Design and validation of a platform for electromagnetic fault injection

Security is acknowledged as one of the main challenges in the design and deployment of embedded circuits. Devices need to operate on-the-field safely and correctly, even when at physical reach of potential adversaries. One of the most powerful techniques to compromise the correct functioning of a device are fault injection attacks. They enable an active adversary to trigger errors on a circuit in order to bypass security features or to gain knowledge of security-sensitive information. There are several methods to induce such errors. In this work we focus on the injection of faults through the electromagnetic (EM) channel. In particular, we document our efforts towards building a suitable platform for EM pulse injection. We design a pulse injection circuit that can provide currents over 20 A to an EM injector in order to generate abrupt variations of the EM field on the vicinity of a circuit. We validate the suitability of our platform by applying a well-know attack on an embedded 8-bit microcontroller implementing the AES block cipher. In particular, we show how to extract the AES secret cryptographic keys stored in the device by careful injection of faults during the encryption operations and simple analysis of the erroneous outputs.Peer ReviewedPostprint (published version

Is Hardware Security Prepared for Unexpected Discoveries?

Hardware Security of semiconductor chips is in high demand these days. Modern electronic devices are expected to have high level of protection against many known attack aimed at the extraction of stored information. This is especially important for devices used in critical areas like automotive, medical, banking and industrial control applications. This leads to a constant arms race between attackers and developers. Usually new attacks are disclosed in a responsible way leaving time for chip manufacturers and system engineers to develop countermeasures. However, there is always a chance that mitigation technology is not developed in time, or worse, not practical to implement. Are the engineers in semiconductor community prepared for such an outcome? This paper looks at the history of similar discoveries in different areas and gives some results on memory extraction from an old smartcard and approaching highly secure embedded memory – battery-backed SRAM. Finally this paper elaborates on possible discoveries in attacks aimed at stored information. The aim of this paper is to raise awareness of emerging attacks to inspire new mitigation techniques to be developed in appropriate and timely way

A First Practical Fully Homomorphic Crypto-Processor Design: The Secret Computer is Nearly Here

Following a sequence of hardware designs for a fully homomorphic crypto-processor - a general purpose processor that natively runs encrypted machine code on encrypted data in registers and memory, resulting in encrypted machine states - proposed by the authors in 2014, we discuss a working prototype of the first of those, a so-called `pseudo-homomorphic' design. This processor is in principle safe against physical or software-based attacks by the owner/operator of the processor on user processes running in it. The processor is intended as a more secure option for those emerging computing paradigms that require trust to be placed in computations carried out in remote locations or overseen by untrusted operators. The prototype has a single-pipeline superscalar architecture that runs OpenRISC standard machine code in two distinct modes. The processor runs in the encrypted mode (the unprivileged, `user' mode, with a long pipeline) at 60-70% of the speed in the unencrypted mode (the privileged, `supervisor' mode, with a short pipeline), emitting a completed encrypted instruction every 1.67-1.8 cycles on average in real trials.Comment: 6 pages, draf

Secured Hardware Design - an Overview

Security is a prime concern in the design of a wide variety of embedded systems and security processors. So the customer security devices such as smart cards and security processors are prone to attack and there are on going research to protect these devices from attackers who intend to extract key information from these devices. Also an active attacker can induce errors during computation and exploit the faulty result to extract the key information embedded in the processor. Due to the design time issues weakness in the design is often revealed in the manufactured chips. Also because the post- manufacture security evaluation is time consuming and expensive, these security issues have to be considered at the design phase. This paper outlines some of the hardware attacks and provides a general idea of the process of these attacks

Security validation of smartcard: MCOS

The National Fuel subsidy system planning in Malaysia should it persist would have elevated the Multi-purpose of MyKad. Malaysian government is planning for a new MyID system that can retrieve governmental related documents when dealing with 760 governments and agencies nationwide (The Star, 2010). This move will leverage the existing infrastructure of MyKad. The wider usage of MyKad may raise public concern regarding its security. Thus, there is a need for assessing the security of MyKad by an independent third party.This paper will first discuss vulnerability of smartcard by using the attack potential model (CCDB, 2008), and then the appropriateness of the current methods and tools to test the security of smartcard will be investigated.The study concludes that there is no yet a standard of security testing tool imposed on smartcard in Malaysia.The study promotes the developing of security testing tool for MyKad

Defeating microprobing attacks using a resource efficient detection circuit

Microprobing is an attack technique against integrated circuits implementing security functions, such as OTP tokens or smartcards. It allows intercepting secrets from onchip wires as well as injecting faults for other attacks. While the necessity to etch open chip packages and to remove the passivation layer makes microprobing appear expensive, it was shown that a successful attack can be run with equipment worth a few thousand euros. On the protector’s side, however, appropriate countermeasures such as active shields, redundancy of core components, or analog detection circuits containing large capacitors, are still expensive. We present a resource efficient microbing detection circuit that we call Low Area Probing Detector (LAPD). It measures minimal timing differences between on-chip wires caused by the capacitive load of microprobes. Simulations show that it can detect up-todate probes with capacitances as low as 10 fF. As a novelty, the LAPD is merely based on digital components and does not require analog circuitry, which reduces the required area and process steps compared to previous approaches.Postprint (author’s final draft

Maintaining consumer confidence in electronic payment mechanisms

Credit card fraud is already a significant factor inhibiting consumer confidence in e-commerce. As more advanced payment systems become common, what legal and technological mechanisms are required to ensure that fraud does not do long-term damage to consumers' willingness to use electronic payment mechanisms