Skip to Main Content
Quadratic residue codes are introduced as an effective and efficient fault detection technique to protect cryptographic devices against fault attacks. In this paper, we re-consider these codes in an adversarial model, where a powerful attacker can introduce faults with high precision and accuracy. We present two analysis techniques that can lead to successful attacks against quadratic codes if the modulus is not chosen carefully. We provide in-depth theoretical analysis that covers wide range of attacks and present results of practical concerns such as exact number of undetected faults and effective countermeasures. Our analysis is generic in the sense that it can be extended to other residue codes.