2017 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC) 2017
DOI: 10.1109/fdtc.2017.18
|View full text |Cite
|
Sign up to set email alerts
|

Laser-Induced Fault Injection on Smartphone Bypassing the Secure Boot

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
36
0

Year Published

2019
2019
2022
2022

Publication Types

Select...
3
2
2

Relationship

0
7

Authors

Journals

citations
Cited by 33 publications
(36 citation statements)
references
References 10 publications
0
36
0
Order By: Relevance
“…The injection of faults on more complex SoC has recently raised the interest of security researchers. Attacks targeting an ARM Cortex-A9 platform-typical of early smartphonesattempted priviledge escalation in Linux using power glitches [23] and to bypass secure boot protections using laser injection [25]. Majeric et al [15] sucessfully injected EM-induced faults targeting a hardware AES implementation on a similar SoC.…”
Section: Related Workmentioning
confidence: 99%
See 1 more Smart Citation
“…The injection of faults on more complex SoC has recently raised the interest of security researchers. Attacks targeting an ARM Cortex-A9 platform-typical of early smartphonesattempted priviledge escalation in Linux using power glitches [23] and to bypass secure boot protections using laser injection [25]. Majeric et al [15] sucessfully injected EM-induced faults targeting a hardware AES implementation on a similar SoC.…”
Section: Related Workmentioning
confidence: 99%
“…Until recently, microprocessor architecture and SoC complexity were considered strong deterrents for thwarting fault attacks [26]. However, recent papers showed that fault attacks are also effective on such devices [15,23,25], prompting the attention of security researchers to complex microarchitectures.…”
Section: Introductionmentioning
confidence: 99%
“…Among these techniques, fault injection consists in disturbing the operating conditions of a device, while a secure computation takes place, in order to retrieve secret information or be granted unauthorised privileges. Laser fault injection features a high spatial accuracy, which Part of this work is funded by French ANR program (DS0901/2015) with the project PROSECCO (ANR-15-CE39-0008) enables an attacker to induce single bit-flips in static memory cells of 8-bit [1] and 32-bit microcontrollers [2]. An explanation of the fault mechanism at the architectural level was proposed, based on the physical understanding of laser injection phenomenon [3], [4].…”
Section: Introductionmentioning
confidence: 99%
“…Conversely, this technique is expensive and difficult to carry out with numerous precise parameters to tune, which might result in endless explorations of the parameters space. While increasing chip integration enables designers to integrate complex 32-bit architectures, only few work investigate laser injection on these System-on-Chip architectures [2], [5]- [7]. Besides, none of them address the underlying fault mechanism, which makes it difficult to explain the observed fault models in a consistent framework.…”
Section: Introductionmentioning
confidence: 99%
“…They were able to inject two single instruction skips distant from 58 ms to defeat a protected CRT-RSA algorithm. In terms of target complexity, [19] reports injection of single instruction skips into a quad core ARM cortex A9 microprocessor running at 1.4 GHz clock frequency. Hence, the state-of-the-art in laser-induced instruction skip was limited to single instruction skips (with a repetition rate in the range of tens of ms).…”
Section: The Instruction Skip Fault Model State-of-the-artmentioning
confidence: 99%