Practical Multiple Persistent Faults Analysis

We focus on the multiple persistent faults analysis in this paper to fill existing gaps in its application in a variety of scenarios. Our major contributions are twofold. First, we propose a novel technique to apply persistent fault apply in the multiple persistent faults setting that decreases the number of survived keys and the required data. We demonstrate that by utilizing 1509 and 1448 ciphertexts, the number of survived keys after performing persistent fault analysis on AES in the presence of eight and sixteen faults can be reduced to only 29 candidates, whereas the best known attacks need 2008 and 1643 ciphertexts, respectively, with a time complexity of 250. Second, we develop generalized frameworks for retrieving the key in the ciphertext-only model. Our methods for both performing persistent fault attacks and key-recovery processes are highly flexible and provide a general trade-off between the number of required ciphertexts and the time complexity. To break AES with 16 persistent faults in the Sbox, our experiments show that the number of required ciphertexts can be decreased to 477 while the attack is still practical with respect to the time complexity. To confirm the accuracy of our methods, we performed several simulations as well as experimental validations on the ARM Cortex-M4 microcontroller with electromagnetic fault injection on AES and LED, which are two well-known block ciphers to validate the types of faults and the distribution of the number of faults in practice.

Download Full-text

Persistent Fault Analysis on Block Ciphers

IACR Transactions on Cryptographic Hardware and Embedded Systems ◽

10.46586/tches.v2018.i3.150-172 ◽

2018 ◽

pp. 150-172 ◽

Cited By ~ 3

Author(s):

Fan Zhang ◽

Xiaoxuan Lou ◽

Xinjie Zhao ◽

Shivam Bhasin ◽

Wei He ◽

...

Keyword(s):

Time Synchronization ◽

Fault Injection ◽

Block Ciphers ◽

Fault Analysis ◽

Experimental Results ◽

Fault Attacks ◽

Intrinsic Nature ◽

Fault Attack ◽

Modular Redundancy

Persistence is an intrinsic nature for many errors yet has not been caught enough attractions for years. In this paper, the feature of persistence is applied to fault attacks, and the persistent fault attack is proposed. Different from traditional fault attacks, adversaries can prepare the fault injection stage before the encryption stage, which relaxes the constraint of the tight-coupled time synchronization. The persistent fault analysis (PFA) is elaborated on different implementations of AES-128, specially fault hardened implementations based on Dual Modular Redundancy (DMR). Our experimental results show that PFA is quite simple and efficient in breaking these typical implementations. To show the feasibility and practicability of our attack, a case study is illustrated on the shared library Libgcrypt with rowhammer technique. Approximately 8200 ciphertexts are enough to extract the master key of AES-128 when PFA is applied to Libgcrypt1.6.3 with redundant encryption based DMR. This work puts forward a new direction of fault attacks and can be extended to attack other implementations under more interesting scenarios.

Download Full-text

Differential Fault Attacks on Deterministic Lattice Signatures

IACR Transactions on Cryptographic Hardware and Embedded Systems ◽

10.46586/tches.v2018.i3.21-43 ◽

2018 ◽

pp. 21-43

Author(s):

Leon Groot Bruinderink ◽

Peter Pessl

Keyword(s):

Experimental Verification ◽

Fault Injection ◽

Secret Key ◽

Lattice Basis Reduction ◽

Key Recovery ◽

Signature Schemes ◽

Fault Attacks ◽

Reduction Techniques ◽

Basis Reduction ◽

Lattice Based Cryptography

In this paper, we extend the applicability of differential fault attacks to lattice-based cryptography. We show how two deterministic lattice-based signature schemes, Dilithium and qTESLA, are vulnerable to such attacks. In particular, we demonstrate that single random faults can result in a nonce-reuse scenario which allows key recovery. We also expand this to fault-induced partial nonce-reuse attacks, which do not corrupt the validity of the computed signatures and thus are harder to detect.Using linear algebra and lattice-basis reduction techniques, an attacker can extract one of the secret key elements after a successful fault injection. Some other parts of the key cannot be recovered, but we show that a tweaked signature algorithm can still successfully sign any message. We provide experimental verification of our attacks by performing clock glitching on an ARM Cortex-M4 microcontroller. In particular, we show that up to 65.2% of the execution time of Dilithium is vulnerable to an unprofiled attack, where a random fault is injected anywhere during the signing procedure and still leads to a successful key-recovery.

