Exploiting PUF Variation to Detect Fault Injection Attacks

Abstract: The massive deployment of Internet of Things (IoT) devices makes them vulnerable against physical tampering attacks, such as fault injection. These kind of hardware attacks are very popular as they typically do not require complex equipment or high expertise. Hence, it is important that IoT devices are protected against them. In this work, we present a novel fault injection attack detector with high flexibility and low overhead. Our solution is based on the reuse of a security primitive used in many IoT device… Show more

“…Although the proposed detection scheme is effective, it suffers from high power consumption as well as high sensitivity to changes in operating conditions [37,§VI.B]. Authors in [38] proposed a fault attack detection method based on RO-PUF. This method stores the PUF response in the early stages of usage.…”

“…Methodology Disadvantage [28], [29] Implementing dual-complementary flip-flops to detect EMFI attack Significant hardware overhead [30] Detecting electromagnetic pulse attack sensor realized by preliminary gates High area overhead [31] Detecting EMFI attack via checking the phase of an embedded RO High area and power overheads [32] Sensing frequency ripple by a watchdog RO and PLL in FPGA platform Having PLL is not always guaranteed in all circuits [34] Monitoring frequency turbulence induced by watchdog RO and phase detector Significant false alarm rate [33] Sensing frequency ripple by a high frequency watchdog RO and disturbance capture High latency in detecting fault [35] Detecting probing attack based on the change in the sensor's inductance induced by the attack Information leakage of sensor [36] [37] Detecting fault attacks via a PUF-based physical sensor High power consumption and high sensitivity to changes in voltage and temperature [38] Proposing an RO-PUF based fault injection detector Cannot detect faults timely; is not proven against local attacks [39], [40] Detecting transient faults by connecting an analog sensor to the bulk of transistors being monitored Requires multiple sensors to detect faults with high coverage [41] Detecting the voltage glitch attack by shift phasing the clock signal with some delay elements Requires multiple sensors to detect faults with high coverage [42] Detecting LFIA with a custom design of logic gates Suffering from portability among different technologies [43], [44] Detecting fault by implementing Triple Modular Redundancy Significant hardware overhead [45] Detecting fault via time-redundancy Increasing the circuit latency and power [46] Detecting fault via time-redundancy on selected operations Resulting in higher fault escapes [47] Detecting fault via information-redundancy schemes Features low detection rate and high overhead [48] Detecting clock glitch via delaying the system clock Unable to detect LFIAs toward the input of memory cells (registers or latches) and flip the correct output of a register. The amplitude of I P GN relates to I gate via I P GN = N × I gate where N follows Eq.…”

DELFINES: Detecting Laser Fault Injection Attacks via Digital Sensors

“…Although the proposed detection scheme is effective, it suffers from high power consumption as well as high sensitivity to changes in operating conditions [37,§VI.B]. Authors in [38] proposed a fault attack detection method based on RO-PUF. This method stores the PUF response in the early stages of usage.…”

“…Methodology Disadvantage [28], [29] Implementing dual-complementary flip-flops to detect EMFI attack Significant hardware overhead [30] Detecting electromagnetic pulse attack sensor realized by preliminary gates High area overhead [31] Detecting EMFI attack via checking the phase of an embedded RO High area and power overheads [32] Sensing frequency ripple by a watchdog RO and PLL in FPGA platform Having PLL is not always guaranteed in all circuits [34] Monitoring frequency turbulence induced by watchdog RO and phase detector Significant false alarm rate [33] Sensing frequency ripple by a high frequency watchdog RO and disturbance capture High latency in detecting fault [35] Detecting probing attack based on the change in the sensor's inductance induced by the attack Information leakage of sensor [36] [37] Detecting fault attacks via a PUF-based physical sensor High power consumption and high sensitivity to changes in voltage and temperature [38] Proposing an RO-PUF based fault injection detector Cannot detect faults timely; is not proven against local attacks [39], [40] Detecting transient faults by connecting an analog sensor to the bulk of transistors being monitored Requires multiple sensors to detect faults with high coverage [41] Detecting the voltage glitch attack by shift phasing the clock signal with some delay elements Requires multiple sensors to detect faults with high coverage [42] Detecting LFIA with a custom design of logic gates Suffering from portability among different technologies [43], [44] Detecting fault by implementing Triple Modular Redundancy Significant hardware overhead [45] Detecting fault via time-redundancy Increasing the circuit latency and power [46] Detecting fault via time-redundancy on selected operations Resulting in higher fault escapes [47] Detecting fault via information-redundancy schemes Features low detection rate and high overhead [48] Detecting clock glitch via delaying the system clock Unable to detect LFIAs toward the input of memory cells (registers or latches) and flip the correct output of a register. The amplitude of I P GN relates to I gate via I P GN = N × I gate where N follows Eq.…”

DELFINES: Detecting Laser Fault Injection Attacks via Digital Sensors