scholarly journals A comment on information leakage from robust code-based checkers detecting fault attacks on cryptographic primitives

10.29007/r2sc ◽  
2019 ◽  
Author(s):  
Osnat Keren ◽  
Ilia Polian
Keyword(s):  
Error Detection ◽  
Fault Injection ◽  
Information Leakage ◽  
Secret Key ◽  
Cryptographic Primitives ◽  
Significant Information ◽  
Injection Attacks ◽  
Robust Codes ◽  
Fault Injection Attacks ◽  
The Relationship

Cryptographic hardware primitives must be protected against fault-injection attacks. Security-oriented error-detecting codes provide (probabilistic) guarantees for detection of maliciously injected faults even under assumption of a sophisticated attacker with access to powerful equipment.In this paper, we revisit the earlier finding that error-detection infrastructure may increase the undesired information leakage. We formalize the information leakage from the checker response by means of mutual information. We apply our analysis to the best security-oriented robust codes known today. We prove that the probability of an undetected attack is exponentially smaller than the entropy loss due to information leak from the checker. This means that an attack will be detected far before the attacker will gain significant information. Given a bound for acceptable information leakage (e.g., 0.5 bits of a 128-bit secret key), our analysis allows the designer to easily choose the number of redundant bits required to stay below that bound. The obtained results extend our knowledge about the relationship between detection capabilities of codes and information leakage due to them.

scholarly journals A Secure Architecture for Modular Division over a Prime Field against Fault Injection Attacks

2020 ◽  
Vol 10 (5) ◽  
pp. 1700
Author(s):  
Xiaoting Hu ◽  
Zhongping Qin
Keyword(s):  
Error Detection ◽  
Fault Injection ◽  
Processing Element ◽  
Main Function ◽  
Prime Field ◽  
Injection Attacks ◽  
Fault Injection Attack ◽  
Fault Injection Attacks ◽  
Detection Schemes ◽  
Secure Architecture

Fault injection attacks pose a serious threat to many cryptographic devices. The security of most cryptographic devices hinges on a key block called modular division (MD) over a prime field. Although a lot of research has been done to implement the MD over a prime field in hardware efficiently, studies on secure architecture against fault injection attack are very few. A few of the studies that focused on secure architecture against fault injection attack can only detect faults but not locate faults. In this regard, this paper designs a novel secure architecture for the MD over a prime field, which can not only detect faults, but also can locate the error processing element. In order to seek the best optimal performance, four word-oriented systolic structures of a main function module (MFM) were designed, and three error detection schemes were developed based on different linear arithmetic codes (LACs). The MFM structures were combined flexibly with the error detection schemes. The time and area overheads of our architecture were analyzed through the implementation in an application-specific integrated circuit (ASIC), while the error detection and location capabilities of our architecture were demonstrated by C++ simulation, in comparison to two existing methods. The results show that our architecture can detect single-bit error (SBE) with 100% accuracy and locate the erroneous processing element (PE), and correctly identify most of the single PE errors and almost all of the multi-PE errors (when there are more than three erroneous PEs). The only weakness of our architecture is the relatively high time and area overhead ratios.

scholarly journals Novel Fault Injection Attack without Artificial Trigger

2020 ◽  
Vol 10 (11) ◽  
pp. 3849
Author(s):  
HanSeop Lim ◽  
JongHyeok Lee ◽  
Dong-Guk Han
Keyword(s):  
Power Analysis ◽  
Fault Injection ◽  
Electromagnetic Emission ◽  
Injection System ◽  
Injection Time ◽  
Secret Key ◽  
Injection Attacks ◽  
Input Signals ◽  
Fault Injection Attack ◽  
Fault Injection Attacks

Theoretical process of fault injection attacks is defined as a process of recovering a secret key assuming that an attacker can inject faults into a specific targeted operation. Therefore, an artificial triggering is required to execute such an attack. However, when conducting analysis on real devices, artificial triggering needs to rely on a powerful assumption, such as manipulation of internal codes. In this paper, we propose a novel fault injection system using Input/Output (I/O) signals of target devices as a trigger for relaxing an attacker assumption. This system does not require an implementation of artificial triggering as input signals are used as a trigger in transmission of plaintexts for fault injection attacks. As a result, the attacker can perform fault injection attacks concerning the entire encryption process. To decide the fault injection time based on the trigger, the proposed system applies simple power analysis (SPA), employing electromagnetic emission of target devices. Considering that the fault injection time identified by SPA can be relatively vague compared with that obtained using a system based on an artificial triggering, we address this problem by proposing a process to recover the secret key without knowing the byte index of an injected fault.

