455 research outputs found
Formal verification of a software countermeasure against instruction skip attacks
Fault attacks against embedded circuits enabled to define many new attack
paths against secure circuits. Every attack path relies on a specific fault
model which defines the type of faults that the attacker can perform. On
embedded processors, a fault model consisting in an assembly instruction skip
can be very useful for an attacker and has been obtained by using several fault
injection means. To avoid this threat, some countermeasure schemes which rely
on temporal redundancy have been proposed. Nevertheless, double fault injection
in a long enough time interval is practical and can bypass those countermeasure
schemes. Some fine-grained countermeasure schemes have also been proposed for
specific instructions. However, to the best of our knowledge, no approach that
enables to secure a generic assembly program in order to make it fault-tolerant
to instruction skip attacks has been formally proven yet. In this paper, we
provide a fault-tolerant replacement sequence for almost all the instructions
of the Thumb-2 instruction set and provide a formal verification for this fault
tolerance. This simple transformation enables to add a reasonably good security
level to an embedded program and makes practical fault injection attacks much
harder to achieve
Integrating Non-linear and Linear Diffusion Techniques to Prevent Fault Attacks in Advanced Encryption Standard to Enhance Security of 4G-LTE Networks
Long term evolution based fourth generation (4G) mobile technology has provided a platform for fast and efficient wireless communication. The advanced encryption standard (AES) is one of the three cryptographic algorithms used in 4G networks for encryption of sensitive data. In spite of offering high immunity, AES is still vulnerable to few attacks. This weakness in AES algorithm makes 4G susceptible to several security issues. This paper specifically focuses on fault attacks performed on AES. A fault induced in any one of the rounds of AES helps the attacker to derive information about the secret key. In this manner, these fault attacks pose a serious threat to wireless mobile communication as he or she may gain access to any network that is encrypted with AES. In earlier works, various countermeasures have been suggested to prevent them. However, each of these preventive measures has their own limitations and vulnerabilities. This paper proposes an enhanced method of preventing fault attacks in AES by incorporating a combination of non-linear and linear diffusion techniques. This method identifies if a fault has been injected and diffuses the fault well into the matrix, providing no information about the secret key to the attacker. The performance evaluation proves that the proposed prevention method outperforms the others in terms of time, cost and efficiency
Design and evaluation of countermeasures against fault injection attacks and power side-channel leakage exploration for AES block cipher
Differential Fault Analysis (DFA) and Power Analysis (PA) attacks, have become the main
methods for exploiting the vulnerabilities of physical implementations of block ciphers, currently used in
a multitude of applications, such as the Advanced Encryption Standard (AES). In order to minimize these
types of vulnerabilities, several mechanisms have been proposed to detect fault attacks. However, these
mechanisms can have a signi cant cost, not fully covering the implementations against fault attacks or not
taking into account the leakage of the information exploitable by the power analysis attacks. In this paper,
four different approaches are proposed with the aim of protecting the AES block cipher against DFA. The
proposed solutions are based on Hamming code and parity bits as signature generators for the internal state of
the AES cipher. These allow to detect DFA exploitable faults, from bit to byte level. The proposed solutions
have been applied to a T-box based AES block cipher implemented on Field Programmable Gate Array
(FPGA). Experimental results suggest a fault coverage of 98.5% and 99.99% with an area penalty of 9%
and 36% respectively, for the parity bit signature generators and a fault coverage of 100% with an area
penalty of 18% and 42% respectively when Hamming code signature generator is used. In addition, none
of the proposed countermeasures impose a frequency degradation, in respect to the unprotected cipher. The
proposed work goes further in the evaluation of the proposed DFA countermeasures by evaluating the impact
of these structures in terms of power side-channel. The obtained results suggest that no extra information
leakage is produced that can be exploited by PA. Overall, the proposed DFA countermeasures provide a
high fault coverage protection with a low cost in terms of area and power consumption and no PA security
degradation
Fault attacks on RSA and elliptic curve cryptosystems
This thesis answered how a fault attack targeting software used to program EEPROM can threaten hardware devices, for instance IoT devices. The successful fault attacks proposed in this thesis will certainly warn designers of hardware devices of the security risks their devices may face on the programming leve
- …