Methodology for the Fault Analysis and Evaluation of True Random Number Generators

15 pages (double columns)True Random Number Generators have many uses, in particular they play a key role in security applications and cryptographic algorithms. Our interest lies in the quality of their generated random numbers. More specifically, for such utilizations, a slight deviation of the numbers from a "per- fect" behavior can have disastrous consequences. It is then necessary to devise schemes for the testing of these genera- tors in order to detect non-random properties of their num- bers. Moreover, one should consider them from an attacker point of view and use any means to try to perturbate their good functionnality. In this article we describe such exper- iments and several standard statistical tools for the genera- tors testing. We also present experimental results obtained through the study of a generator embedded in a processor in order to illustrate our methodology. We show that its pertu- bation leads to the apparition of dangerous deviations in its numbers distribution

Fault Injection Characterization on modern CPUs - From the ISA to the Micro-Architecture

International audienceRecently, several Fault Attacks (FAs) which target modern Central Processing Units (CPUs) have emerged. These attacks are studied from a practical point of view and, due to the modern CPUs complexity, the underlying fault effect is usually unknown. In this article, we focus on the characterization of a perturbation (the fault model) on modern CPU. For that, we introduce the first approach to characterize the fault model on modern CPU from the Instruction Set Architecture (ISA) level to the micro-architectural level. This fault model helps at determining which micro-architecture elements are disrupted and how. Our fault model aims at finding original attack paths and design efficient countermeasures. To confront our approach to real modern CPUs, we apply our approach on ARM and x86 architectures CPUs, mainly on the BCM2837 and an Intel Core i3

From physical stresses to timing constraints violation

International audienceSecure circuits are prone to a wide range of physical attacks. Among those are fault attacks based on modifying the circuit environment in order to change its behaviour or to induce faults into its com- putations. As a result, the security level of the circuit under attack may be weakened. There are many common means used to inject such faults: laser shots, electromagnetic pulses, overclocking, chip underpowering, temperature increase, etc. In this paper we describe how negative power supply glitches may be used to create timing constraint violations. The obtained faults were studied and compared to faults injected by clock glitches. Both power and clock glitch induced faults were found to be identical. Because clock glitches are related to timing constraint viola- tions, we shall consider that both power and clock glitches share this common fault injection mechanism. We also further studied the prop- erties of this fault injection means. These insights are intended to give guidelines to designers in order to strengthen fault countermeasures

Power supply glitch induced faults on FPGA: an in-depth analysis of the injection mechanism

International audienceSecure circuits are prone to a wide range of physical attacks. Among those are fault attacks based on modifying the circuit environment in order to change its behaviour or to induce faults into its computations. There are many common means used to inject such faults: laser shots, electromagnetic pulses, overclocking, chip underpowering, temperature increase, etc. In this paper we study the effect of negative power supply glitches on a FPGA. The obtained faults were compared to faults injected by clock glitches. As a result, both power and clock glitch induced faults were found to be identical. Because clock glitches are related to timing constraint violations, we shall consider that both power and clock glitches share this common fault injection mechanism. We also further studied the properties of this fault injection means

Analysis of a fault injection mechanism related to voltage glitches using an on-chip voltmeter

International audienceAnalysis of a fault injection mechanism related to voltage glitches using an on-chip voltmete

How can signal processing benefit side channel attacks

International audienc

How can signal processing benefit side channel attacks

International audienc

Novel Approaches for Improving the Power Consumption Models in Correlation Analysis

Abstract. Differential Power Analysis (DPA) is a powerful technique for revealing secret data of cryptographic algorithms such as DES, AES and RSA implemented on a specific platform. In recent years, Correlation Power Analysis (CPA) allowed to better formalize the differential approaches of DPA with the use of a power model. We propose here two methods in order to optimize the power model for the targeted bits of the analysed algorithm. We will consider that all the targeted bits do not give the same contribution to the power consumption. Our first method consists in finding out the optimal ratio among the bits of a specific device. The second method is based on a statistical analysis of attack results while applying different possible ratios among the bits. The experimental electromagnetic radiation signals intercepted from an ASIC during DES operations show that our proposed methods allow to improve significantly the attack performance.

Noise reduction in side channel attack using fourth-order cumulants

International audienceSide channel attacks exploit physical information leaked during the operation of a cryptographic device (e.g., a smart card). The confidential data, which can be leaked from side channels, are timing of operations, power consumption, and electromagnetic emanation. In this paper, we propose a preprocessing method based on the fourth-order cumulant, which aims to improve the performance of side channel attacks. It takes advantages of the Gaussian and nonGaussian properties, that respectively characterize the noise and the signal, to remove the effects due to Gaussian noise coupled into side channel signals. The proposed method is then applied to analyze the electromagnetic signals of a synthesized application-specific integrated circuit during a data encryption standard operation. The theoretical and experimental results show that our method significantly reduces the number of side channel signals needed to detect the encryption key

Efficient solution for misalignment in EM analysis', IEEE Int. Conf. on Acoustics, Speech and Signal Processing

International audienc