RFID and Its Vulnerability to Faults

Hutter, Michael; Schmidt, Jörn-Marc; Plos, Thomas

doi:10.1007/978-3-540-85053-3_23

Cited by 28 publications

(19 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, considering such adversaries is important because, as lowcost devices, tags are hardly protected against physical tampering. In particular, it has been shown that side-channel attacks may enable an adversary to extract secrets from the tag [17,21,22,26], and so-called 'reset' attacks force the tag to re-use old randomness [3,9,15]. The adversary can mount reset attacks by inducing power drops or by otherwise influencing the physical environment of the tag.…”

Section: Introductionmentioning

confidence: 99%

A New RFID Privacy Model

Hermans

Pashalidis

Vercauteren

et al. 2011

Computer Security – ESORICS 2011

View full text Add to dashboard Cite

Abstract. This paper critically examines some recently proposed RFID privacy models. It shows that some models suffer from weaknesses such as insufficient generality and unrealistic assumptions regarding the adversary's ability to corrupt tags. We propose a new RFID privacy model that is based on the notion of indistinguishability and that does not suffer from the identified drawbacks. We demonstrate the easy applicability of our model by applying it to multiple existing RFID protocols.

show abstract

Section: Introductionmentioning

confidence: 99%

A New RFID Privacy Model

Hermans

Pashalidis

Vercauteren

et al. 2011

Computer Security – ESORICS 2011

View full text Add to dashboard Cite

show abstract

“…Previous studies have shown that EM fault injection using high-voltage pulses offers the possibility for noninvasive attacks [15], [16]. However, the use of such EM pulses still requires close access to the cryptographic module, even if the pulsating square wave is generated with a high voltage (for example, 100 V) [15].…”

Section: A Conventional Em Fault Injectionmentioning

confidence: 99%

Precisely timed IEMI fault injection synchronized with EM information leakage

Hayashi

Homma

Mizuki

et al. 2014

2014 IEEE International Symposium on Electromagnetic Compatibility (EMC)

View full text Add to dashboard Cite

This paper presents a new intentional electromagnetic interference (IEMI) fault injection method that can be used to inject transient faults into cryptographic operations with precise timing from a distance. Such IEMI fault injection can be used for performing fault analysis attacks, such as differential fault analysis and fault sensitivity analysis, and therefore it could pose a severe threat to various cryptographic devices for which it is assumed that attackers cannot acquire direct access. In the proposed IEMI fault injection method, a block (i.e., a period) of sinusoidal waves is injected via cables attached to a cryptographic device, instead of using electromagnetic pulses as in conventional methods. The injected EM waves have a temporary impact on the cryptographic module but not on other components of the device. In addition, the proposed method employs EM information leaked from the cryptographic module as the trigger signal for fault injection. In this paper, we demonstrate experimentally that the proposed method can be used to inject precisely timed faults into the final round of an AES operation.Keywords-intentional electromagnetic interference; electromagnetic fault injection; fault sensitivity analysis. I. INTRODUCTIONFault injection attacks are attracting considerable attention in the field of cryptographic hardware and embedded systems. In such attacks, the attacker first injects faults into the cryptographic operations to obtain faulty ciphertexts and then derives the secret key from several faulty ciphertexts. After the first published study on attacks on public-key cryptosystems [1], fault injection attacks were extended to symmetric-key cryptosystems [2]. Since then, many variations of fault attacks as well as countermeasures have been presented, and newer attacks and countermeasures are being proposed all the time [3]- [5]. In 2010, a study was presented on fault sensitivity analysis (FSA), which has defeated a number of conventional countermeasures [6], [7].

show abstract

“…In this field, significant results have been achieved by Hutter et al [10], who offered a detailed analysis about the vulnerabilities of RFID tags to faults.…”

Section: B On the Possibility Of Localized Fault Injectionsmentioning

confidence: 99%

A Fault Analytic Method against HB+

Carrijo

Tonicelli

Nascimento

2011

IEICE Trans. Fundamentals

View full text Add to dashboard Cite

Abstract-The search for lightweight authentication protocols suitable for low-cost RFID tags constitutes an active and challenging research area. In this context, a family of protocols based on the LPN problem has been proposed: the so-called HB-family. Despite the rich literature regarding the cryptanalysis of these protocols, there are no published results about the impact of fault analysis over them. The purpose of this paper is to fill this gap by presenting a fault analytic method against a prominent member of the HB-family: HB+ protocol. We demonstrate that the fault analysis model can lead to a flexible and effective attack against HB-like protocols, posing a serious threat over them.

show abstract

RFID and Its Vulnerability to Faults

Cited by 28 publications

References 19 publications

A New RFID Privacy Model

A New RFID Privacy Model

Precisely timed IEMI fault injection synchronized with EM information leakage

A Fault Analytic Method against HB+

Contact Info

Product

Resources

About