Fault attack on AES with single-bit induced faults

This work presents a differential fault attack against AES employin any key size, regardless of the key scheduling strategy. The presented attack relies on the injection of a single bit flip, and is able to check for the correctness of the injection of the fault a posteriori. This fault model nicely fits the one obtained through underfeeding a computing device employing a low cost tunable power supply unit. This fault injection technique, which has been successfully applied to hardware implementations of AES, receives a further validation in this paper where the target computing device is a system-on-chip based on the widely adopted ARM926EJ-S CPU core. The attack is successfully carried out against two different devices, etched in two different technologies (a generic 130nm and a low-power oriented 90nm library) running a software implementation of AES-192 and AES-256 and has been reproduced on multiple instances of the same chip.