Download Full-text

A Novel Technique of Error Analysis Based on Test Case Combination

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.536-537.255 ◽

2014 ◽

Vol 536-537 ◽

pp. 255-258

Author(s):

Xi Guo

Keyword(s):

Error Analysis ◽

Small Area ◽

Fault Analysis ◽

Test Case ◽

Additional Test ◽

System Parameters ◽

Novel Technique ◽

Software Debugging

Based on the model and feature of combination testing, a novel technique of fault analysis based on combination testing is proposed. The faults of software can be triggered by system parameters and their interaction. The result of combination testing is analyzed, and discovered the possible reasons, and then generates an additional test cased which involved from the test case causing the fault, and analysis and verify the result. This method can locate the faults in a relative small area, and can simplify the process of software debugging and testing.

Download Full-text

Cryptanalysis of Loiss Stream Cipher-Revisited

Journal of Applied Mathematics ◽

10.1155/2014/457275 ◽

2014 ◽

Vol 2014 ◽

pp. 1-7

Author(s):

Lin Ding ◽

Chenhui Jin ◽

Jie Guan ◽

Qiuyan Wang

Keyword(s):

Time Complexity ◽

Stream Cipher ◽

Linear Equations ◽

Data Complexity ◽

Secret Key ◽

Key Recovery ◽

Systems Of Linear Equations ◽

Key Recovery Attack ◽

Better Than

Loiss is a novel byte-oriented stream cipher proposed in 2011. In this paper, based on solving systems of linear equations, we propose an improved Guess and Determine attack on Loiss with a time complexity of 2231and a data complexity of 268, which reduces the time complexity of the Guess and Determine attack proposed by the designers by a factor of 216. Furthermore, a related key chosenIVattack on a scaled-down version of Loiss is presented. The attack recovers the 128-bit secret key of the scaled-down Loiss with a time complexity of 280, requiring 264chosenIVs. The related key attack is minimal in the sense that it only requires one related key. The result shows that our key recovery attack on the scaled-down Loiss is much better than an exhaustive key search in the related key setting.

Download Full-text

Multidimensional linear cryptanalysis with key difference invariant bias for block ciphers

Cybersecurity ◽

10.1186/s42400-021-00096-4 ◽

2021 ◽

Vol 4 (1) ◽

Author(s):

Wenqin Cao ◽

Wentao Zhang

Keyword(s):

Time Complexity ◽

Block Ciphers ◽

Linear Cryptanalysis ◽

Compression Technique ◽

Key Recovery ◽

Linear Approximations ◽

Theoretical Advantage ◽

Multidimensional Linear ◽

Multidimensional Linear Cryptanalysis ◽

Key Recovery Attacks

AbstractFor block ciphers, Bogdanov et al. found that there are some linear approximations satisfying that their biases are deterministically invariant under key difference. This property is called key difference invariant bias. Based on this property, Bogdanov et al. proposed a related-key statistical distinguisher and turned it into key-recovery attacks on LBlock and TWINE-128. In this paper, we propose a new related-key model by combining multidimensional linear cryptanalysis with key difference invariant bias. The main theoretical advantage is that our new model does not depend on statistical independence of linear approximations. We demonstrate our cryptanalysis technique by performing key recovery attacks on LBlock and TWINE-128. By using the relations of the involved round keys to reduce the number of guessed subkey bits. Moreover, the partial-compression technique is used to reduce the time complexity. We can recover the master key of LBlock up to 25 rounds with about 260.4 distinct known plaintexts, 278.85 time complexity and 261 bytes of memory requirements. Our attack can recover the master key of TWINE-128 up to 28 rounds with about 261.5 distinct known plaintexts, 2126.15 time complexity and 261 bytes of memory requirements. The results are the currently best ones on cryptanalysis of LBlock and TWINE-128.

