Differential fault analysis
Differential fault analysis (DFA) is a type of active side-channel attack in the field of cryptography, specifically cryptanalysis. The principle is to induce faults—unexpected environmental conditions—into cryptographic implementations, to reveal their internal states.
For example, a smartcard containing an embedded processor might be subjected to high temperature, unsupported supply voltage or current, excessively high overclocking, strong electric or magnetic fields, or even ionizing radiation to influence the operation of the processor. The processor may begin to output incorrect results due to physical data corruption, which may help a cryptanalyst deduce the instructions that the processor is running, or what its internal data state is.
- Eli Biham, Adi Shamir: The next Stage of Differential Fault Analysis: How to break completely unknown cryptosystems (1996)
- Dan Boneh and Richard A. DeMillo and Richard J. Lipton: On the Importance of Checking Cryptographic Protocols for Faults, Eurocrypt (1997)
- Ramesh Karri, et al.: Fault-Based Side-Channel Cryptanalysis Tolerant Rijndael Symmetric Block Cipher Architecture (2002)
- Christophe Giraud: DFA on AES (2005)
- Xiaofei Guo, et al.: Invariance-based Concurrent Error Detection for Advanced Encryption Standard (2012)
- Rauzy and Guilley: Countermeasures against High-Order Fault-Injection Attacks on CRT-RSA (2014) (Open Access version)