A non-invasive, high-efficient and low-cost fault attack is realized on FPGA-based cryptographic applications. Based on the setup failures in critical paths, faults are injected into the FPGA devices by lowering the supply voltage. Then the encryption key can be retrieved efficiently with an appropriate fault model. In the attack experiments, the full 128-bit key of AES is retrieved correctly with only 8 pairs of correct and faulty ciphertexts within a few minutes, by using a power supply and a personal computer, based on the FPGA platform.