High Level Model of Control Flow Attacks for Smart Card Functional Security

Berthomé, Pascal; Heydemann, Karine; Kauffmann-Tourkestansky, Xavier; Lalande, Jean-François

doi:10.1109/ares.2012.79

Cited by 17 publications

(41 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Indeed, simulation of attack injection at the source code level speeds up the detection of weaknesses compared to injection at assembly level due to the lower number of source statements. However, jump attacks that start/arrive inside a C statement cannot be simulated at C level [7]. Nevertheless, it is helpful to detect as many weaknesses as possible at source code level, and as we show in the experimental results, working at this level enables to strengthen code security by making successful attacks very difficult to perform.…”

Section: Simulation Of Attacksmentioning

confidence: 91%

“…As code securing is often performed at source level by developers, simulating attacks at this level allows to identify the harmful ones as well as the code regions that should be secured. Simulating attacks at assembly level would require to match assembly instructions with the source code which is not trivial [7]. Furthermore, assembly programs are tightly coupled to specific architectures.…”

Section: Simulation Of Attacksmentioning

confidence: 99%

“…In order to discover harmful attacks, we simulate jump attacks using software hacks at C level, as proposed in [7]. For each function of the application, all possible intra-procedural jump attacks that jump backward or forward C statements are injected at source level.…”

Section: Simulation Of Attacksmentioning

confidence: 99%

See 2 more Smart Citations

Software Countermeasures for Control Flow Integrity of Smart Card C Codes

Lalande

Heydemann

Berthomé

2014

Computer Security - ESORICS 2014

View full text Add to dashboard Cite

Abstract. Fault attacks can target smart card programs in order to disrupt an execution and gain an advantage over the data or the embedded functionalities. Among all possible attacks, control flow attacks aim at disrupting the normal execution flow. Identifying harmful control flow attacks as well as designing countermeasures at software level are tedious and tricky for developers. In this paper, we propose a methodology to detect harmful intra-procedural jump attacks at source code level and to automatically inject formally-proven countermeasures. The proposed software countermeasures defeat 100% of attacks that jump over at least two C source code statements or beyond. Experiments show that the resulting code is also hardened against unexpected function calls and jump attacks at assembly level.Keywords: control flow integrity, fault attacks, smart card, source level IntroductionSmart cards or more generally secure elements are essential building blocks for many security-critical applications. They are used for securing host applications and sensitive data such as cryptographic keys, biometric data, pin counters, etc. Malicious users aim to get access to these secrets by performing attacks on the secure elements. Fault attacks consists in disrupting the circuit's behavior by using a laser beam or applying voltage, clock or electromagnetic glitches [5,6,24]. Their goal is to alter the correct progress of the algorithm and, by analyzing the deviation of the corrupted behavior with respect to the original one, to retrieve the secret information [14]. For java card, fault attacks target particular components of the virtual machine [3,4,9].Many protections have therefore been proposed to counteract attacks. Fault detection is generally based on spatial, temporal or information redundancy at hardware or software level. In java card enabled smart cards, software components of the virtual machine can perform security checks [18,20,10].In practice, developers of security-critical applications often manually add countermeasures into an application code. This operation requires knowledge about the target code vulnerabilities. Both these tasks are time-consuming with direct impact on the certification of the product. One harmful consequence of fault attacks is control flow disruption which may bypass some implemented countermeasures. It is difficult for programmers to investigate all possible control flow disruption in order to detect sensitive parts of the code and then investigate how to add countermeasures inside these sensitive parts. Moreover, secure smart cards have strong security requirements that have to be certified by an independent qualified entity before being placed on the market. Certification can rely on a review of source code and the implemented software countermeasures. The effectiveness of software security countermeasures is then guaranteed by the use of a certified compiler [21]. Injecting control flow integrity checks at compile time would require to certify the modified compiler. To avoid this diff...

show abstract

Section: Simulation Of Attacksmentioning

confidence: 91%

Section: Simulation Of Attacksmentioning

confidence: 99%

See 1 more Smart Citation

Software Countermeasures for Control Flow Integrity of Smart Card C Codes

Lalande

Heydemann

Berthomé

2014

Computer Security - ESORICS 2014

View full text Add to dashboard Cite

show abstract

“…Using a generic methodology to prove the resistance of a set of countermeasures against fault attacks, their approach was applied to a pseudo-code of a RSA-CRT signature [13] by using the Frama-C program analyzer. In the same time, Berthomé et al [4] verified a smartcard C code against control flow attacks. More recently, in [36], Rauzy et al proposed a formal methodology at the algorithm level and presented their tool (named Finja) and its application to detect possible attack paths on RSA-CRT implementation.…”

Section: Prior Artmentioning

confidence: 96%

Using linear codes as a fault countermeasure for nonlinear operations: application to AES and formal verification

Azzi

Barras²,

Christofi³

et al. 2016

J Cryptogr Eng

View full text Add to dashboard Cite

Recently, Bringer et al. [10] introduced a new countermeasure based on linear codes. This elegant design aims at protecting advanced encryption standard against both side-channel attacks and fault attacks (FA). However, the fault detection during nonlinear operations (for example SubBytes operation) was left as an open question. The present work studies how linear systematic error correcting codes can simply be used to detect fault injections during nonlinear operations in a symmetric block cipher. In particular, for the faults that cause errors with limited Hamming weight, this method can lead to interesting detection capabilities. Considering this way of protecting AES encryption against FA, a concrete implementation is presented. For a given fault model, a methodology of formal verification is applied to some parts of this implementation, assessing the fault resistance of one linear operation AddRoundKey and one nonlinear operation SubBytes.

show abstract

“…The countermeasures added upon C-level fault injection campaign enabled to defeat 60% of the attacks at the assembly level. The C-level fault model doesn't have the same fault coverage of assembler-level but the number of covered attacks-to-time (or to-test cases) ratio was much higher [32] and helpful to detect many weaknesses at source code level.…”

Section: Related Workmentioning

confidence: 99%

An RTOS-based Fault Injection Simulator for Embedded Processors

Alimi¹,

Lahbib²,

Machhout³

et al. 2017

ijacsa

View full text Add to dashboard Cite

Abstract-Evaluating embedded systems vulnerability to faults injection attacks has gained importance in recent years due to the rising threats they bring to chips security. The task is particularly important for micro-controllers since they have lower resistance to fault attacks compared to hardware-based cryptosystems. This paper reviews recent embedded fault injection simulators from literature and presents an embedded high-level fault injection mechanism based on a Real-Time Operating System (RTOS). The approach aims to be architecture-independent and portable to 32-bit microcontrollers and embedded processors. The proposed mechanism, primarily targets realistic fault attack scenarios on memory locations, is adapted to timed and event-based fault injection. A Differential Fault Attack (DFA) was mounted on a popular ARM-based micro-controller running FreeRTOS to illustrate the proposed mechanism. The aim is also to bridge the embedded fault injection simulation mechanism efficiently to a computerbased cryptanalysis and to highlight the importance of physically protecting the memory and integrating data-specific countermeasures.

show abstract

High Level Model of Control Flow Attacks for Smart Card Functional Security

Cited by 17 publications

References 14 publications

Software Countermeasures for Control Flow Integrity of Smart Card C Codes

Software Countermeasures for Control Flow Integrity of Smart Card C Codes

Using linear codes as a fault countermeasure for nonlinear operations: application to AES and formal verification

An RTOS-based Fault Injection Simulator for Embedded Processors

Contact Info

Product

Resources

About