抄録
Fault-based attacks are very powerful to recover the secret key for cryptographic implementations. In this work, we consider the faulty output value under a certain fault injection intensity as a new type of leakage called faulty behavior. We examine the data-dependency of the faulty behavior and propose a related side-channel attack called fault behavior analysis (FBA). To verify the validity of the proposed attack, we first show that our attack can work effectively on AES-COMP of SASEBO-R. Then we show how to apply the similar attack on two AES implementations with masking countermeasures, i.e., AES-MAO and AES-TI. Finally we compare the proposed FBA attack with the DFA attack and the FSA attack, trying to complete the research map for the fault-based attack based on setup-time violations.
