Sciweavers

SACRYPT
2007
Springer

Improved Side-Channel Collision Attacks on AES

14 years 6 months ago
Improved Side-Channel Collision Attacks on AES
Abstract. Side-channel collision attacks were proposed in [1] and applied to AES in [2]. These are based on detecting collisions in certain positions of the internal state after the first AES round for different executions of the algorithm. The attack needs about 40 measurements and 512 MB precomputed values as well as requires the chosen-plaintext possibility. In this paper we show how to mount a collision attack on AES using only 6 measurements and about 237.15 offline computational steps working with a probability of about 0.85. Another attack uses only 7 measurements and finds the full encryption key with an offline complexity of about 234.74 with a probability of 0.99. All our attacks require a negligible amount of memory only and work in the known-plaintext model. This becomes possible by considering collisions in the S-box layers both for different AES executions and within the same AES run. All the attacks work under the assumption that one-byte collisions are detectable. K...
Andrey Bogdanov
Added 09 Jun 2010
Updated 09 Jun 2010
Type Conference
Year 2007
Where SACRYPT
Authors Andrey Bogdanov
Comments (0)