High Speed Clock Glitching

In recent times, hardware security has drawn a lot of interest in the research community. With physical proximity to the target devices, various fault injection hardware attack methods have been proposed and tested to alter their functionality and trigger behavior not intended by the design. There are various types of faults that can be injected depending on the parameters being used and the level at which the device is tampered with. The literature describes various fault models to inject faults in clock of the target but there are no publications on overclocking circuits for fault injection. The proposed method bridges this gap by conducting high-speed clock fault injection on latest high-speed micro-controller units where the target device is overclocked for a short duration in the range of 4-1000 ns. This thesis proposes a method of generating a high-speed clock and driving the target device using the same clock. The properties of the target devices for performing experiments in this research are: Externally accessible clock input line and GPIO line. The proposed method is to develop a high-speed clock using custom bit-stream sent to FPGA and subsequently using external analog circuitry to generate a clock-glitch which can inject fault on the target micro-controller. Communication coupled with glitching allows us to check the target\u27s response, which can result in information disclosure.This is a form of non-invasive and effective hardware attack. The required background, methodology and experimental setup required to implement high-speed clock glitching has been discussed in this thesis. The impact of different overclock frequencies used in clock fault injection is explored. The preliminary results have been discussed and we show that even high-speed micro-controller units should consider countermeasures against clock fault injection. Influencing the execution of Tiva C Launchpad and STM32F4 micro-controller units has been shown in this thesis. The thesis details the method used for the testing a

Physical Fault Injection and Side-Channel Attacks on Mobile Devices:A Comprehensive Analysis

Today's mobile devices contain densely packaged system-on-chips (SoCs) with multi-core, high-frequency CPUs and complex pipelines. In parallel, sophisticated SoC-assisted security mechanisms have become commonplace for protecting device data, such as trusted execution environments, full-disk and file-based encryption. Both advancements have dramatically complicated the use of conventional physical attacks, requiring the development of specialised attacks. In this survey, we consolidate recent developments in physical fault injections and side-channel attacks on modern mobile devices. In total, we comprehensively survey over 50 fault injection and side-channel attack papers published between 2009-2021. We evaluate the prevailing methods, compare existing attacks using a common set of criteria, identify several challenges and shortcomings, and suggest future directions of research

Formal verification of a software countermeasure against instruction skip attacks

Fault attacks against embedded circuits enabled to define many new attack paths against secure circuits. Every attack path relies on a specific fault model which defines the type of faults that the attacker can perform. On embedded processors, a fault model consisting in an assembly instruction skip can be very useful for an attacker and has been obtained by using several fault injection means. To avoid this threat, some countermeasure schemes which rely on temporal redundancy have been proposed. Nevertheless, double fault injection in a long enough time interval is practical and can bypass those countermeasure schemes. Some fine-grained countermeasure schemes have also been proposed for specific instructions. However, to the best of our knowledge, no approach that enables to secure a generic assembly program in order to make it fault-tolerant to instruction skip attacks has been formally proven yet. In this paper, we provide a fault-tolerant replacement sequence for almost all the instructions of the Thumb-2 instruction set and provide a formal verification for this fault tolerance. This simple transformation enables to add a reasonably good security level to an embedded program and makes practical fault injection attacks much harder to achieve

Assembly Level Clock Glitch Insertion Into An XMega MCU

This thesis proposes clock-glitch fault injection technique to inject glitches into the clock signal running in a microcontroller unit and studying its effects on different assembly level instructions. It focusses mainly on the effect of clock glitches over the execution, sub-execution and pre-execution cycles of the test instructions and also finds the delay between the actual position of glitch insertion and the trigger being set for the glitch insertion. The instructions used in this work are provided by Atmel which classifies them according to their type of operation. These instructions are here further grouped depending on the number of clock cycles they require for their execution. Each group of instructions are tested for their behavior towards clock glitches being injected at different places in and surrounding their execution cycle. This thesis utilizes the ChipWhisperer-Lite board (CW1173) for performing the whole experiment by controlling the target device, providing clock as well as clock glitches with appropriate properties at appropriate position to the target device. The Atmel AVR XMEGA 128D4U is used as the target device (CW303) that uses an external clock of frequency 7.37MHz generated by the main board. The Capture software, provided by the ChipWhisperer, is used for establishing the hardware connection between the main board and the target board. The clock glitches are designed and triggered through the Capture software

Assembly Level Clock Glitch Insertion Into An XMega MCU

This thesis proposes clock-glitch fault injection technique to inject glitches into the clock signal running in a microcontroller unit and studying its effects on different assembly level instructions. It focusses mainly on the effect of clock glitches over the execution, sub-execution and pre-execution cycles of the test instructions and also finds the delay between the actual position of glitch insertion and the trigger being set for the glitch insertion. The instructions used in this work are provided by Atmel which classifies them according to their type of operation. These instructions are here further grouped depending on the number of clock cycles they require for their execution. Each group of instructions are tested for their behavior towards clock glitches being injected at different places in and surrounding their execution cycle. This thesis utilizes the ChipWhisperer-Lite board (CW1173) for performing the whole experiment by controlling the target device, providing clock as well as clock glitches with appropriate properties at appropriate position to the target device. The Atmel AVR XMEGA 128D4U is used as the target device (CW303) that uses an external clock of frequency 7.37MHz generated by the main board. The Capture software, provided by the ChipWhisperer, is used for establishing the hardware connection between the main board and the target board. The clock glitches are designed and triggered through the Capture software

Fault Injection Test Bed for Clock Violation

Abstract: In this paper, the International Data Encryption (IDEA) algorithm synthesis models will be used as test encryption algorithm. The Xilinx Digital clock manager component will be used for generation of clocks for different frequencies and phase shifts. The encryption output with faults introduced and without faults introduced is compared as a function of ratio of used clock frequency and maximum frequency of operation reported by synthesis tool. The clock generation, clock switching, interface adopter to IDEA core and UART interface will be realized and tested in FPGA hardware in integrated form. FPGA based test bed is realized for injecting faults through clock glitches, to result in setup and hold violations. The UART interface is realized on FPGA to provide PC based controlling for this fault injection. Xilinx chip scope tools will be used for verifying the output at various levels in FPGA hardware

System Clock and Power Supply Cross-Checking for Glitch Detection

Cryptographic systems are vulnerable to different kinds of fault injection attacks. System clock glitch is one of the most widely used fault injection methods used in different attacks. In this paper, we propose a method to detect glitches in system clock to fight against clock glitch based fault attacks. We implement the proposed scheme in Virtex-5 FPGA and inject clock glitches into FPGA, results show that the proposed scheme can be easily implemented in both ASICs and FPGAs with very small overhead. Detection results show that the proposed scheme can detect very high frequency clock glitches with very high detection rate

A Practical Second-Order Fault Attack against a Real-World Pairing Implementation

Several fault attacks against pairing-based cryptography have been described theoretically in recent years. Interestingly, none of these have been practically evaluated. We accomplished this task and prove that fault attacks against pairing-based cryptography are indeed possible and are even practical — thus posing a serious threat. Moreover, we successfully conducted a second-order fault attack against an open source implementation of the eta pairing on an AVR XMEGA A1. We injected the first fault into the computation of the Miller Algorithm and applied the second fault to skip the final exponentiation completely. We introduce a low-cost setup that allowed us to generate multiple independent faults in one computation. The setup implements these faults by clock glitches which induce instruction skips. With this setup we conducted the first practical fault attack against a complete pairing computation