2015
DOI: 10.1007/s13389-015-0113-2
|View full text |Cite
|
Sign up to set email alerts
|

Fault model of electromagnetic attacks targeting ring oscillator-based true random number generators

Abstract: International audienceMany side channels including power consumption, electromagnetic emanation, optical radiation, and even sound have been studied since the first publication of a side channel attack at the end of the 1990s. Most of these channels can be relatively easily used for an overall analysis of the cryptographic system (implementation of efficient passive attacks) or for injection of faults. Until recently, only the optical channel allowed both analysis of locally leaked information and precise inje… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
20
0

Year Published

2018
2018
2024
2024

Publication Types

Select...
6
1
1

Relationship

0
8

Authors

Journals

citations
Cited by 21 publications
(20 citation statements)
references
References 16 publications
0
20
0
Order By: Relevance
“…The term (sensor) spoofing [8], [9], [14], [43] was also Injection [5], [13], [35], [38], [41]- [44] Intentional Interference [5], [10], [12], [36], [38], [40], [42], [49] Non-Linearity [11], [54], [55], [68] Spoofing [8], [9], [14], [43] Other (See Text) [7], [53], [67] avoided for similar reasons: it has an overloaded meaning in authentication contexts and with in-band signal injection attacks [6], [52]. Moreover, it does not capture the physical aspect of injections, and does not accurately describe coarsegrained attacks which lead to saturation of a sensor.…”
Section: Choice Of Terminologymentioning
confidence: 99%
See 1 more Smart Citation
“…The term (sensor) spoofing [8], [9], [14], [43] was also Injection [5], [13], [35], [38], [41]- [44] Intentional Interference [5], [10], [12], [36], [38], [40], [42], [49] Non-Linearity [11], [54], [55], [68] Spoofing [8], [9], [14], [43] Other (See Text) [7], [53], [67] avoided for similar reasons: it has an overloaded meaning in authentication contexts and with in-band signal injection attacks [6], [52]. Moreover, it does not capture the physical aspect of injections, and does not accurately describe coarsegrained attacks which lead to saturation of a sensor.…”
Section: Choice Of Terminologymentioning
confidence: 99%
“…Early research into the properties of MEMS gyroscopes had shown that high-power acoustic noise at or near the resonant 2 Much like the original work by Markettos and Moore [35]. However, Bayon et al [36], [49] targeted a more realistic TRNG composed of 50 ROs. frequency can degrade the performance of the sensor [126]- [128].…”
Section: Acoustic Emanationsmentioning
confidence: 99%
“…• Attack countermeasures: TRNGs are susceptible to many different attacks because of their paramount im-portance in critical systems. In recent times, several attacks have been presented against some specific TRNGs [29][14] [24]. Some of these attacks can be thwarted by adding lightweight countermeasures in the original design.…”
Section: Embedded Testsmentioning
confidence: 99%
“…Therefore, fault injection can also support or advance side-channels attacks. Fault-injection attacks cover direct, invasive fault injection, e.g., by laser light [18] or electromagnetic waves [8,11], as well as indirect fault injection, e.g., by repetitive writing to particular memory locations [19] or by deliberate "misuse" of dynamic voltage and frequency scaling (DVFS) features [9].…”
Section: Introductionmentioning
confidence: 99%