2,980 research outputs found
Design and evaluation of countermeasures against fault injection attacks and power side-channel leakage exploration for AES block cipher
Differential Fault Analysis (DFA) and Power Analysis (PA) attacks, have become the main
methods for exploiting the vulnerabilities of physical implementations of block ciphers, currently used in
a multitude of applications, such as the Advanced Encryption Standard (AES). In order to minimize these
types of vulnerabilities, several mechanisms have been proposed to detect fault attacks. However, these
mechanisms can have a signi cant cost, not fully covering the implementations against fault attacks or not
taking into account the leakage of the information exploitable by the power analysis attacks. In this paper,
four different approaches are proposed with the aim of protecting the AES block cipher against DFA. The
proposed solutions are based on Hamming code and parity bits as signature generators for the internal state of
the AES cipher. These allow to detect DFA exploitable faults, from bit to byte level. The proposed solutions
have been applied to a T-box based AES block cipher implemented on Field Programmable Gate Array
(FPGA). Experimental results suggest a fault coverage of 98.5% and 99.99% with an area penalty of 9%
and 36% respectively, for the parity bit signature generators and a fault coverage of 100% with an area
penalty of 18% and 42% respectively when Hamming code signature generator is used. In addition, none
of the proposed countermeasures impose a frequency degradation, in respect to the unprotected cipher. The
proposed work goes further in the evaluation of the proposed DFA countermeasures by evaluating the impact
of these structures in terms of power side-channel. The obtained results suggest that no extra information
leakage is produced that can be exploited by PA. Overall, the proposed DFA countermeasures provide a
high fault coverage protection with a low cost in terms of area and power consumption and no PA security
degradation
Sequential Circuit Design for Embedded Cryptographic Applications Resilient to Adversarial Faults
In the relatively young field of fault-tolerant cryptography, the main research effort has focused exclusively on the protection of the data path of cryptographic circuits. To date, however, we have not found any work that aims at protecting the control logic of these circuits against fault attacks, which thus remains the proverbial Achilles’ heel. Motivated by a hypothetical yet realistic fault analysis attack that, in principle, could be mounted against any modular exponentiation engine, even one with appropriate data path protection, we set out to close this remaining gap. In this paper, we present guidelines for the design of multifault-resilient sequential control logic based on standard Error-Detecting Codes (EDCs) with large minimum distance. We introduce a metric that measures the effectiveness of the error detection technique in terms of the effort the attacker has to make in relation to the area overhead spent in
implementing the EDC. Our comparison shows that the proposed EDC-based technique provides superior performance when compared against regular N-modular redundancy techniques. Furthermore, our technique scales well and does not affect the critical path delay
Trojans in Early Design Steps—An Emerging Threat
Hardware Trojans inserted by malicious foundries
during integrated circuit manufacturing have received substantial
attention in recent years. In this paper, we focus on a different
type of hardware Trojan threats: attacks in the early steps of
design process. We show that third-party intellectual property
cores and CAD tools constitute realistic attack surfaces and that
even system specification can be targeted by adversaries. We
discuss the devastating damage potential of such attacks, the
applicable countermeasures against them and their deficiencies
- …