FEDS: Comprehensive Fault Attack Exploitability Detection for Software Implementations of Block Ciphers

Keerthi, K; Roy, Indrani; Rebeiro, Chester; Hazra, Aritra; Bhunia, Swarup

doi:10.46586/tches.v2020.i2.272-299

Cited by 4 publications

(2 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…AI models learn from a training dataset to develop and hone their search space rather than exhaustively trying all combinations. Tools such as XFC [18], SAFARI [26], FEDS [17], SOLOMON [33] and ALAFA [29] use the concept of non-interference to their advantage, while tools such as DL-FALAT [27], or ExpFault [31], or the ones presented in [30] and [28] employ deep learning and data mining, respectively, to counter the limitations outlined in Sect. 6.…”

Section: Opportunities Of Using Ai Techniquesmentioning

confidence: 99%

“…The target audience for this paper is developers of general-purpose software and not specifically cryptographic implementations. Although many fault simulators [1,5,6,14,[16][17][18]24,[26][27][28][29]31,33] can verify the implementations of cryptographic algorithms, we exclude them in this work because there is already an overview of such tools [4]. We found four fault simulators in the public domain suitable for such a developer, namely FiSim [25], ZOFI [23], ARMORY [13] and ARCHIE [12].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

SoK: Assisted Fault Simulation

Adhikary,

Buhan

2023

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Fault injection attacks have caused implementations to behave unexpectedly, resulting in a spectacular bypass of security features and even the extraction of cryptographic keys. Clearly, developers want to ensure the robustness of the software against faults and eliminate production weaknesses that could lead to exploitation. Several fault simulators have been released that promise cost-effective evaluations against fault attacks. In this paper, we set out to discover how suitable such tools are, for a developer who wishes to create robust software against fault attacks. We found four open-source fault simulators that employ different techniques to navigate faults, which we objectively compare and discuss their benefits and drawbacks. Unfortunately, none of the four open-source fault simulators employ artificial intelligence (AI) techniques. However, AI was successfully applied to improve the fault simulation of cryptographic algorithms, though none of these tools is open source. We suggest improvements to open-source fault simulators inspired by the AI techniques used by cryptographic fault simulators.

show abstract