scholarly journals Detecting Faults in Inner-Product Masking Scheme - IPM-FD: IPM with Fault Detection

10.29007/fv2n ◽  
2019 ◽  
Author(s):  
Wei Cheng ◽  
Claude Carlet ◽  
Kouassi Goli ◽  
Jean-Luc Danger ◽  
Sylvain Guilley
Keyword(s):  
Fault Detection ◽  
Fault Injection ◽  
Inner Product ◽  
Side Channel ◽  
Embedded Devices ◽  
Side Channel Analysis ◽  
Injection Attacks ◽  
Word Level ◽  
Channel Analysis ◽  
Fault Injection Attacks

Side-channel analysis and fault injection attacks are two typical threats to cryptographic implementations, especially in modern embedded devices. Thus there is an insistent demand for dual side-channel and fault injection protections. As it is known, masking scheme is a kind of provable countermeasures against side-channel attacks. Recently, inner product masking (IPM) was proposed as a promising higher-order masking scheme against side-channel analysis, but not for fault injection attacks. In this paper, we devise a new masking scheme named IPM-FD. It is built on IPM, which enables fault detection. This novel masking scheme has three properties: the security orders in the word-level probing model, bit-level probing model, and the number of detected faults. IPM-FD is proven secure both in the word-level and in the bit-level probing models, and allows for end-to-end fault detection against fault injection attacks.Furthermore, we illustrate its security order by linking it to one defining parameters of linear code, and show its implementation cost by applying IPM-FD to AES-128.

Optical Fault Injection Attacks against Cipher Chip

2014 ◽  
Vol 1044-1045 ◽  
pp. 1498-1502 ◽  
Author(s):  
Hong Sheng Wang ◽  
Dao Gang Ji ◽  
Yang Zhang ◽  
Kai Yan Chen ◽  
Kai Song
Keyword(s):  
Fault Injection ◽  
Side Channel ◽  
Side Channel Attack ◽  
Side Channel Attacks ◽  
Secret Information ◽  
Injection Attacks ◽  
Cryptographic Algorithms ◽  
Fault Injection Attacks

Cipher chips, such as microprocessors, are playing the important role in most cryptosystems, and implementing many public cryptographic algorithms. However, Side channel attacks pose serious threats to Cipher chips. Optical Side channel attack is a new kind of method against cipher chips. Two methods are presented in this paper, which shows how to implement optical fault injection attacks against RSA and AES algorithms running on AT89C52 microchip, and demonstrates how to exploit secret information under attack.

Countermeasures against physical security attacks on ICs utilizing on-chip wideband ADCs

2022 ◽  
Author(s):  
Takuji Miki ◽  
Makoto Nagata
Keyword(s):  
Active Fault ◽  
Fault Injection ◽  
Side Channel ◽  
Security Attacks ◽  
Input Buffer ◽  
Analog To Digital ◽  
Side Channel Analysis ◽  
Measurement Results ◽  
Channel Analysis ◽  
On Chip

Abstract Cryptographic ICs on edge devices for internet-of-things (IoT) applications are exposed to an adversary and threatened by malicious side channel analysis. On-chip analog monitoring by sensor circuits embedded inside the chips is one of the possible countermeasures against such attacks. An on-chip monitor circuit consisting of a successive approximation register (SAR) analog-to-digital converter (ADC) and an input buffer acquires a wideband signal, which enables to detects an irregular noise due to an active fault injection and a passive side channel leakage analysis. In this paper, several countermeasures against security attacks utilizing wideband on-chip monitors are reviewed. Each technique is implemented on a prototype chip, and the measurement results prove they can effectively detect and diagnose the security attacks.

scholarly journals Blind Cartography for Side Channel Attacks: Cross-Correlation Cartography

2012 ◽  
Vol 2012 ◽  
pp. 1-9 ◽  
Author(s):  
Laurent Sauvage ◽  
Sylvain Guilley ◽  
Florent Flament ◽  
Jean-Luc Danger ◽  
Yves Mathieu
Keyword(s):  
Correlation Analysis ◽  
Cross Correlation ◽  
Fault Injection ◽  
Near Field ◽  
Side Channel ◽  
Side Channel Attacks ◽  
The Past ◽  
Injection Attacks ◽  
Areas Of Interest ◽  
Fault Injection Attacks

Side channel and fault injection attacks are major threats to cryptographic applications of embedded systems. Best performances for these attacks are achieved by focusing sensors or injectors on the sensible parts of the application, by means of dedicated methods to localise them. Few methods have been proposed in the past, and all of them aim at pinpointing the cryptoprocessor. However it could be interesting to exploit the activity of other parts of the application, in order to increase the attack's efficiency or to bypass its countermeasures. In this paper, we present a localisation method based on cross-correlation, which issues a list of areas of interest within the attacked device. It realizes an exhaustive analysis, since it may localise any module of the device, and not only those which perform cryptographic operations. Moreover, it also does not require a preliminary knowledge about the implementation, whereas some previous cartography methods require that the attacker could choose the cryptoprocessor inputs, which is not always possible. The method is experimentally validated using observations of the electromagnetic near field distribution over a Xilinx Virtex 5 FPGA. The matching between areas of interest and the application layout in the FPGA floorplan is confirmed by correlation analysis.

