Acta Scientiarum Naturalium Universitatis Pekinensis ›› 2016, Vol. 52 ›› Issue (2): 193-198.DOI: 10.13209/j.0479-8023.2015.126

Previous Articles     Next Articles

A Non-invasive Fault Attack on FPGA-based Cryptographic Applications

LIAO Nan1, CUI Xiaoxin1, LIAO Kai1, WANG Tian1, YU Dunshan1, CHENG Yufang2   

  1. 1. Institute of Microelectronics, School of Electronics Engineering and Computer Science, Peking University, Beijing 100871;
    2. Nationz technologies Inc, Shenzhen 518057; † Corresponding author, E-mail:
  • Received:2014-12-18 Online:2016-03-20 Published:2016-03-20
  • Contact: CUI Xiaoxin, E-mail: cuixx(at)


廖楠1, 崔小欣1, 廖凯1, 王田1, 于敦山1, 程玉芳2   

  1. 1. 北京大学信息科学技术学院微电子学研究院, 北京 100871; 2. 国民技术股份有限公司, 深圳 518057;
    † 通信作者, E-mail:
  • 通讯作者: 崔小欣, E-mail: cuixx(at)
  • 基金资助:
    国家自然科学基金(61306040) 、北京市自然科学基金(4152020) 和深圳市战略新兴产业发展专项资金创新环境建设计划(ZDSY20130402095348589)资助


A non-invasive, high-efficient and low-cost fault attack is realized on FPGA-based cryptographic applications. Based on the setup failures in critical paths, faults are injected into the FPGA devices by lowering the supply voltage. Then the encryption key can be retrieved efficiently with an appropriate fault model. In the attack experiments, the full 128-bit key of AES is retrieved correctly with only 8 pairs of correct and faulty ciphertexts within a few minutes, by using a power supply and a personal computer, based on the FPGA platform.

Key words: fault attack, FPGA, AES, setup failure


在FPGA平台上, 利用降低电源电压的方法使电路关键路径上的数据建立失败, 从而达到注入故障的目的。基于合适的故障模型, 攻击者可以有效地获取密钥信息,实现了针对密码模块的高效率、低成本的非侵入式故障攻击方法。攻击实验利用一台电压源和一台个人电脑, 通过8组正确和错误密文对, 成功地恢复出一个FPGA 中AES密码模块的128 bit完整密钥。

关键词: 故障攻击, FPGA, AES, 建立失败

CLC Number: