Abstract
Differential Fault Analysis (DFA) attack is a powerful cryptanalytic technique that could be used to retrieve the secret key by exploiting computational errors in the encryption (decryption) procedure. In this paper, we propose a new DFA attack on SMS4 using a single fault. We show that if a random byte fault is induced into either the second, third, or fourth word register at the input of the 28-th round, the 128-bit key could be recovered with an exhaustive search of 22.11 bits on average. The proposed attack makes use of the characteristic of the cipher's structure and its round function. Furthermore, it can be tailored to any block cipher employing a similar structure and an SPN-style round function as that of SMS4.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
