This paper presents a new intentional electromagnetic interference (IEMI) fault injection method that can be used to inject transient faults into cryptographic operations with precise timing from a distance. Such IEMI fault injection can be used for performing fault analysis attacks, such as differential fault analysis and fault sensitivity analysis, and therefore it could pose a severe threat to various cryptographic devices for which it is assumed that attackers cannot acquire direct access. In the proposed IEMI fault injection method, a block (i.e., a period) of sinusoidal waves is injected via cables attached to a cryptographic device, instead of using electromagnetic pulses as in conventional methods. The injected EM waves have a temporary impact on the cryptographic module but not on other components of the device. In addition, the proposed method employs EM information leaked from the cryptographic module as the trigger signal for fault injection. In this paper, we demonstrate experimentally that the proposed method can be used to inject precisely timed faults into the final round of an AES operation.Keywords-intentional electromagnetic interference; electromagnetic fault injection; fault sensitivity analysis.
I. INTRODUCTIONFault injection attacks are attracting considerable attention in the field of cryptographic hardware and embedded systems. In such attacks, the attacker first injects faults into the cryptographic operations to obtain faulty ciphertexts and then derives the secret key from several faulty ciphertexts. After the first published study on attacks on public-key cryptosystems [1], fault injection attacks were extended to symmetric-key cryptosystems [2]. Since then, many variations of fault attacks as well as countermeasures have been presented, and newer attacks and countermeasures are being proposed all the time [3]- [5]. In 2010, a study was presented on fault sensitivity analysis (FSA), which has defeated a number of conventional countermeasures [6], [7].