Download Full-text

Breaking Trivium Stream Cipher Implemented in ASIC Using Experimental Attacks and DFA

Sensors ◽

10.3390/s20236909 ◽

2020 ◽

Vol 20 (23) ◽

pp. 6909

Author(s):

Francisco Eugenio Potestad-Ordóñez ◽

Manuel Valencia-Barrero ◽

Carmen Baena-Oliva ◽

Pilar Parra-Fernández ◽

Carlos Jesús Jiménez-Fernández

Keyword(s):

Stream Cipher ◽

Internal State ◽

Clock Cycle ◽

Fault Analysis ◽

Invasive Technique ◽

Sensitive Information ◽

Secret Key ◽

Key Recovery ◽

Differential Fault Analysis ◽

Secret Keys

One of the best methods to improve the security of cryptographic systems used to exchange sensitive information is to attack them to find their vulnerabilities and to strengthen them in subsequent designs. Trivium stream cipher is one of the lightweight ciphers designed for security applications in the Internet of things (IoT). In this paper, we present a complete setup to attack ASIC implementations of Trivium which allows recovering the secret keys using the active non-invasive technique attack of clock manipulation, combined with Differential Fault Analysis (DFA) cryptanalysis. The attack system is able to inject effective transient faults into the Trivium in a clock cycle and sample the faulty output. Then, the internal state of the Trivium is recovered using the DFA cryptanalysis through the comparison between the correct and the faulty outputs. Finally, a backward version of Trivium was also designed to go back and get the secret keys from the initial internal states. The key recovery has been verified with numerous simulations data attacks and used with the experimental data obtained from the Application Specific Integrated Circuit (ASIC) Trivium. The secret key of the Trivium were recovered experimentally in 100% of the attempts, considering a real scenario and minimum assumptions.

Download Full-text

A Review on Evaluation and Configuration of Fault Injection Attack Instruments to Design Attack Resistant MCU-Based IoT Applications

Electronics ◽

10.3390/electronics9071153 ◽

2020 ◽

Vol 9 (7) ◽

pp. 1153

Author(s):

Zahra Kazemi ◽

David Hely ◽

Mahdi Fazeli ◽

Vincent Beroulle

Keyword(s):

Fault Injection ◽

Low Cost ◽

Security And Privacy ◽

Production Cycle ◽

Fault Attacks ◽

Primary Means ◽

Level Of Knowledge ◽

Iot Devices ◽

Fault Injection Attack ◽

Evaluation Platform

The Internet-of-Things (IoT) has gained significant importance in all aspects of daily life, and there are many areas of application for it. Despite the rate of expansion and the development of infrastructure, such systems also bring new concerns and challenges. Security and privacy are at the top of the list and must be carefully considered by designers and manufacturers. Not only do the devices need to be protected against software and network-based attacks, but proper attention must also be paid to recently emerging hardware-based attacks. However, low-cost unit software developers are not always sufficiently aware of existing vulnerabilities due to these kinds of attacks. To tackle the issue, various platforms are proposed to enable rapid and easy evaluation against physical attacks. Fault attacks are the noticeable type of physical attacks, in which the normal and secure behavior of the targeted devices is liable to be jeopardized. Indeed, such attacks can cause serious malfunctions in the underlying applications. Various studies have been conducted in other research works related to the different aspects of fault injection. Two of the primary means of fault attacks are clock and voltage fault injection. These attacks can be performed with a moderate level of knowledge, utilizing low-cost facilities to target IoT systems. In this paper, we explore the main parameters of the clock and voltage fault generators. This can help hardware security specialists to develop an open-source platform and to evaluate their design against such attacks. The principal concepts of both methods are studied for this purpose. Thereafter, we conclude our paper with the need for such an evaluation platform in the design and production cycle of embedded systems and IoT devices.