scholarly journals Constructing software countermeasures against instruction manipulation attacks: an approach based on vulnerability evaluation using fault simulator

2021 ◽  
Author(s):  
Junichi Sakamoto ◽  
Shungo Hayashi ◽  
Daisuke Fujimoto ◽  
Tsutomu Matsumoto
Keyword(s):  
Fault Injection ◽  
Information Leakage ◽  
Performance Difference ◽  
Injection Attacks ◽  
Vulnerability Evaluation ◽  
Evaluation Time ◽  
Confidential Data ◽  
Target Program ◽  
Laser Fault Injection ◽  
Fault Injection Attacks

AbstractFault injection attacks (FIA), which cause information leakage by injecting intentional faults into the data or operations of devices, are one of the most powerful methods compromising the security of confidential data stored on these devices. Previous studies related to FIA report that attackers can skip instructions running on many devices through many means of fault injection. Most existing anti-FIA countermeasures on software are designed to secure against instruction skip (IS). On the other hand, recent studies report that attackers can use laser fault injection to manipulate instructions running on devices as they want. Although the previous studies have shown that instruction manipulation (IM) could attack the existing countermeasures against IS, no effective countermeasures against IM have been proposed. This paper is the first work tackling this problem, aiming to construct software-based countermeasures against IM faults. Evaluating program vulnerabilities to IM faults is required to consider countermeasures against IM faults. We propose three IM simulation environments for that aim and compare them to reveal their performance difference. GDB (GNU debugger)-based simulator that we newly propose in this paper outperforms the QEMU-based simulator that we presented in AICCSA:1–8, 2020 in advance, in terms of evaluation time at most $$\times$$ × 400 faster. Evaluating a target program using the proposed IM simulators reveals that the IM faults leading to attack successes are classified into four classes. We propose secure coding techniques as countermeasures against IMs of each four classes and show the effectiveness of the countermeasures using the IM simulators.

scholarly journals Security Analysis of HMAC/NMAC by Using Fault Injection

2013 ◽  
Vol 2013 ◽  
pp. 1-6 ◽  
Author(s):  
Kitae Jeong ◽  
Yuseop Lee ◽  
Jaechul Sung ◽  
Seokhie Hong
Keyword(s):  
Computational Complexity ◽  
Fault Injection ◽  
Security Analysis ◽  
Hash Functions ◽  
Main Idea ◽  
Secret Key ◽  
Key Recovery ◽  
Injection Attacks ◽  
Fault Injection Attacks ◽  
Key Recovery Attacks

In Choukri and Tunstall (2005), the authors showed that if they decreased the number of rounds in AES by injecting faults, it is possible to recover the secret key. In this paper, we propose fault injection attacks on HMAC/NMAC by applying the main idea of their attack. These attacks are applicable to HMAC/NMAC based on the MD-family hash functions and can recover the secret key with the negligible computational complexity. Particularly, these results on HMAC/NMAC-SHA-2 are the first known key recovery attacks so far.

scholarly journals Private circuits II versus fault injection attacks

2015 ◽  
Author(s):  
Henitsoa Rakotomalala ◽  
Xuan Thuy Ngo ◽  
Zakaria Najm ◽  
Jean-Luc Danger ◽  
Sylvain Guilley
Keyword(s):  
Fault Injection ◽  
Injection Attacks ◽  
Fault Injection Attacks

scholarly journals DeepStrike: Remotely-Guided Fault Injection Attacks on DNN Accelerator in Cloud-FPGA

2021 ◽  
Author(s):  
Yukui Luo ◽  
Cheng Gongye ◽  
Yunsi Fei ◽  
Xiaolin Xu
Keyword(s):  
Fault Injection ◽  
Injection Attacks ◽  
Fault Injection Attacks
Sign in / Sign up

Export Citation Format

Share Document