A multiple-fault injection attack by adaptive timing control under black-box conditions and a countermeasure

Sho Endo, Naofumi Homma, Yu-Ichi Hayashi, Junko Takahashi, Hitoshi Fuji, Takafumi Aoki

Research output: Chapter in Book/Report/Conference proceedingConference contribution

7 Citations (Scopus)

Abstract

This paper proposes a multiple-fault injection attack based on adaptive control of fault injection timing in embedded microprocessors. The proposed method can be conducted under the black-box condition that the detailed cryptographic software running on the target device is not known to attackers. In addition, the proposed method is non-invasive, without the depackaging required in previous works, since such adaptive fault injection is performed by precisely generating a clock glitch. In this paper, we demonstrate the validity of the proposed method through an experiment on Advanced Encryption Standard (AES) software with a typical recalculation-based countermeasure on an 8-bit microprocessor. We first describe the proposed method to inject two kinds of faults, designed to obtain a faulty output available for differential fault analysis and to avoid a conditional branch for the countermeasure, respectively. We then show an experimental result that the faulty output can be obtained by circumventing countermeasure without using information from the detailed instruction sequence. Furthermore, we proposed a countermeasure against our attack, which prevents the attackers from calling the output routine through skipping the branch or branch test instruction.

Original languageEnglish
Title of host publicationConstructive Side-Channel Analysis and Secure Design - 5th International Workshop, COSADE 2014, Revised Selected Papers
PublisherSpringer-Verlag
Pages214-228
Number of pages15
ISBN (Print)9783319101743
DOIs
Publication statusPublished - 2014 Jan 1
Event5th International Workshop on Constructive Side-Channel Analysis and Secure Design, COSADE 2014 - Paris, France
Duration: 2014 Apr 132014 Apr 15

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8622 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other5th International Workshop on Constructive Side-Channel Analysis and Secure Design, COSADE 2014
CountryFrance
CityParis
Period14/4/1314/4/15

Keywords

  • Cryptographic software
  • Embedded processors
  • Fault injection attacks

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'A multiple-fault injection attack by adaptive timing control under black-box conditions and a countermeasure'. Together they form a unique fingerprint.

Cite this