Differential fault analysis exploits faults to find secret information stored in a cryptographic device. It utilizes differential information between correct and faulty ciphertexts. We introduce new techniques to improve the previous differential fault analysis of ARIA. ARIA is a general-purpose involutional SPN (substitution permutation network) block cipher and was established as a Korean standard block cipher algorithm in 2004. While the previous method by Li et al. requires 45 faults, our method needs 13 faults to retrieve the 128-bit secret key of ARIA. If access to the decryption oracle is allowed, our method only needs 7 faults. We analyze the characteristics of the diffusion layer of ARIA in detail, which leads us to reduce the number of required faults to find the key.

• 出版日期2012-9