On the Power of Fault Sensitivity Analysis and Collision Side-Channel Attacks in a Combined Setting

Abstract: Abstract. At CHES 2010 two powerful new attacks were presented, namely the Fault Sensitivity Analysis and the Correlation Collision Attack. This paper shows how these ideas can be combined to create even stronger attacks. Two solutions are presented; both extract leakage information by the fault sensitivity analysis method while each one applies a slightly different collision attack to deduce the secret information without the need of any hypothetical leakage model. Having a similar fault injection method, one… Show more

“…3(c). It can be seen that the time required to have a stable output if the S-box input switches to the zero value is notably shorter compared to the other cases, which was also discovered in [20] and [17]. In fact, this is a variant of the zero-value vulnerability first described in [4].…”

“…Because of the special case that a zero input to the inversion circuit of the AES S-box is directly mapped to the zero output, the critical path delay of this input is especially short. This was first assumed as possibility in [20] and later confirmed by simulation in [17].…”

“…In the following we briefly review the Fault Sensitivity Analysis technique first published in [14] and subsequently refined in later publications [12], [13], [20]. We also give a short overview on recent Concurrent Error Detection (CED) schemes.…”

“…Since it could be shown that AND gates exhibit a small delay when switching to zero inputs, the critical path can be well approximated by a Hamming weight (HW) model. Some improvements to FSA have been published in [20], where the linear difference between key bytes could be recovered by correlation collision attacks first presented in [18]. Both presented improvements rely on the similarity of different S-box instances in the targeted ASIC implementations, which is usually not the case in FPGA-based implementations.…”

“…Both presented improvements rely on the similarity of different S-box instances in the targeted ASIC implementations, which is usually not the case in FPGA-based implementations. As one of the improvements shown in [20], the distribution of the faulty ciphertext bytes for two S-box instances are compared to extract the secret. However, if a fault detection scheme is considered in the implementation, these and other FSA attacks are infeasible since the required byte-wise fault information or faulty outputs are no longer available from the circuit.…”

Fault Sensitivity Analysis Meets Zero-Value Attack

“…3(c). It can be seen that the time required to have a stable output if the S-box input switches to the zero value is notably shorter compared to the other cases, which was also discovered in [20] and [17]. In fact, this is a variant of the zero-value vulnerability first described in [4].…”

“…Because of the special case that a zero input to the inversion circuit of the AES S-box is directly mapped to the zero output, the critical path delay of this input is especially short. This was first assumed as possibility in [20] and later confirmed by simulation in [17].…”

“…In the following we briefly review the Fault Sensitivity Analysis technique first published in [14] and subsequently refined in later publications [12], [13], [20]. We also give a short overview on recent Concurrent Error Detection (CED) schemes.…”

“…Since it could be shown that AND gates exhibit a small delay when switching to zero inputs, the critical path can be well approximated by a Hamming weight (HW) model. Some improvements to FSA have been published in [20], where the linear difference between key bytes could be recovered by correlation collision attacks first presented in [18]. Both presented improvements rely on the similarity of different S-box instances in the targeted ASIC implementations, which is usually not the case in FPGA-based implementations.…”

“…Both presented improvements rely on the similarity of different S-box instances in the targeted ASIC implementations, which is usually not the case in FPGA-based implementations. As one of the improvements shown in [20], the distribution of the faulty ciphertext bytes for two S-box instances are compared to extract the secret. However, if a fault detection scheme is considered in the implementation, these and other FSA attacks are infeasible since the required byte-wise fault information or faulty outputs are no longer available from the circuit.…”

Fault Sensitivity Analysis Meets Zero-Value Attack

Fault Sensitivity Analysis of Lattice-Based Post-Quantum Cryptographic Components

Side-Channel Leakage of Alarm Signal for a Bulk-Current-Based Laser Sensor