Probing Attacks On Tamper-Resistant Devices

Handschuh, Helena; Paillier, Pascal; Stern, Jacques

doi:10.1007/3-540-48059-5_26

Cited by 33 publications

(22 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Invasive observations: the ability to drop a single microprobe often suffices to break a cryptosystem (for example, knowledge of a single bitplane suffices to break algorithms such as RSA [10]). Electron microscopes have been used to read voltages on smart card chip surfaces.…”

Section: Unintended Finalisation Single Systemmentioning

confidence: 98%

Breaking the Model: Finalisation and a Taxonomy of Security Attacks

Clark

Stepney

Chivers

2005

Electronic Notes in Theoretical Computer Science

View full text Add to dashboard Cite

It is well known that security properties are not preserved by refinement, and that refinement can introduce new, covert, channels, such as timing channels. The finalisation step in refinement can be analysed to identify some of these channels, as unwanted finalisations that can break the assumptions of the formal model. We introduce a taxonomy of such unwanted finalisations, and give examples of attacks that exploit them.

show abstract

Section: Unintended Finalisation Single Systemmentioning

confidence: 98%

Breaking the Model: Finalisation and a Taxonomy of Security Attacks

Clark

Stepney

Chivers

2005

Electronic Notes in Theoretical Computer Science

View full text Add to dashboard Cite

show abstract

“…Nearly a decade before the cold boot attack was demonstrated, Handschuh, Paillier, and Stern modeled probing attacks [5] on the square-and-multiply algorithm for modular exponentiation, DES, and RC5. They reconstruct cryptographic secrets by tracing a few critical bits over the target operation's execution.…”

Section: Related Workmentioning

confidence: 99%

An Improved Recovery Algorithm for Decayed AES Key Schedule Images

Tsow

2009

Selected Areas in Cryptography

View full text Add to dashboard Cite

Abstract.A practical algorithm that recovers AES key schedules from decayed memory images is presented. Halderman et al. [1] established this recovery capability, dubbed the cold-boot attack, as a serious vulnerability for several widespread software-based encryption packages. Our algorithm recovers AES-128 key schedules tens of millions of times faster than the original proof-of-concept release. In practice, it enables reliable recovery of key schedules at 70% decay, well over twice the decay capacity of previous methods. The algorithm is generalized to AES-256 and is empirically shown to recover 256-bit key schedules that have suffered 65% decay. When solutions are unique, the algorithm efficiently validates this property and outputs the solution for memory images decayed up to 60%.

show abstract

“…Manipulation is an invasive attack that gives to the attacker the power of modifying the chip's functionality or of directly probing signals [37], [25].…”

Section: Introductionmentioning

confidence: 99%

Fault Injection Resilience

Guilley

Sauvage

Danger

et al. 2010

2010 Workshop on Fault Diagnosis and Tolerance in Cryptography

View full text Add to dashboard Cite

Abstract-Fault injections constitute a major threat to the security of embedded systems. Errors occurring in the cryptographic algorithms have been shown to be extremely dangerous, since powerful attacks can exploit few of them to recover the full secrets. Most of the resistance techniques to perturbation attacks have relied so far on the detection of faults. We present in this paper another strategy, based on the resilience against fault attacks. The core idea is to allow an erroneous result to be outputted, but with the assurance that this faulty information conveys no information about the secrets concealed in the chip. We first underline the benefits of FIR: false positive are never raised, secrets are not erased uselessly in case of uncompromising faults injections, which increases the card lifespan if the fault is natural and not malevolent, and FIR enables a high potential of resistance even in the context of multiple faults. Then we illustrate two families of fault injection resilience (FIR) schemes suitable for symmetric encryption. The first family is a protocollevel scheme that can be formally proved resilient. The second family mobilizes a special logic-level architecture of the cryptographic module. We notably detail how a countermeasure of this later family, namely dual-rail with precharge logic style, can both protect both against active and passive attacks, thereby bringing a combined global protection of the device. The cost of this logic is evaluated as lower than detection schemes. Finally, we also give some ideas about the modalities of adjunction of FIR to some certification schemes.

show abstract

Probing Attacks On Tamper-Resistant Devices

Cited by 33 publications

References 17 publications

Breaking the Model: Finalisation and a Taxonomy of Security Attacks

Breaking the Model: Finalisation and a Taxonomy of Security Attacks

An Improved Recovery Algorithm for Decayed AES Key Schedule Images

Fault Injection Resilience

Contact Info

Product

Resources

About