryptographic algorithm. Combining the seminal idea by Boneh, DeMillo and Lipton with Differential Cryptanalysis, a new field of Differential Fault Attacks (DFA) has emerged. DFA has shown that several ciphers can be compromised if the faults can be suitably controlled. DFA is not restricted to old ciphers, but can be a powerful attack vector even for modern ciphers, like the Advanced Encryption Standard (AES). In this book chapter, we present an overview on the history of fault attacks and their general principle. The chapter subsequently concentrates on the AES algorithm and explains the developed fault attacks. The chapter covers the entire range of attacks finally showing that a single random byte fault can reduce the AES key to 28 values, with a time complexity of 230. Further extensions of the fault attack to multiple byte fault models and attacks targeting the AES key schedule are also presented in the chapter. These attacks emphasize the requirement of counter-measures to detect the underlying faults and accordingly suppress the invalid output. The chapter then presents a survey of existing DFA countermeasures, concluding with the efficient Concurrent Error Detection (CED) schemes which have been developed utilizing the invariance properties in AES. Such a strategy provides near 100%fault coverage at a less overhead. The combined chapter shows that DFA against AES are practical, and can be prevented using suitable techniques.

Original languageEnglish (US)
Title of host publicationSecure System Design and Trustable Computing
PublisherSpringer International Publishing
Number of pages46
ISBN (Electronic)9783319149714
ISBN (Print)9783319149707
StatePublished - Sep 17 2015

ASJC Scopus subject areas

  • General Engineering
  • General Computer Science


Dive into the research topics of 'Fault attacks on AES and their countermeasures'. Together they form a unique fingerprint.

Cite this