Abstract

Characterizing the fault space of a cipher to filter out a set of faults potentially exploitable for fault attacks (FA), is a problem with immense practical value. A quantitative knowledge of the exploitable fault space is desirable in several applications, such as security evaluation, cipher construction and implementation, design, testing of countermeasures, and so on. In this paper, we investigate this problem in the context of block ciphers. The formidable size of the fault space of a block cipher mandates the use of an automation strategy to solve this problem, which should be able to characterize each individual fault instance quickly. On the other hand, the automation strategy is expected to be applicable to most of the block cipher constructions. Existing techniques for automated fault attacks do not satisfy both of these goals simultaneously, and hence are not directly applicable in the context of exploitable fault characterization. In this paper, we present a supervised machine learning assisted automated framework, which successfully addresses both of the criteria mentioned. The key idea is to extrapolate the knowledge of some existing FAs on a cipher to rapidly figure out new attack instances. Experimental validation of this idea on two state-of-the-art block ciphers - PRESENT and LED - establishes that our approach is able to provide fairly good accuracy in identifying exploitable fault instances at a reasonable cost. Utilizing this observation, we propose a statistical framework for exploitable fault space characterization, which can provide an estimate of the success rate of an attacker corresponding to the given fault model and fault location. The framework also returns test vectors leading toward successful attacks. As a potential application, the effect of different S-Boxes on the fault space of a cipher is evaluated utilizing the framework.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.