【摘要】 错误引入攻击假设攻击者可以向密码设备(智能卡)引入错误,使其出现错误的加密结果。攻击者同时利用正确的和错误的加密结果来发现隐藏在密码设备中的秘密信息(密钥)。该文给出了一种对RC4算法的错误引入攻击方法。模拟实验表明,一轮攻击有可能找出RC4初始状态中3个位置的值,连续使用该算法能以较高(大于1/2)的概率恢复RC4的整个初始状态。恢复整个初始状态所需的密钥字个数约为O(216),引入的错误数量约为O(216)。更多还原

【Abstract】 Fault induction attack assumes that the attacker is able to induct faults into the cryptographic device (smartcard) and make it output incorrect encryption results. The attacker exploits the correct and incorrect encryption results to disclose the secret information (key) hidden in the cryptographic device. A method of the fault induction attack on RC4 algorithm is brought forward. The simulations show that one attack may find the values of 3 positions in the initial state of RC4 and continuous attacks can recover the whole initial state of RC4 with a considerable probability (more than 1/2). About O(216) key stream bytes at most are needed to recover the whole initial state of RC4 after about O(216) fault inductions at most.更多还原