17 research outputs found
ExpFault: An Automated Framework for Exploitable Fault Characterization in Block Ciphers (Revised Version)
Malicious exploitation of faults for extracting secrets is one of the most practical and potent threats to modern cryptographic primitives. Interestingly, not every possible fault for a cryptosystem is maliciously exploitable, and evaluation of the exploitability of a fault is nontrivial. In order to devise precise defense mechanisms against such rogue faults, a comprehensive knowledge is required about the exploitable part of the fault space of a cryptosystem.
Unfortunately, the fault space is diversified and of formidable size even while a single crypto-primitive is considered and traditional manual fault analysis techniques may often fall short
to practically cover such a fault space within reasonable time. An automation for analyzing individual fault instances for their exploitability is thus inevitable. Such an automation is
supposed to work as the core engine for analyzing the fault spaces of cryptographic primitives. In this paper, we propose an automation for evaluating the exploitability status of fault instances
from block ciphers, mainly in the context of Differential Fault Analysis (DFA) attacks. The proposed framework is generic and scalable, which are perhaps the two most important features
for covering diversified fault spaces of formidable size originating from different ciphers. As a proof-of-concept, we reconstruct some known attack examples on AES and PRESENT using
the framework and finally analyze a recently proposed cipher GIFT [BPP + 17] for the first time. It is found that the secret key of GIFT can be determined with 2 nibble fault instances injected
consecutively at the beginning of the 25th and 23rd round with remaining key space complexity of 2^7.06
Rowhammer Induced Intermittent Fault Attack on ECC-hardened memory
Fault attack is a class of active implementation based attacks which introduces controlled perturbations in the normal operation of a system to produce faulty outcomes. In case of ciphers, these faulty outcomes can lead to leakage of secret information, such as the secret key. The effectiveness and practicality of fault attacks largely depend on the underlying fault model and the type of fault induced. In this paper, we analyse the drawbacks of persistent fault model in case of error correction code (ECC) enabled systems. We further propose a novel fault attack called Intermittent Fault Attack which is well suited for ECC-enabled DRAM modules. We demonstrate the practicality of our attack model by inducing single bit faults using pinpointed Rowhammer technique in S-Boxes of block ciphers in an ECC protected system
Differential Fault Analysis Automation
Characterization of all possible faults in a cryptosystem exploitable for fault attacks is a problem
which is of both theoretical and practical interest for the cryptographic community. The complete
knowledge of exploitable fault space is desirable while designing optimal countermeasures for any
given crypto-implementation. In this paper, we address the exploitable fault characterization problem
in the context of Differential Fault Analysis (DFA) attacks on block ciphers. The formidable size
of the fault spaces demands an automated albeit fast mechanism for verifying each individual fault
instance and neither the traditional, cipher-specific, manual DFA techniques nor the generic and au-
tomated Algebraic Fault Attacks (AFA) [10] fulfill these criteria. Further, the diversified structures
of different block ciphers suggest that such an automation should be equally applicable to any block
cipher. This work presents an automated framework for DFA identification, fulfilling all aforemen-
tioned criteria, which, instead of performing the attack just estimates the attack complexity for each
individual fault instance. A generic and extendable data-mining assisted dynamic analysis frame-
work capable of capturing a large class of DFA distinguishers is devised, along with a graph-based
complexity analysis scheme. The framework significantly outperforms another recently proposed
one [6], in terms of attack class coverage and automation effort. Experimental evaluation on AES and
PRESENT establishes the effectiveness of the proposed framework in detecting most of the known
DFAs, which eventually enables the characterization of the exploitable fault space
PUF-COTE: A PUF Construction with Challenge Obfuscation and Throughput Enhancement
Physically Unclonable Functions~(PUFs) have been a potent choice for enabling low-cost, secure communication. However, the state-of-the-art strong PUFs generate single-bit response. So, we propose PUF-COTE: a high throughput architecture based on linear feedback shift register and a strong PUF as the ``base\u27\u27-PUF. At the same time, we obfuscate the challenges to the ``base\u27\u27-PUF of the final construction.
