A Persistent Fault-Based Collision Analysis Against the Advanced Encryption Standard

A transient fault-based collision attack always requires to inject fault multiple times. We present the first attack that uses collision information caused by a persistent fault in the substitution box (S-box) to recover the entire 128-bit key of the advanced encryption standard (AES). Moreover, a relatively relaxed fault model is required; i.e., the attacker does not know any information about the position, the length (i.e., the number of bytes), or the value of the injected fault. At most, 4096 chosen plaintexts are required for a persistent fault-based collision attack (PFCA), and the computational complexity is O(2^{23}) in the worst case in the single-byte fault setting. A filtering algorithm is presented in the multibyte fault setting, and we theoretically prove that the complexity can be reduced to O(2^{12}) in more than half of cases if the number of collision ciphertexts follows a uniform distribution. In addition, PFCAs against a software implementation of AES are simulated on a laptop, and the results show that the success probability of the attack either with online key searching or with offline key searching approaches 100%. In particular, more than 97% of all experiments output the right key with complexity O(2^{12}) in the multibyte fault setting. Therefore, the attack is more efficient in this scenario. Furthermore, the attack works on an AES implementation protected by Boolean masking. Finally, PFCAs against AES implementations separately protected by two widely used countermeasures-the inverse S-box and the parity-1 matrix-are performed. The experimental results illustrate that only a 10-round protection using the first method can completely defeat the attack.