Biryukov, Alex[University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Khovratovich, Dmitry[University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
2007
Cryptographic Hardware and Embedded Systems - CHES 2007
195-208
Yes
International
Cryptographic Hardware and Embedded Systems - CHES 2007
[en] We describe two new techniques of side-channel cryptanalysis which we call the impossible collision attack and the multiset collision attack. These are inspired by the state-of-the-art cryptanalytic techniques of impossible differential attacks [BihamBS99] and partial-function collision attacks [GilbertM00] respectively. Using these techniques on an example of the AES we show that one has to mask all the rounds of a 128-bit key AES in order to prevent such attacks. For example these attacks can be used to break a recent proposal by Schramm et al. [SchrammP06] of high order masking for the AES, since it protects only 3 external rounds.