scholarly journals The Uncertainty of Side-channel Analysis: A Way to Leverage from Heuristics

2021 ◽  
Vol 17 (3) ◽  
pp. 1-27
Author(s):  
Unai Rioja ◽  
Servio Paguada ◽  
Lejla Batina ◽  
Igor Armendariz
Keyword(s):  
Six Sigma ◽  
Security Analysis ◽  
Side Channel ◽  
Security Analysts ◽  
Embedded Devices ◽  
Side Channel Analysis ◽  
Analysis Process ◽  
Channel Analysis ◽  
Optimal Values ◽  
Six Sigma Methodology

Performing a comprehensive side-channel analysis evaluation of small embedded devices is a process known for its variability and complexity. In real-world experimental setups, the results are largely influenced by a huge amount of parameters, some of which are not easily adjusted without trial and error and are heavily relying on the experience of professional security analysts. In this article, we advocate the usage of an existing statistical methodology called Six Sigma (6 ) for side-channel analysis optimization. This well-known methodology is commonly used in other industrial fields, such as production and quality engineering, to reduce the variability of industrial processes. We propose a customized Six Sigma methodology, which allows even a less-experienced security analysis to select optimal values for the different variables that are critical for the side-channel analysis procedure. Moreover, we show how our methodology helps in improving different phases in the side-channel analysis process.

QuadSeal: Quadruple Balancing to Mitigate Power Analysis Attacks with Variability Effects and Electromagnetic Fault Injection Attacks

2021 ◽  
Vol 26 (5) ◽  
pp. 1-36
Author(s):  
Darshana Jayasinghe ◽  
Aleksandar Ignjatovic ◽  
Roshan Ragel ◽  
Jude Angelo Ambrose ◽  
Sri Parameswaran
Keyword(s):  
Power Analysis ◽  
Fault Injection ◽  
Side Channel ◽  
Aging Effects ◽  
Side Channel Attacks ◽  
Power Analysis Attacks ◽  
Injection Attacks ◽  
Differential Fault Analysis ◽  
Secret Keys ◽  
Fault Injection Attacks

Side channel analysis attacks employ the emanated side channel information to deduce the secret keys from cryptographic implementations by analyzing the power traces during execution or scrutinizing faulty outputs. To be effective, a countermeasure must remove or conceal as many as possible side channels. However, many of the countermeasures against side channel attacks are applied independently. In this article, the authors present a novel countermeasure (referred to as QuadSeal ) against Power Analysis Attacks and Electromagentic Fault Injection Attacks (FIAs), which is an extension of the work proposed in Reference [27]. The proposed solution relies on algorithmically balancing both Hamming distances and Hamming weights (where the bit transitions on the registers and gates are balanced, and the total number of 1s and 0s are balanced) by the use of four identical circuits with differing inputs and modified SubByte tables. By randomly rotating the four encryptions, the system is protected against variations, path imbalances, and aging effects. After generating the ciphertext, the output of each circuit is compared against each other to detect any fault injections or to correct the faulty ciphertext to gain reliability. The proposed countermeasure allows components to be switched off to save power or to run four executions in parallel for high performance when resistance against power analysis attacks is not of high priority, which is not available with the existing countermeasures (except software based where source code can be changed). The proposed countermeasure is implemented for Advanced Encryption Standard (AES) and tested against Correlation Power Analysis and Mutual Information Attacks attacks (for up to a million traces), and none of the secret keys was found even after one million power traces (the unprotected AES circuit is vulnerable for power analysis attacks within 5,000 power traces). A detection circuit (referred to as C-FIA circuit) is operated using the algorithmic redundancy presented in four circuits of QuadSeal to mitigate Electromagnetic Fault Injection Attacks. Using Synopsys PrimeTime, we measured the power dissipation of QuadSeal registers and XOR gates to test the effectiveness of Quadruple balancing methodology. We tested the QuadSeal countermeasure with C-FIA circuit against Differential Fault Analysis Attacks up to one million traces; no bytes of the secret key were found. This is the smallest known circuit that is capable of withstanding power-based side channel attacks when electromagnetic injection attack resistance, process variations, path imbalances, and aging effects are considered.

scholarly journals Shaping the Glitch: Optimizing Voltage Fault Injection Attacks

2019 ◽  
pp. 199-224 ◽  
Author(s):  
Claudio Bozzato ◽  
Riccardo Focardi ◽  
Francesco Palmarini
Keyword(s):  
Power Supply ◽  
Fault Injection ◽  
Low Cost ◽  
Injection Technique ◽  
Side Channel ◽  
Sensitive Data ◽  
Injection Attacks ◽  
Side Channels ◽  
Security Checks ◽  
Fault Injection Attacks

