Abstract
Side-channel collision attacks were proposed in [1] and applied to AES in [2]. These are based on detecting collisions in certain positions of the internal state after the first AES round for different executions of the algorithm. The attack needs about 40 measurements and 512 MB precomputed values as well as requires the chosen-plaintext possibility.
In this paper we show how to mount a collision attack on AES using only 6 measurements and about 237.15 offline computational steps working with a probability of about 0.85. Another attack uses only 7 measurements and finds the full encryption key with an offline complexity of about 234.74 with a probability of 0.99. All our attacks require a negligible amount of memory only and work in the known-plaintext model. This becomes possible by considering collisions in the S-box layers both for different AES executions and within the same AES run. All the attacks work under the assumption that one-byte collisions are detectable.
Chapter PDF
Similar content being viewed by others
Keywords
References
Schramm, K., Wollinger, T.J., Paar, C.: A new class of collision attacks and its application to DES. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 206–222. Springer, Heidelberg (2003)
Schramm, K., Leander, G., Felke, P., Paar, C.: A collision-attack on AES: combining side channel- and differential-attack. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 163–175. Springer, Heidelberg (2004)
Biryukov, A., Bogdanov, A., Khovratovich, D., Kasper, T.: Collision Attacks on Alpha-MAC and Other AES-based MACs. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727. Springer, Heidelberg (2007)
Ledig, H., Muller, F., Valette, F.: Enhancing collision attacks. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 176–190. Springer, Heidelberg (2004)
Sachkov, V.N.: Probabilistic Methods in Combinatorial Analysis. Encyclopedia of Mathematics and Its Applications, vol. 56. Cambridge University Press, Cambridge (1997)
Kolchin, V.F., Sevastyanov, B., Chistyakov, V.P.: Random Allocations. V. H. Winston & Sons (1978)
Karp, R.M., Tarjan, R.E.: Linear extected-time algorithms for connectivity problems. J. Algorithms 1 (1980)
Oswald, E., Mangard, S., Pramstaller, N., Rijmen, V.: A side-channel analysis resistant description of the AES S-box. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, Springer, Heidelberg (2005)
Oswald, E., Schramm, K.: An Efficient Masking Scheme for AES Software Implementations. In: Song, J., Kwon, T., Yung, M. (eds.) WISA 2005. LNCS, vol. 3786, Springer, Heidelberg (2006)
Herbst, C., Oswald, E., Mangard, S.: An AES implementation resistant to power analysis attacks. In: Zhou, J., Yung, M., Bao, F. (eds.) ACNS 2006. LNCS, vol. 3989, Springer, Heidelberg (2006)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bogdanov, A. (2007). Improved Side-Channel Collision Attacks on AES. In: Adams, C., Miri, A., Wiener, M. (eds) Selected Areas in Cryptography. SAC 2007. Lecture Notes in Computer Science, vol 4876. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77360-3_6
Download citation
DOI: https://doi.org/10.1007/978-3-540-77360-3_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77359-7
Online ISBN: 978-3-540-77360-3
eBook Packages: Computer ScienceComputer Science (R0)