We experimentally evaluate the quality of the construction by implementing it on Artix 7 FPGAs. We evaluate the statistical quality of the responses~(using NIST SP800-92 test suit and standard PUF metrics: uniformity, uniqueness, reliability, strict avalanche criterion, ML-based modelling), which is a crucial factor for cryptographic applications
Divided We Stand, United We Fall: Security Analysis of Some SCA+SIFA Countermeasures Against SCA-Enhanced Fault Template Attacks
Protection against Side-Channel (SCA) and Fault Attacks (FA) requires two classes of countermeasures to be simultaneously embedded in a cryptographic implementation. It has already been shown that a straightforward combination of SCA and FA countermeasures are vulnerable against FAs, such as Statistical Ineffective Fault Analysis (SIFA) and Fault Template Attacks (FTA). Consequently, new classes of countermeasures have been proposed which prevent against SIFA, and also includes masking for SCA protection. While they are secure against SIFA and SCA individually, one important question is whether
the security claim still holds at the presence of a combined SCA and FA adversary. Security against combined attacks is, however, desired, as countermeasures for both threats are included in such implementations. In this paper, we show that some of the recently proposed combined SIFA and SCA countermeasures fall prey against combined attacks. To this end, we enhance the FTA attacks by considering side-channel information during fault injection. The success of the proposed attacks stems from some non-trivial fault propagation properties of S-Boxes, which remains unexplored in the original FTA proposal. The proposed attacks are validated on an open-source software implementation of Keccak with SIFA-protected χ5 S-Box with laser fault injection and power measurement, and a hardware implementation of a SIFA-protected χ3 S-Box through gate-level power trace simulation. Finally, we discuss some mitigation strategies to strengthen existing countermeasures
Improved Test Pattern Generation for Hardware Trojan Detection using Genetic Algorithm and Boolean Satisfiability
Test generation for \emph{Hardware Trojan Horses} (HTH) detection is extremely challenging, as
Trojans are designed to be triggered by very rare logic conditions at internal nodes
of the circuit.
In this paper, we propose a \textit{Genetic Algorithm} (GA) based Automatic Test Pattern
Generation (ATPG) technique, enhanced by automated solution to an associated
\textit{Boolean Satisfiability} problem. The main insight is that
given a specific internal trigger condition, it is not possible to attack an arbitrary
node (payload) of the circuit, as the effect of the induced logic malfunction
by the HTH might not get propagated to the output. Based on this observation, a
fault simulation based framework has been proposed, which enumerates the
feasible payload nodes for a specific triggering condition. Subsequently,
a compact set of test vectors is selected based on their ability to detect the logic
malfunction at the feasible payload nodes, thus increasing their effectiveness.
Test vectors generated by the proposed scheme were found to achieve higher
detection coverage over large population
of HTH in ISCAS benchmark circuits,
compared to a previously proposed logic testing based Trojan detection technique
Leakage Assessment in Fault Attacks: A Deep Learning Perspective
Generic vulnerability assessment of cipher implementations
against fault attacks (FA) is a largely unexplored research area to date.
Security assessment against FA is particularly important in the context
of FA countermeasures because, on several occasions, countermeasures
fail to fulfil their sole purpose of preventing FA due to flawed design or
implementation. In this paper, we propose a generic, simulation-based,
statistical yes/no experiment for evaluating fault-assisted information
leakage based on the principle of non-interference. The proposed exper-
iment is oblivious to the structure of countermeasure/cipher under test
and detects fault-induced leakage solely by observing the ciphertext dis-
tributions. Unlike a recently proposed approach that utilizes t-test
and its higher-order variants for detecting leakage at different moments
of ciphertext distributions, in this work, we present a Deep Learning
(DL) based leakage detection test. Our DL-based detection test is not
specific to only moment-based leakages and thus can expose leakages
in several cases where t-test based technique demands a prohibitively
large number of ciphertexts. We also present a systematic approach to
interpret the leakages from DL models. Apart from improving the leak-
age detection test, we explore two generalizations of the leakage assess-
ment experiment itself – one for evaluating against the Statistical ineffec-
tive fault model (SIFA), and another for assessing fault-induced leakages
originating from “non-cryptographic” peripheral components of a secu-
rity module. Finally, we present techniques for efficiently covering the
fault space of a block cipher by exploiting logic-level and cipher-level
fault equivalences. The efficacy of DL-based leakage detection, as well as
the proposed generalizations, has been evaluated on a rich test-suite of
hardened implementations from several countermeasure classes, includ-
ing open-source SIFA countermeasures and a hardware security module
called Secured-Hardware-Extension (SHE)
Automatic Characterization of Exploitable Faults: A Machine Learning Approach
Characterization of the fault space of a cipher to filter out
a set of faults potentially exploitable for fault attacks (FA), is a prob-
lem with immense practical value. A quantitative knowledge of the ex-
ploitable fault space is desirable in several applications, like security
evaluation, cipher construction and implementation, design, and test-
ing of countermeasures etc. In this work, we investigate this problem in
the context of block ciphers. The formidable size of the fault space of
a block cipher mandates the use of an automation to solve this prob-
lem, which should be able to characterize each individual fault instance
quickly. On the other hand, the automation is expected to be applicable
to most of the block cipher constructions. Existing techniques for au-
tomated fault attacks do not satisfy both of these goals simultaneously
and hence are not directly applicable in the context of exploitable fault
characterization. In this paper, we present a supervised machine learning
(ML) assisted automated framework, which successfully addresses both
of the criteria mentioned. The key idea is to extrapolate the knowledge of
some existing FAs on a cipher to rapidly figure out new attack instances
on the same. Experimental validation of the proposed framework on two
state-of-the-art block ciphers – PRESENT and LED, establishes that our
approach is able to provide fairly good accuracy in identifying exploitable
fault instances at a reasonable cost. Finally, the effect of different S-Boxes
on the fault space of a cipher is evaluated utilizing the framework