Download Full-text

SECURITY ANALYSIS OF AES USING FUNCTIONALITY FAULT MODEL

Journal of Circuits System and Computers ◽

10.1142/s0218126607004040 ◽

2007 ◽

Vol 16 (06) ◽

pp. 883-894 ◽

Cited By ~ 1

Author(s):

OLIVIER FAURAX ◽

TRAIAN MUNTEAN

Keyword(s):

Fault Injection ◽

Security Analysis ◽

Fault Model ◽

Physical Disturbance ◽

Fault Attacks ◽

Number Of Injections

Security of cryptographic circuits is a major concern. Smartcards are targeted by sophisticated attacks like fault attacks that combine physical disturbance and cryptanalysis. We propose a methodology and a tool (PAFI) to analyze the robustness of circuits under fault attacks using fault injection in simulation. The number of injections is reduced by taking into account the function of the latches in the whole circuit. We tested a circuit implementing the cryptosystem AES and showed that our approach reduces the number of fault injections to be performed (- 80%). Moreover, most of the selected injection points are the ones that lead to known fault attacks (95%).

Download Full-text

An Automated Framework for Exploitable Fault Identification in Block Ciphers – A Data Mining Approach

10.29007/fmzl ◽

2018 ◽

Author(s):

Sayandeep Saha ◽

Ujjawal Kumar ◽

Debdeep Mukhopadhyay ◽

Pallab Dasgupta

Keyword(s):

Data Mining ◽

Complexity Analysis ◽

Practical Interest ◽

Block Ciphers ◽

Fault Analysis ◽

Fault Attacks ◽

Differential Fault Analysis ◽

Analysis Scheme ◽

Fault Characterization

Characterization of all possible faults in a cryptosystem exploitable for fault attacks is a problem which is of both theoretical and practical interest for the cryptographic community. The complete knowledge of exploitable fault space is desirable while designing optimal countermeasures for any given crypto-implementation. In this paper, we address the exploitable fault characterization problem in the context of Differential Fault Analysis (DFA) attacks on block ciphers. The formidable size of the fault spaces demands an automated albeit fast mechanism for verifying each individual fault instance and neither thetraditional, cipher-specific, manual DFA techniques nor the generic and automated Algebraic Fault Attacks (AFA) [10] fulfill these criteria. Further, the diversified structures of different block ciphers suggest that such an automation should be equally applicable to any block cipher. This work presents an automatedframework for DFA identification, fulfilling all aforementioned criteria, which, instead of performing the attack just estimates the attack complexity for each individual fault instance. A generic and extendable data-mining assisted dynamic analysis framework capable of capturing a large class of DFA distinguishersis devised, along with a graph-based complexity analysis scheme. The framework significantly outperforms another recently proposed one [6], in terms of attack class coverage and automation effort. Experimental evaluation on AES and PRESENT establishes the effectiveness of the proposed framework in detectingmost of the known DFAs, which eventually enables the characterization of the exploitable fault space.

Download Full-text

Efficient Side-Channel Secure Message Authentication with Better Bounds

IACR Transactions on Symmetric Cryptology ◽

10.46586/tosc.v2019.i4.23-53 ◽

2020 ◽

pp. 23-53

Author(s):

Chun Guo ◽

François-Xavier Standaert ◽

Weijia Wang ◽

Yu Yu

Keyword(s):

Time Complexity ◽

Side Channel ◽

Message Authentication ◽

Security Threat ◽

Cryptographic Primitives ◽

Key Recovery ◽

Leakage Resilience ◽

Authentication Schemes ◽

Key Recovery Attacks ◽

Provably Secure

We investigate constructing message authentication schemes from symmetric cryptographic primitives, with the goal of achieving security when most intermediate values during tag computation and verification are leaked (i.e., mode-level leakage-resilience). Existing efficient proposals typically follow the plain Hash-then-MAC paradigm T = TGenK(H(M)). When the domain of the MAC function TGenK is {0, 1}128, e.g., when instantiated with the AES, forgery is possible within time 264 and data complexity 1. To dismiss such cheap attacks, we propose two modes: LRW1-based Hash-then-MAC (LRWHM) that is built upon the LRW1 tweakable blockcipher of Liskov, Rivest, and Wagner, and Rekeying Hash-then-MAC (RHM) that employs internal rekeying. Built upon secure AES implementations, LRWHM is provably secure up to (beyond-birthday) 278.3 time complexity, while RHM is provably secure up to 2121 time. Thus in practice, their main security threat is expected to be side-channel key recovery attacks against the AES implementations. Finally, we benchmark the performance of instances of our modes based on the AES and SHA3 and confirm their efficiency.

Download Full-text