Destroying Fault Invariant with Randomization

Tupsamudre, Harshal; Bisht, Shikha; Mukhopadhyay, Debdeep

doi:10.1007/978-3-662-44709-3_6

Cited by 54 publications

(39 citation statements)

References 11 publications

(43 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Hence, such a fault model is a realistic threat to embedded applications. We demonstrate in this paper that the instruction skip fault model weakens the infective countermeasure scheme proposed in [11] and allows easy key recovery. Thus, it is important to make infective countermeasure tolerant against such attacks.…”

Section: Limitations Of Existing Infective Countermeasuresmentioning

confidence: 94%

“…4. The paper also presents experimental results to validate the enhanced security of the aforementioned countermeasure schemes in comparison with the original infective countermeasure scheme presented in [11]. We present both simulations and real-life experiments on a SASEBO-W platform to compare the fault resistance of each variety of the countermeasure.…”

Section: Limitations Of Existing Infective Countermeasuresmentioning

confidence: 98%

“…The countermeasure scheme proposed by Tupsamudre et al [11] provides no formal guarantees of security against DFA. Moreover, fault attacks that allow an adversary to change the flow sequence of an algorithm by methods such as instruction skips have also not been considered in the security analysis of this countermeasure.…”

Section: Limitations Of Existing Infective Countermeasuresmentioning

confidence: 99%

“…The paper presents a formal information theoretic proof of security for the infective countermeasure scheme proposed by Tupsamudre et al [11] against single and multiple fault injection models, under the assumption that an adversary cannot change the flow sequence or skip instructions. In particular, the paper analyzes the security of the countermeasure against both DFA and DFIA-like attacks.…”

Section: Limitations Of Existing Infective Countermeasuresmentioning

confidence: 99%

“…A random variation of the infective countermeasure was proposed by Gierlichs et al [9]. However, the infection method employed by this countermeasure has a number of shortcomings, as demonstrated by Battistello and Giraud [10], and in greater detail by Tupsamudre et al [11]. Tupsamudre et al have also proposed an improved infective countermeasure that avoids all the pitfalls of [9] and is claimed to thwart DFA.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Fault Tolerant Infective Countermeasure for AES

2017

Self Cite

View full text Add to dashboard Cite

Infective countermeasures have been a promising class of fault attack countermeasures. However, they have been subjected to several attacks owing to lack of formal proofs of security and improper implementations. In this paper, we first provide a formal information theoretic proof of security for one of the most recently proposed state of the art infective countermeasures against DFA, under the assumption that the adversary does not change the flow sequence or skip any instruction. Subsequently, we identify weaknesses in the infection mechanism of the countermeasure that could be exploited by attacks which change the flow sequence. Furthermore, we propose an augmented infective countermeasure scheme obtained by introducing suitable randomizations that reduce the success probabilities of such attacks. Finally, we develop a fault tolerant implementation of the countermeasure using the x86 instruction set to make any attacks which attempt to change the control flow of the algorithm via instruction skips practically infeasible. All the claims have been validated by supporting simulations and real-life experiments on a SASEBO-W platform. We also compare the fault tolerance provided by our proposed countermeasure scheme against that provided by the existing scheme.

show abstract

Section: Limitations Of Existing Infective Countermeasuresmentioning

confidence: 94%

Section: Limitations Of Existing Infective Countermeasuresmentioning

confidence: 98%

Section: Limitations Of Existing Infective Countermeasuresmentioning

confidence: 99%

Section: Limitations Of Existing Infective Countermeasuresmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Fault Tolerant Infective Countermeasure for AES

2017

Self Cite

View full text Add to dashboard Cite

show abstract

Statistical Ineffective Fault Attacks on Masked AES with Fault Countermeasures

Dobraunig

Eichlseder

Groß

et al. 2018

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Fault Template Attacks on Block Ciphers Exploiting Fault Propagation

Saha

Bag

Roy

et al. 2020

Advances in Cryptology – EUROCRYPT 2020

Self Cite

View full text Add to dashboard Cite

Fault attacks (FA) are one of the potent practical threats to modern cryptographic implementations. Over the years the FA techniques have evolved, gradually moving towards the exploitation of devicecentric properties of the faults. In this paper, we exploit the fact that activation and propagation of a fault through a given combinational circuit (i.e., observability of a fault) is data-dependent. Next, we show that this property of combinational circuits leads to powerful Fault Template Attacks (FTA), even for implementations having dedicated protections against both power and fault-based vulnerabilities. The attacks found in this work are applicable even if the fault injection is made at the middle rounds of a block cipher, which are out of reach for most of the other existing fault analysis strategies. Quite evidently, they also work for a known-plaintext scenario. Moreover, the middle round attacks are entirely blind in the sense that no access to the ciphertexts (correct/faulty) or plaintexts are required. The adversary is only assumed to have the power of repeating an unknown plaintext several times. Practical validation over a hardware implementation of SCA-FA protected PRESENT, and simulated evaluation on a public software implementation of protected AES prove the efficacy of the proposed attacks.

show abstract

Destroying Fault Invariant with Randomization

Cited by 54 publications

References 11 publications

Fault Tolerant Infective Countermeasure for AES

Fault Tolerant Infective Countermeasure for AES

Statistical Ineffective Fault Attacks on Masked AES with Fault Countermeasures

Fault Template Attacks on Block Ciphers Exploiting Fault Propagation

Contact Info

Product

Resources

About