Differential Fault Analysis (DFA) is one of the most practical methods to recover the secret keys from real cryptographic devices. In particular, DFA on Advanced Encryption Standard (AES) has been massively researched for many years for both single-byte and multibyte fault model. For AES, the first proposed DFA attack requires 6 pairs of ciphertexts to identify the secret key under multibyte fault model. Until now, the most efficient DFA under multibyte fault model proposed in 2017 can complete most of the attacks within 3 pairs of ciphertexts. However, we note that the attack is not fully optimized since no clear optimization goal was set. In this work, we introduce two optimization goals as the fewest ciphertext pairs and the least computational complexity. For these goals, we manage to figure out the corresponding optimized key recovery strategies, which further increase the efficiency of DFA attacks on AES. A more accurate security assessment of AES can be completed based on our study of DFA attacks on AES. Considering the variations of fault distribution, the improvement to the attack has been analyzed and verified.
We report an electrochemical intramolecular [3 + 2] cyclization
of alkynyl enaminones in a user-friendly undivided cell under constant
current conditions without an oxidant and catalyst, and indeno[1,2-c]pyrrole derivatives could be obtained in good to excellent
yields. Notably, preliminary substituent-controlled selective transformation
is also achieved under electrocatalysis alone, and indeno[1,2-c]pyrrole (R4 ≠ H) or indanone derivatives
(R4 = H) could be prepared directly under electrocatalysis
without adding a base and heating process.
The security of modular power algorithm is a very important research topic, which is the core operation of public key cryptography algorithm. Since the first timing attack was public in 1996, the attacker can exploit time differences between specific events to recover a secret key. In 2016, Dugardin took advantage of extra reductions to attack a regular exponentiation algorithm, which did not entirely adapt the fixed window method with Montgomery's algorithm. The central thesis of this paper is that there exists a positive correlation between extra reductions of pre-computation and post-computation when the calculation has the same multiplier factor. In this article, basing on this dependency we present an attack method, and confirm the feasibility and effectiveness of it by conducting simulation experiments. Experimental results verify that the method can effectively attack modular power algorithm.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.