Bilgiday Yuce scite author profile

Embedded software is developed under the assumption that hardware execution is always correct. Fault attacks break and exploit that assumption. Through the careful introduction of targeted faults, an adversary modifies the controlflow or data-flow integrity of software. The modified program execution is then analyzed and used as a source of information leakage, or as a mechanism for privilege escalation. Due to the increasing complexity of modern embedded systems, and due to the difficulty of guaranteeing correct hardware execution even under a weak adversary, fault attacks are a growing threat. For example, the assumption that an adversary has to be close to the physical execution of software, in order to inject an exploitable fault into hardware, has repeatedly been shown to be incorrect. This article is a review on hardware-based fault attacks on software, with emphasis on the context of embedded systems. We present a detailed discussion of the anatomy of a fault attack, and we make a review of fault attack evaluation techniques. The paper emphasizes the perspective from the attacker, rather than the perspective of countermeasure development. However, we emphasize that improvements to countermeasures often build on insight into the attacks.

show abstract

Software Fault Resistance is Futile: Effective Single-Glitch Attacks

Yuce

Ghalaty

Santapuri

et al. 2016

View full text Add to dashboard Cite

Differential Fault Intensity Analysis

et al. 2014

View full text Add to dashboard Cite

Recent research has demonstrated that there is no sharp distinction between passive attacks based on sidechannel leakage and active attacks based on fault injection. Fault behavior can be processed as side-channel information, offering all the benefits of Differential Power Analysis including noise averaging and hypothesis testing by correlation. This paper introduces Differential Fault Intensity Analysis, which combines the principles of Differential Power Analysis and fault injection. We observe that most faults are biased -such as single-bit, two-bit, or three-bit errors in a byte -and that this property can reveal the secret key through a hypothesis test. Unlike Differential Fault Analysis, we do not require precise analysis of the fault propagation. Unlike Fault Sensitivity Analysis, we do not require a fault sensitivity profile for the device under attack. We demonstrate our method on an FPGA implementation of AES with a fault injection model. We find that with an average of 7 fault injections, we can reconstruct a full 128-bit AES key.

show abstract

Lightweight Fault Attack Resistance in Software Using Intra-instruction Redundancy

Patrick

Yuce

Ghalaty

et al. 2017

View full text Add to dashboard Cite

Fast and Efficient Circuit Topologies forFinding the Maximum of n k-Bit Numbers

Yuce

Uğurdağ

Gören

et al. 2014

IEEE Trans. Comput.

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Bilgiday Yuce

Fault Attacks on Secure Embedded Software: Threats, Design, and Evaluation

Software Fault Resistance is Futile: Effective Single-Glitch Attacks

Differential Fault Intensity Analysis

Lightweight Fault Attack Resistance in Software Using Intra-instruction Redundancy

Fast and Efficient Circuit Topologies forFinding the Maximum of n k-Bit Numbers

Contact Info

Product

Resources

About