Fault Injection as an Oscilloscope: Fault Correlation Analysis

Spruyt, Albert; Milburn, Alyssa; Chmielewski, Łukasz

doi:10.46586/tches.v2021.i1.192-216

Cited by 12 publications

(6 citation statements)

References 25 publications

(36 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Moreover, in the case of fault injection under conditions where the cryptographic equipment is not directly accessible, the secret key extraction methods that can be used are limited because the faults occur randomly [6]. However, since the proposed method can cause faults at arbitrary times, various analysis methods proposed in past studies [12], [13], [14], [15] may be applicable, and secret keys may be analyzed in a shorter time.…”

Section: Discussionmentioning

confidence: 99%

“…The attack requires an injection method that induces a temporary computational fault in the operation of the cryptographic module, and an analysis method that can extract the secret key from the faulty output obtained. Based on these requirements, existing research include theoretical methods that hypothesize the occurrence of a fault in a specific intermediate process of the cryptographic algorithm, they then use the faulty output to estimate the secret key [9], [10], [11], [12], [13], [14], [15]. Research focused on injection methods has investigated specific approaches for generating faults required for secret key estimation in real cryptographic modules.…”

mentioning

confidence: 99%

See 1 more Smart Citation

Efficient Noninvasive Fault Injection Method Utilizing Intentional Electromagnetic Interference

Nishiyama

Fujimoto

Sone

et al. 2023

IEEE Trans. Electromagn. Compat.

View full text Add to dashboard Cite

In the fault injection method, an electromagnetic (EM) wave is injected to temporarily cause a fault at a specific time of the encryption process, the faulty outputs are obtained from the cryptographic device, and the secret key is extracted by analyzing the faulty outputs. In the conventional method, the intentional electromagnetic interference (IEMI) wave is injected at a random time because it is difficult to obtain information on the start time of the encryption process. Thus, a cryptographic module must execute a large number of encryption trials before the occurrence of a fault that enables the secret key to be extracted. In this article, we propose a fault injection method that can generate the faults at a specific time with high probability, which is like the method of injecting an IEMI wave synchronized with the start time of the encryption process. The proposed method inserts glitches into the encryption process at fixed times by injecting a continuous sinusoidal wave of a specific frequency while controlling the amplitude and phase. This generates faults required for the secret key analysis method with a high probability even when the start time of the encryption process cannot be obtained. We experimentally demonstrate the impact of the aforementioned IEMI using the advanced encryption standard, which is an ISO/IEC 18033 block cipher, implemented as a module on a standard evaluation board. The conventional method requires more than 30 000 encryption processes to obtain the secret key. In contrast, the results indicate that we can obtain the secret key with approximately 22 encryption processes which is almost three orders of magnitude less than that with the conventional method. This confirms that secret keys can be extracted in a brief period of time. Moreover, devices previously excluded from IEMI-based fault injection because they can only be accessed for a brief period because their physical access was surveilled, may now be the target of the threat.

show abstract

Section: Discussionmentioning

confidence: 99%

mentioning

confidence: 99%

Efficient Noninvasive Fault Injection Method Utilizing Intentional Electromagnetic Interference

Nishiyama

Fujimoto

Sone

et al. 2023

IEEE Trans. Electromagn. Compat.

View full text Add to dashboard Cite

show abstract

“…In the following, we write (d, k)-combined security when we do not restrict the fault type and location. Further, we emphasize the adversarial knowledge on faults, since injecting faults is strongly linked to placing probes [Cla07,SMC21]. Remark 1 (Adversarial Knowledge on Faults).…”

Section: Correctnessmentioning

confidence: 99%

VERICA - Verification of Combined Attacks

Richter-Brockmann

Feldtkeller

Sasdrich

et al. 2022

TCHES

View full text Add to dashboard Cite

Physical attacks, including passive Side-Channel Analysis and active Fault Injection Analysis, are considered among the most powerful threats against physical cryptographic implementations. These attacks are well known and research provides many specialized countermeasures to protect cryptographic implementations against them. Still, only a limited number of combined countermeasures, i.e., countermeasures that protect implementations against multiple attacks simultaneously, were proposed in the past. Due to increasing complexity and reciprocal effects, design of efficient and reliable combined countermeasures requires longstanding expertise in hardware design and security. With the help of formal security specifications and adversary models, automated verification can streamline development cycles, increase quality, and facilitate development of robust cryptographic implementations.In this work, we revise and refine formal security notions for combined protection mechanisms and specifically embed them in the context of hardware implementations. Based on this, we present the first automated verification framework that can verify physical security properties of hardware circuits with respect to combined physical attacks. To this end, we conduct several case studies to demonstrate the capabilities and advantages of our framework, analyzing secure building blocks (gadgets), S-boxes build from Toffoli gates, and the ParTI scheme. For the first time, we reveal security flaws in analyzed structures due to reciprocal effects, highlighting the importance of continuously integrating security verification into modern design and development cycles.

show abstract

“…Several physical glitching set-ups have been proposed [OC,KKM + 18,SMC20]. Furthermore, Krautter et al were even able to show that on-chip power glitching is feasible even without a physical glitching set-up [KGT18].…”

Section: Glitch-based Fault Injection Analysismentioning

confidence: 99%

When the Decoder Has to Look Twice: Glitching a PUF Error Correction

Ruchti

Gruber

Pehl

2022

TCHES

View full text Add to dashboard Cite

Physical Unclonable Functions (PUFs) have been increasingly used as an alternative to non-volatile memory for the storage of cryptographic secrets. Research on side channel and fault attacks with the goal of extracting these secrets has begun to gain interest but no fault injection attack targeting the necessary error correction within a PUF device has been shown so far. This work demonstrates one such attack on a hardware fuzzy commitment scheme implementation and thus shows a new potential attack threat existing in current PUF key storage systems. After presenting evidence for the overall viability of the profiled attack by performing it on an FPGA implementation, countermeasures are analysed: we discuss the efficacy of hashing helper data with the PUF-derived key to prevent the attack as well as codeword masking, a countermeasure effective against a side channel attack. The analysis shows the limits of these approaches. First, we demonstrate the criticality of timing in codeword masking by confirming the attack’s effectiveness on ostensibly protected hardware. Second, our work shows a successful attack without helper data manipulation and thus the potential for sidestepping helper data hashing countermeasures.

show abstract

Fault Injection as an Oscilloscope: Fault Correlation Analysis

Cited by 12 publications

References 25 publications

Efficient Noninvasive Fault Injection Method Utilizing Intentional Electromagnetic Interference

Efficient Noninvasive Fault Injection Method Utilizing Intentional Electromagnetic Interference

VERICA - Verification of Combined Attacks

When the Decoder Has to Look Twice: Glitching a PUF Error Correction

Contact Info

Product

Resources

About