Practical Optical Fault Injection on Secure Microcontrollers

Woudenberg, Jasper G. J. van; Witteman, Marc F.; Menarini, Federico

doi:10.1109/fdtc.2011.12

Cited by 135 publications

(69 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This would allow a block cipher to be implemented where no check is required to detect whether a fault has occurred since no information would be available to an attacker. This would prevent an attacker from implementing a multiple-fault attack that affects tests at the end of a block cipher [25,18].…”

Section: Further Strengthening the Countermeasurementioning

confidence: 99%

“…Kim and Quisquater demonstrated that one can attack a cryptographic algorithm and then inject a fault in the verification stage [17]. The natural response would be to make the verification itself redundant but van Woudenberg et al [18] have shown that three faults can be used to attack two tests after the execution of a cryptographic algorithm, i.e. inject one fault in the algorithm itself and use two faults to overcome the redundant verification.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Infective Computation and Dummy Rounds: Fault Protection for Block Ciphers without Check-before-Output

Gierlichs

Schmidt

Tunstall

2012

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Implementation attacks pose a serious threat for the security of cryptographic devices and there are a multitude of countermeasures that are used to prevent them. Two countermeasures used in implementations of block ciphers to increase the complexity of such attacks are the use of dummy rounds and redundant computation with consistency checks to prevent fault attacks. In this paper we present several countermeasures based on the idea of infective computation. Our countermeasures ensure that a fault injected into a cipher, dummy, or redundant round will infect the ciphertext such that an attacker cannot derive any information on the secret key being used. This has one clear advantage: the propagation of faults prevents an attacker from being able to conduct any fault analysis on any corrupted ciphertexts. As a consequence, there is no need for any test at the end of an implementation to determine if a fault has been injected and a ciphertext can always be returned.

show abstract

Section: Further Strengthening the Countermeasurementioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Infective Computation and Dummy Rounds: Fault Protection for Block Ciphers without Check-before-Output

Gierlichs

Schmidt

Tunstall

2012

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…However many of them involves unrealistic assumptions regarding environment and capabilities of the attackers For example, in chosen-cipher text attack, the attacker requires an impractical number of deliberately chosen plaintext-cipher text pairs. It may not be applied over all however the detail that some attack happens should be reason of fear mainly if the attack method has chances for development [16].…”

Section: Practicality Of Attacks-mentioning

confidence: 99%

Fault analysis in cryptography

Mrabet¹,

Page

Vercauteren³

2017

IJLTET

View full text Add to dashboard Cite

“…Double fault attacks [9,10], require the attacker clear the difference of data between two encrypted paths during injecting errors. Since our infection countermeasure applies not the two encrypted paths, but the encryption/decryption circuit, so it can avoid suffer double error attacks.…”

Section: The Proposed Random Infection Countermeasurementioning

confidence: 99%

“…This is because the most commonly used infection mechanisms are based on the assumption of the signal fault [4,5,7]. What is worse, with the significantly improving accuracy of fault injections in recent years, it has become possible to carry on double fault attacks at a certain time [9,10].…”

Section: Introductionmentioning

confidence: 99%

Against fault attacks based on random infection mechanism

Zhang

et al. 2016

IEICE Electron. Express

View full text Add to dashboard Cite

Fault attack is a very effective way to crack the key for cipher chip. Among existing fault attack countermeasures, the infection countermeasures are very effective means, but, most existing infection countermeasures are based on the single fault assumption, and the accuracy of fault injections has significantly improved in the late years, it has become possible to implementation of double fault attacks in specific circuit regions, and it is, therefore, flawed in the resistance to double fault attacks. Aim at the flawed mentioned, this paper proposes a countermeasure called random infection mechanism to resist fault attacks. We use the encryption/decryption circuit to construct the fault diffusion pattern and avoid under the possibility of double error attacks. Furthermore, in order to against single byte fault attacks, we introduce random numbers to make the fault diffusion randomization. Experiments are carried out to verify the proposed algorithm and the results show that the proposed random infection mechanism can resist fault attacks effectively including single byte error attacks.

show abstract

Practical Optical Fault Injection on Secure Microcontrollers

Cited by 135 publications

References 6 publications

Infective Computation and Dummy Rounds: Fault Protection for Block Ciphers without Check-before-Output

Infective Computation and Dummy Rounds: Fault Protection for Block Ciphers without Check-before-Output

Fault analysis in cryptography

Against fault attacks based on random infection mechanism

Contact Info

Product

Resources

About