2008 | OriginalPaper | Chapter
Fault Analysis Study of IDEA
Authors : Christophe Clavier, Benedikt Gierlichs, Ingrid Verbauwhede
Published in: Topics in Cryptology – CT-RSA 2008
Publisher: Springer Berlin Heidelberg
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
We present a study of several fault attacks against the block cipher
IDEA
. Such a study is particularly interesting because of the target cipher’s specific property to employ operations on three different algebraic groups while not using substitution tables. We observe that the attacks perform very different in terms of efficiency. Although requiring a restrictive fault model, the first attack can not reveal a sufficient amount of key material to pose a real threat, while the second attack requires a large number of faults in the same model to achieve this goal. In the general random fault model,
i.e.
we assume that the fault has a random and
a priori
unknown effect on the target value, the third attack, which is the first Differential Fault Analysis of
IDEA
to the best of our knowledge, recovers 93 out of 128 key bits exploiting about only 10 faults. For this particular attack, we can also relax the assumption of cycle accurate fault injection to a certain extend.