Analyzing the Efficiency of Biased-Fault Based Attacks

The traditional fault analysis techniques developed over the past decade rely on a fault model, a rigid assumption about the nature of the fault. A practical challenge for all faults attacks is to identify a fault injection method that achieves the presumed fault model. In this paper, we analyze a class of more recently proposed fault analysis techniques, which adopt a biased fault model. Biased fault attacks enable a more flexible fault model, and are therefore easier to adopt to practice. The purpose of our analysis is to evaluate the relative efficiency of several recently proposed biased-fault attacks, including Fault Sensitivity Analysis (FSA), Non-Uniform Error Value Analysis (NUEVA), Non-Uniform Faulty Value Analysis (NUFVA), and Differential Fault Intensity Analysis (DFIA). We compare the relative performance of each technique in a common framework, using a common circuit and using a common fault injection method. We show that, for an identical circuit and an identical fault injection method, the number of faults per attack greatly varies according with the analysis technique. In particular, DFIA is more efficient than FSA, and FSA is more efficient than both NUEVA and NUFVA. In terms of number of fault injections until full key disclosure, for a typical case, FSA uses 8x more faults than DFIA, and NUEVA uses 33x more faults than DFIA. Hence, the post-processing technique selected in a biased-fault attack has a significant impact on the probability of a successful attack

Lightweight Fault Attack Resistance in Software Using Intra-Instruction Redundancy

Fault attack countermeasures can be implemented by storing or computing sensitive data in redundant form, such that the faulty data can be detected and restored. We present a class of lightweight, portable software countermeasures for block ciphers. Our technique is based on redundant bit-slicing, and it is able to detect faults in the execution of a single instruction. In comparison to earlier techniques, we are able to intercept data faults as well as instruction sequence faults using a uniform technique. Our countermeasure thwarts precise bit-fault injections through pseudo-random shifts in the allocation of data bit-slices. We demonstrate our solution on a full AES design and confirm the claimed security protection through a detailed fault simulation for a 32-bit embedded processor. We also quantify the overhead of the proposed fault countermeasure, and find a minimal increase in footprint (14%), and a moderate performance overhead between 125% to 317%, depending on the desired level of fault-attack resistance

Analyzing the Efficiency of Biased-Fault Based Attacks

Abstract. The traditional fault analysis techniques developed over the past decade rely on a fault model, a rigid assumption about the nature of the fault. A practical challenge for all faults attacks is to identify a fault injection method that achieves the presumed fault model. In this paper, we analyze a class of more recently proposed fault analysis techniques, which adopt a biased fault model. Biased fault attacks enable a more flexible fault model, and are therefore easier to adopt to practice. The purpose of our analysis is to evaluate the relative efficiency of several recently proposed biased-fault attacks, including Fault Sensitivity Anal