Smart Card Fault Injections with High Temperatures

Power and clock glitch attacks on smart cards can help an attacker to discover some internal secrets or bypass certain security checks. Also, an attacker can manipulate the temperature and supply voltage of the device, thus making the device glitch more easily. If these manipulations are within the device operating conditions, it becomes harder to distinguish between an extreme condition from an attacker. To demonstrate temperature and power supply effect on fault attacks, we perform several tests on an Atmega 163 microcontroller in different conditions. Our results show that this kind of attacks are still a serious threat to small devices, whilst maintaining the manufacturer recommendations

Security assessment for automotive controllers using side channel and fault injection attacks

Embedded security is nowadays a hot topic. With the arrival of Internet of Things and the increasing presence of embedded electronics in automotive systems, security has become an important factor in product design. This work is aimed to test the security capabilities of automotive electronic devices, using physical attacks such as fault injection and other side-channel techniques. Modern integrated circuits implement countermeasures to such attacks, but it has been proven that those countermeasures were designed with safety in mind, as automotive applications usually requiEmbedded security is nowadays a hot topic. With the arrival of Internet of Things and the increasing demand of connectivity for embedded systems in many industrial markets, including automotive systems, security has become an important factor in product design. This thesis is aimed to test the security capabilities of automotive electronic devices, using physical attacks known as fault injection. Although other industries have been using countermeasures against physical attacks for decades, these are rarely used in automotive embedded systems. Automotive industry efforts have been focused in improving safety and reliability (e.g. ISO 26262 ASIL certification) instead of security. Previous research proved the risk of fault injection attacks on automotive SoCs, but these works were limited to small testing applications running on evaluation boards and not real automotive systems. The current work aims to assess the security of off-the-shelf automotive systems running real applications. More specifically, fault injection attacks are used to bypass the authentication mechanism of the Unified Diagnostic System (ISO 14229) present in two different commercial car dashboards. The findings are exposed in order to suggest design improvements and recommendations for a more secure automotive embedded systems and SoCs

Mitigation of Hardware Trojan Attacks on Networks-on-Chip

The Integrated Circuit (IC) design flow follows a global business model. A global business means that the processes in the IC design flow could be outsourced, and consequently security threats have been introduced. Security threats on hardware include side channel analysis, reverse engineering, information leakage, counterfeit chips, and hardware Trojans (HTs).This work mainly focuses on HT attacks, which execute a malicious operation on the system when a trigger condition is met. Networks-on-Chip (NoCs) are a popular communications infrastructure for many-core systems, which have proved to be a more scalable option over the traditional bus interface. However, the high scalability and modularity provided by NoCs have introduced new vulnerabilities in the design, leading to hardware Trojans capable of causing several Denial of Service (DoS) attacks on the network. A 4x4 Mesh-topology NoC with a more robust router microarchitecture is presented with several innovations relative to the baseline. A collaborative dynamic permutation and flow unit (flit) integrity check method is proposed to thwart an attacker from maliciously modifying the flit content in the routers of a NoC. Our method complements other HT detection approaches for the NoC network interfaces. Moreover, we exploit the Physical Unclonable Function (PUF) structure and the traffic routing history to generate a unique key vector for each router to select one of the multiple permutation configurations. Simulation and Field Programmable Gate Array (FPGA) results are compared between the proposed NoC microarchitecture and four other existing solutions found in literature, and it was shown that the proposed method outperforms all of the existing security methods

Electromagnetic Fault Injection On Two Microcontrollers: Methodology, Fault Model, Attack and Countermeasures

Cryptographic algorithms are being applied to various kinds of embedded devices such as credit card, smart phone, etc. Those cryptographic algorithms are designed to be resistant to mathematical analysis, however, passive Side Channel Attack (SCA) was demonstrated to be a serious security concern for embedded systems. These attacks analyzed the relationship between the side channel leakages (such as the execution time or power consumption) and the cryptographic operations in order to retrieve the secret information. Various countermeasures were proposed to thwart passive SCA by hiding this relationship. Another different type of SCA, known as the active SCA is Fault Injection Attack (FIA). FIA can be divided into two phases. The first one is the fault injection phase where the attacker aims at injecting a fault to a target circuit with a specific timing and spatial accuracy. The second phase is the fault exploitation phase where the attacker exploits the induced fault and forms an attack. The major targets for the fault exploitation phase are the cryptographic algorithms and the application-sensitive processes. Over the last one and a half decades, FIA has attracted expanding research attention. There are various techniques which could be used to conduct an FIA such as laser, Electromagnetic (EM) pulse, voltage/clock glitch, etc. EM FIA achieves a moderate spatial resolution and a high timing resolution. Moreover, since the EM pulse can pass through the package of the chip, the chip does not need to be fully decapsulated to run the attack. However, there remains a lack of understanding of the fault injected to the cryptographic devices and the countermeasures to protect them. Therefore, it is important to conduct in-depth research on EM FIA. This dissertation concentrates on the study of EM FIA by analyzing the experimental results on two different devices, PIC16F687 and LPC1114. The PIC16F687 applies a two-stage pipeline with a Harvard structure. Faults injected to the PIC16F687 resulted in instruction replacement faults. After analysis of detailed experiments, two new Advanced Encryption Standard (AES)-128 attacks were proposed and empirically verified using a two-step attack approach. These new AES attacks were proposed with lower computational complexity unlike previous Differential Fault Analysis (DFA) algorithms. Instruction specific countermeasures were designed and verified empirically for AES to prevent known attacks and provide fault tolerant protection. The second target chip was the LPC1114, which utilizes an ARM Cortex-M0 core with a three-stage pipeline and a Von Neumann structure. Fault injection on multiple LDR instructions were analyzed indicating both address faults and data faults were found. Moreover, the induced faults were investigated with detailed timing analysis taking the pipeline stall stage into consideration. Fault tolerant countermeasures were also proposed and verified empirically unlike previous fault tolerant countermeasures which were designed only for the instruction skip fault. Based on empirical results, the charge-based fault model was proposed as a new fault model. It utilizes the critical charge concept from single event upset and takes the supply voltage and the clock frequency of the target microcontroller into consideration. Unlike previous research where researchers suggested that the EM pulse induced delay or perturbation to the chip, the new fault model has been empirically verified on both PIC16F687 and LPC1114 over several frequencies and supply voltages. This research contributes to state of the art in EM FIA research field by providing further advances in how to inject the fault, how to analyze the fault, how to build an attack with the fault, and how to mitigate the fault. This research is important for improving resilience and countermeasures for fault injection attacks for secure embedded microcontrollers