Hardware-Oriented Algebraic Fault Attack Framework with Multiple Fault Injection Support

2019 ◽  
Author(s):  
Mael Gay ◽  
Tobias Paxian ◽  
Devanshi Upadhyaya ◽  
Bernd Becker ◽  
Ilia Polian
Keyword(s):  
Fault Injection ◽  
Multiple Fault ◽  
Fault Attack

scholarly journals FEDS: Comprehensive Fault Attack Exploitability Detection for Software Implementations of Block Ciphers

2020 ◽  
pp. 272-299
Author(s):  
Keerthi K ◽  
Indrani Roy ◽  
Chester Rebeiro ◽  
Aritra Hazra ◽  
Swarup Bhunia
Keyword(s):  
Fault Injection ◽  
Comprehensive Assessment ◽  
Fault Models ◽  
Fault Attacks ◽  
Fault Attack ◽  
Injection Attacks ◽  
Wide Range ◽  
Software Implementations ◽  
Implementation Level ◽  
Automated Tools

Fault injection attacks are one of the most powerful forms of cryptanalytic attacks on ciphers. A single, precisely injected fault during the execution of a cipher like the AES, can completely reveal the key within a few milliseconds. Software implementations of ciphers, therefore, need to be thoroughly evaluated for such attacks. In recent years, automated tools have been developed to perform these evaluations. These tools either work on the cipher algorithm or on their implementations. Tools that work at the algorithm level can provide a comprehensive assessment of fault attack vulnerability for different fault attacks and with different fault models. Their application is, however, restricted because every realization of the cipher has unique vulnerabilities. On the other hand, tools that work on cipher implementations have a much wider application but are often restricted by the range of fault attacks and the number of fault models they can evaluate.In this paper, we propose a framework, called FEDS, that uses a combination of compiler techniques and model checking to merge the advantages of both, algorithmic level tools as well as implementation level tools. Like the algorithmic level tools, FEDS can provide a comprehensive assessment of fault attack exploitability considering a wide range of fault attacks and fault models. Like implementation level tools, FEDS works with implementations, therefore has wide application. We demonstrate the versatility of FEDS by evaluating seven different implementations of AES (including bitsliced implementation) and implementations of CLEFIA and CAMELLIA for Differential Fault Attacks. The framework automatically identifies exploitable instructions in all implementations. Further, we present an application of FEDS in a Fault Attack Aware Compiler, that can automatically identify and protect exploitable regions of the code. We demonstrate that the compiler can generate significantly more efficient code than a naïvely protected equivalent, while maintaining the same level of protection.

Multiple Fault Injection Platform for SRAM-Based FPGA Based on Ground-Level Radiation Experiments

2016 ◽  
pp. 135-151
Author(s):  
Jorge Tonfat ◽  
Jimmy Tarrillo ◽  
Lucas Tambara ◽  
Fernanda Lima Kastensmidt ◽  
Ricardo Reis
Keyword(s):  
Fault Injection ◽  
Ground Level ◽  
Multiple Fault

A Fault Attack on the Family of Enocoro Stream Ciphers

Cryptography ◽  
2021 ◽  
Vol 5 (4) ◽  
pp. 26
Author(s):  
Julian Danner ◽  
Martin Kreuzer
Keyword(s):  
Fault Injection ◽  
Internal State ◽  
Linear Equations ◽  
Stream Ciphers ◽  
Secret Key ◽  
Fault Attack ◽  
Time Period ◽  
The Family ◽  
Small Parts ◽  
Differential Fault Attack

A differential fault attack framework for the Enocoro family of stream ciphers is presented. We only require that the attacker can reset the internal state and inject a random byte-fault, in a random register, during a known time period. For a single fault injection, we develop a differential clocking algorithm that computes a set of linear equations in the in- and output differences of the non-linear parts of the cipher and relates them to the differential keystream. The usage of these equations is two-fold. Firstly, one can determine those differentials that can be computed from the faulty keystream, and secondly they help to pin down the actual location and timing of the fault injection. Combining these results, each fault injection gives us information on specific small parts of the internal state. By encoding the information we gain from several fault injections using the weighted Horn clauses, we construct a guessing path that can be used to quickly retrieve the internal state using a suitable heuristic. Finally, we evaluate our framework with the ISO-standardized and CRYPTREC candidate recommended cipher Enocoro-128v2. Simulations show that, on average, the secret key can be retrieved within 20 min on a standard workstation using less than five fault injections.

scholarly journals Fault Attack on the Authenticated Cipher ACORN v2

2017 ◽  
Vol 2017 ◽  
pp. 1-16 ◽  
Author(s):  
Xiaojuan Zhang ◽  
Xiutao Feng ◽  
Dongdai Lin
Keyword(s):  
Time Complexity ◽  
Fault Injection ◽  
Linear Equations ◽  
Stream Ciphers ◽  
Second Step ◽  
System Of Equations ◽  
Initial State ◽  
Fault Attack ◽  
Equation Solving ◽  
Fault Locating

Fault attack is an efficient cryptanalysis method against cipher implementations and has attracted a lot of attention in recent public cryptographic literatures. In this work we introduce a fault attack on the CAESAR candidate ACORN v2. Our attack is done under the assumption of random fault injection into an initial state of ACORN v2 and contains two main steps: fault locating and equation solving. At the first step, we first present a fundamental fault locating method, which uses 99-bit output keystream to determine the fault injected location with probability 97.08%. And then several improvements are provided, which can further increase the probability of fault locating to almost 1. As for the system of equations retrieved at the first step, we give two solving methods at the second step, that is, linearization and guess-and-determine. The time complexity of our attack is not larger than c·2179.19-1.76N at worst, where N is the number of fault injections such that 31≤N≤88 and c is the time complexity of solving linear equations. Our attack provides some insights into the diffusion ability of such compact stream ciphers.

Sign in / Sign up

Export Citation Format

Share Document