Fault sensitivity analysis
Yang Li,Kazuo Sakiyama,Shigeto Gomisawa,Toshinori Fukunaga,Junko Takahashi,Kazuo Ohta +5 more
- pp 320-334
Reads0
Chats0
TLDR
It is shown that WDDL-AES is not perfectly secure against setup-time violation attacks, and a masking technique is discussed as a potential countermeasure against the proposed fault-based attack.Abstract:
This paper proposes a new fault-based attack called the Fault Sensitivity Analysis (FSA) attack, which unlike most existing fault-based analyses including Differential Fault Analysis (DFA) does not use values of faulty ciphertexts. Fault sensitivity means the critical condition when a faulty output begins to exhibit some detectable characteristics, e.g., the clock frequency when fault operation begins to occur. We explain that the fault sensitivity exhibits sensitive-data dependency and can be used to retrieve the secret key. This paper presents two practical FSA attacks against two AES hardware implementations on SASEBO-R, PPRM1-AES and WDDL-AES. Different from previous work, we show that WDDL-AES is not perfectly secure against setup-time violation attacks. We also discuss a masking technique as a potential countermeasure against the proposed fault-based attack.read more
Citations
More filters
Book
Model-based Fault Diagnosis Techniques: Design Schemes, Algorithms, and Tools
TL;DR: This book is to introduce basic model-based FDI schemes, advanced analysis and design algorithms and the needed mathematical and control theory tools at a level for graduate students and researchers as well as for engineers.
Proceedings ArticleDOI
Electromagnetic Transient Faults Injection on a Hardware and a Software Implementations of AES
TL;DR: Reporting actual faults injection induced by EMPs in targets and describing their main properties and explaining the coupling mechanism between the antenna used to produce the EMP and the targeted circuit, which causes the faults.
Journal ArticleDOI
Hardware Designer's Guide to Fault Attacks
TL;DR: An insight into the field of fault attacks and countermeasures to help the designer to protect the design against this type of implementation attacks and a guide for selecting a set of countermeasures, which provides a sufficient security level to meet the constraints of the embedded devices.
Proceedings ArticleDOI
SIFA: Exploiting Ineffective Fault Inductions on Symmetric Cryptography
Christoph Dobraunig,Maria Eichlseder,Thomas Korak,Stefan Mangard,Florian Mendel,Robert Primas +5 more
TL;DR: Novel fault attacks that work in the presence of detection-based and infective countermeasures are presented and the attacks exploit the fact that intermediate values leading to “fault-free” ciphertexts show a non-uniform distribution, while they should be distributed uniformly.
Proceedings ArticleDOI
Differential Fault Intensity Analysis
TL;DR: Differential Fault Intensity Analysis is introduced, which combines the principles of Differential Power Analysis and fault injection and finds that with an average of 7 fault injections, it can reconstruct a full 128-bit AES key.
References
More filters
Book ChapterDOI
Differential Fault Analysis of Secret Key Cryptosystems
Eli Biham,Adi Shamir +1 more
TL;DR: This work states that this attack is applicable only to public key cryptosystems such as RSA, and not to secret key algorithms such as the Data Encryption Standard (DES).
Book
Advances in Cryptology - CRYPTO '97
TL;DR: Die Online-Fachbuchhandlung beck-shop.de ist spezialisiert auf Fachbücher, insbesondere Recht, Steuern und Wirtschaft, und ergänzt das Programm durch Services wie Neuerscheinungsdienst oder Zusammenstellungen von Büchern zu Sonderpreisen.
Proceedings ArticleDOI
A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation
Kris Tiri,Ingrid Verbauwhede +1 more
TL;DR: A novel design methodology to implement a secure DPA resistant crypto processor that combines standard building blocks to make 'new' compound standard cells, which have a close to constant power consumption.
BookDOI
Cryptographic Hardware and Embedded Systems - CHES 2002
TL;DR: A technology to block a new class of attacks on secure microcontrollers and smartcards whereby a logical 1 or 0 is not encoded by a high or low voltage on a single line, but by (HL or (LH) on a pair of lines.
Book ChapterDOI
A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD
TL;DR: The differential fault attack technique is able to break the AES-128 with only 2 faulty ciphertexts, assuming the fault occurs between the antepenultimate and the penultimate MixColumn; this is better than the previous fault attacks against AES.