Voltage fault injection is a powerful active side channel attack that modifies the execution-flow of a device by creating disturbances on the power supply line. The attack typically aims at skipping security checks or generating side-channels that gradually leak sensitive data, including the firmware code. In this paper we propose a new voltage fault injection technique that generates fully arbitrary voltage glitch waveforms using off-the-shelf and low cost equipment. To show the effectiveness of our setup, we present new, unpublished firmware extraction attacks on six microcontrollers from three major manufacturers: STMicroelectronics, Texas Instruments and Renesas Electronics that, in 2016 declared a market of $1.5 billion, $800 million and $2.5 billion on units sold, respectively. Among the presented attacks, the most challenging ones exploit multiple vulnerabilities and inject over one million glitches, heavily leveraging on the performance and repeatability of the new proposed technique. We perform a thorough evaluation of arbitrary glitch waveforms by comparing the attack performance against two other major V-FI techniques in the literature. Along a responsible disclosure policy, all the vulnerabilities have been timely reported to the manufacturers.

scholarly journals Revisiting a Methodology for Efficient CNN Architectures in Profiling Attacks

2020 ◽  
pp. 147-168
Author(s):  
Lennert Wouters ◽  
Victor Arribas ◽  
Benedikt Gierlichs ◽  
Bart Preneel
Keyword(s):  
Critical Review ◽  
Academic Research ◽  
Side Channel ◽  
Data Sets ◽  
Embedded Devices ◽  
Side Channel Analysis ◽  
Similar Performance ◽  
Public Data ◽  
Filter Size ◽  
Channel Analysis

This work provides a critical review of the paper by Zaid et al. titled “Methodology for Efficient CNN Architectures in Profiling attacks”, which was published in TCHES Volume 2020, Issue 1. This work studies the design of CNN networks to perform side-channel analysis of multiple implementations of the AES for embedded devices. Based on the authors’ code and public data sets, we were able to cross-check their results and perform a thorough analysis. We correct multiple misconceptions by carefully inspecting different elements of the model architectures proposed by Zaid et al. First, by providing a better understanding on the internal workings of these models, we can trivially reduce their number of parameters on average by 52%, while maintaining a similar performance. Second, we demonstrate that the convolutional filter’s size is not strictly related to the amount of misalignment in the traces. Third, we show that increasing the filter size and the number of convolutions actually improves the performance of a network. Our work demonstrates once again that reproducibility and review are important pillars of academic research. Therefore, we provide the reader with an online Python notebook which allows to reproduce some of our experiments1 and additional example code is made available on Github.2

On the Construction of Binary Optimal LCD Codes with Short Length

2019 ◽  
Vol 30 (08) ◽  
pp. 1237-1245
Author(s):  
Qiang Fu ◽  
Ruihu Li ◽  
Fangwei Fu ◽  
Yi Rao
Keyword(s):  
Fault Injection ◽  
Low Complexity ◽  
Short Length ◽  
Upper And Lower Bounds ◽  
Side Channel ◽  
Injection Attacks ◽  
Lcd Codes ◽  
New Codes ◽  
Lcd Code ◽  
Fault Injection Attacks

A [Formula: see text]-ary linear code [Formula: see text] is called a linear complementary dual (LCD) code if it meets its dual trivially. Binary LCD codes play a significant role for their advantage of low complexity for implementations against side-channel attacks and fault injection attacks. In this paper, the problem of finding LCD codes over the binary field is discussed. Many new codes and new bounds are presented, as well as a table of optimal LCD codes (or upper and lower bounds on such codes) of length up to 30 bits.

scholarly journals Electromagnetic and Power Side-Channel Analysis: Advanced Attacks and Low-Overhead Generic Countermeasures through White-Box Approach

Cryptography ◽  
2020 ◽  
Vol 4 (4) ◽  
pp. 30
Author(s):  
Debayan Das ◽  
Shreyas Sen
Keyword(s):  
Deep Learning ◽  
State Of The Art ◽  
Side Channel ◽  
Secret Key ◽  
Embedded Devices ◽  
Side Channel Analysis ◽  
Root Cause ◽  
Channel Analysis ◽  
Metal Layers ◽  
A Current

Electromagnetic and power side-channel analysis (SCA) provides attackers a prominent tool to extract the secret key from the cryptographic engine. In this article, we present our cross-device deep learning (DL)-based side-channel attack (X-DeepSCA) which reduces the time to attack on embedded devices, thereby increasing the threat surface significantly. Consequently, with the knowledge of such advanced attacks, we performed a ground-up white-box analysis of the crypto IC to root-cause the source of the electromagnetic (EM) side-channel leakage. Equipped with the understanding that the higher-level metals significantly contribute to the EM leakage, we present STELLAR, which proposes to route the crypto core within the lower metals and then embed it within a current-domain signature attenuation (CDSA) hardware to ensure that the critical correlated signature gets suppressed before it reaches the top-level metal layers. CDSA-AES256 with local lower metal routing was fabricated in a TSMC 65 nm process and evaluated against different profiled and non-profiled attacks, showing protection beyond 1B encryptions, compared to ∼10K for the unprotected AES. Overall, the presented countermeasure achieved a 100× improvement over the state-of-the-art countermeasures available, with comparable power/area overheads and without any performance degradation. Moreover, it is a generic countermeasure and can be used to protect any crypto cores while preserving the legacy of the existing implementations.

Sign in / Sign up

Export Citation Format

Share Document