A Fast-Detection and Fault-Correction Algorithm against Persistent Fault Attack
Yukun Cheng, Mengce Zheng, Fan Huang, Jiajia Zhang, Honggang Hu, Nenghai Yu
TL;DR
The paper addresses Persistent Fault Attack (PFA) on AES and shows that classical FA countermeasures are insufficient. It introduces a fast-detection and fault-correction algorithm that detects persistent S-box faults with a fixed input/output pair and repairs them using adjacency-based redundancy, ensuring correct ciphertexts. The approach is validated on both MCU software and FPGA hardware, demonstrating strong protection in single-bit faults and robust behavior under multiple faults, with significantly lower time cost than DMR or BS. The work also discusses extensions to TMR and applicability to other SPN-based ciphers, highlighting practical impact for fault-resilient cryptographic implementations.
Abstract
Persistent Fault Attack (PFA) is a recently proposed Fault Attack (FA) method in CHES 2018. It is able to recover full AES secret key in the Single-Byte-Fault scenario. It is demonstrated that classical FA countermeasures, such as Dual Modular Redundancy (DMR) and mask protection, are unable to thwart PFA. In this paper, we propose a fast-detection and faultcorrection algorithm to prevent PFA. We construct a fixed input and output pair to detect faults rapidly. Then we build two extra redundant tables to store the relationship between the adjacent elements in the S-box, by which the algorithm can correct the faulty elements in the S-box. Our experimental results show that our algorithm can effectively prevent PFA in both Single-ByteFault and Multiple-Bytes-Faults scenarios. Compared with the classical FA countermeasures, our algorithm has a much better effect against PFA. Further, the time cost of our algorithm is 40% lower than the classical FA countermeasures.