Electromagnetic Fault Injection as a New Forensic Approach for SoCs

Gaine, Clément; Aboulkassimi, Driss; Pontié, S.; Nikolovski, Jean-Pierre; Dutertre, Jean-Max

doi:10.1109/wifs49906.2020.9360902

Cited by 18 publications

(14 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The reader might wonder why the best success rate is only 0.62% experimentally while the theoretical success rate of the attack is around 50% as seen in Remark 3. This is due to the low repeatability of electromagnetic fault injection [10]: a lot of attempts at altering the algorithm's execution does not induce faults, or at least not in a way that enables us to perform the attack (e.g. a reboot).…”

Section: Resultsmentioning

confidence: 99%

“…Before performing real-life electromagnetic fault attacks, we decided to simulate these attacks using software only. Indeed, fault injection attacks are long and complex to carry out [10], thus we chose to validate the attack with a simulation before the laboratory experiments. There were two steps: rst, we used Sagemath [26] to simulate fault injection and to recover the secret isogeny with an implementation of Algorithm 2 and then we emulated the target in C and injected the fault by debugging, while recovering the secret with the same Sage implementation of Algorithm 2.…”

Section: Sike Sike Is a Key Encapsulation Mechanism (Kem)mentioning

confidence: 99%

“…The target is a system on chip (SoC) equipped with four ARM Cortex-A53 cores and including a Yocto Linux operating system. While it is dicult to fault a chosen instruction because of a poorly predictable latency of execution in SoCs [10], we have seen in Section 3 and with the simulation in Section 4.1 that we only need to fault the beginning of the key generation and do not need to choose precisely the time for the fault injection. Thus we can expect a successful attack on such a target.…”

Section: Carrying Out the Fault Injection In A Laboratorymentioning

confidence: 99%

“…During our campaign, the probe does not move and the pulse width is set at 6 ns. This position and the width are propitious for fault injection according to [10]. The amplitude varies from 300 to 360 V with a 20 V step and the delay between the start of the public key generation and the fault injection varies from 100 to 600 ns with a 20 ns step.…”

Section: Carrying Out the Fault Injection In A Laboratorymentioning

confidence: 99%

See 3 more Smart Citations

Resistance of Isogeny-Based Cryptographic Implementations to a Fault Attack

Tasso¹,

Feo²,

Mrabet³

et al. 2021

Constructive Side-Channel Analysis and Secure Design

View full text Add to dashboard Cite

HAL is a multi-disciplinary open access archive for the deposit and dissemination of scientific research documents, whether they are published or not. The documents may come from teaching and research institutions in France or abroad, or from public or private research centers. L'archive ouverte pluridisciplinaire HAL, est destinée au dépôt et à la diffusion de documents scientifiques de niveau recherche, publiés ou non, émanant des établissements d'enseignement et de recherche français ou étrangers, des laboratoires publics ou privés.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: Sike Sike Is a Key Encapsulation Mechanism (Kem)mentioning

confidence: 99%

Section: Carrying Out the Fault Injection In A Laboratorymentioning

confidence: 99%

Section: Carrying Out the Fault Injection In A Laboratorymentioning

confidence: 99%

See 2 more Smart Citations

Resistance of Isogeny-Based Cryptographic Implementations to a Fault Attack

Tasso¹,

Feo²,

Mrabet³

et al. 2021

Constructive Side-Channel Analysis and Secure Design

View full text Add to dashboard Cite

show abstract

“…The drawback of this computational power is a complex hardware layout which is, for now, lacking security analysis, in particular, regarding hardware attacks. However, some recent works have demonstrated that these attacks are efficient to lower the security of modern SoCs [5], [11], [12], [13]. Therefore, we believe it is important to understand the underlying effect induced by the proposed perturbations to be able to measure their impact and design adapted countermeasures.…”

Section: Introductionmentioning

confidence: 99%

EM Fault Model Characterization on SoCs: From Different Architectures to the Same Fault Model

Trouchkine

Bouffard

Clédière

2021

2021 Workshop on Fault Detection and Tolerance in Cryptography (FDTC)

View full text Add to dashboard Cite

Recently, several Fault Attacks (FAs) which target modern Central Processing Units (CPUs) have emerged. These attacks are studied from a practical point of view and, due to the modern CPUs complexity, the underlying fault effect is usually unknown. Only few works try to characterize them at the Instruction Set Architecture (ISA) level.In this article, we apply a state-of-the-art faults model characterization approach on modern CPU to evaluate the fault model on two different CPUs from different architectures with the same injection mediums. We target the CPU of the Raspberry Pi 3 (ARM) and an Intel Core i3 (x86) and perturbing them with ElectroMagnetic Fault Injection (EMFI). From the ISA point of view, we disclose a similar fault model on each component. Additionally, we evaluate a widely used complex software, OpenSSL, against this fault model.

show abstract