Abstract
Fault injection attacks are one of the most powerful forms of cryptanalytic attacks on ciphers. A single, precisely injected fault during the execution of a cipher like the AES, can completely reveal the key within a few milliseconds. Software implementations of ciphers, therefore, need to be thoroughly evaluated for such attacks. In recent years, automated tools have been developed to perform these evaluations. These tools either work on the cipher algorithm or on their implementations. Tools that work at the algorithm level can provide a comprehensive assessment of fault attack vulnerability for different fault attacks and with different fault models. Their application is, however, restricted because every realization of the cipher has unique vulnerabilities. On the other hand, tools that work on cipher implementations have a much wider application but are often restricted by the range of fault attacks and the number of fault models they can evaluate.In this paper, we propose a framework, called FEDS, that uses a combination of compiler techniques and model checking to merge the advantages of both, algorithmic level tools as well as implementation level tools. Like the algorithmic level tools, FEDS can provide a comprehensive assessment of fault attack exploitability considering a wide range of fault attacks and fault models. Like implementation level tools, FEDS works with implementations, therefore has wide application. We demonstrate the versatility of FEDS by evaluating seven different implementations of AES (including bitsliced implementation) and implementations of CLEFIA and CAMELLIA for Differential Fault Attacks. The framework automatically identifies exploitable instructions in all implementations. Further, we present an application of FEDS in a Fault Attack Aware Compiler, that can automatically identify and protect exploitable regions of the code. We demonstrate that the compiler can generate significantly more efficient code than a naïvely protected equivalent, while maintaining the same level of protection.
Highlights
Fault attacks are a potent form of physical attacks, where the attacker injects a fault during the execution of a cipher to determine its secret key
Definition 2. [Intermediate Representation (IR) Instructions] IR is an intermediate representation used by the LLVM compiler that is generated during the transformation pass
The evaluation with multiple AES implementations and block cipher CLEFIA and CAMELLIA for Differential Fault Attacks demonstrates the ability of FEDS to uniquely identify exploitable instructions
Summary
Fault attacks are a potent form of physical attacks, where the attacker injects a fault during the execution of a cipher to determine its secret key. Similar to ILE tools, FEDS works at the implementation level and can pinpoint vulnerable locations in the source code. This makes FEDS widely applicable and usable for different implementations of a cipher. Similar to the HLE tools, FEDS promises to provide a comprehensive fault attack vulnerability evaluation and can identify vulnerabilities in complex fault attack situations It can consider the cryptographic properties of the cipher, such as the differential and impossible differential properties of the S-Boxes, reversibility of the key expansion algorithm, etc. It first runs an HLE tool, such as XFC [KRH17] or ExpFault [SKMD17], on the cipher’s high-level representation, to obtain a list of fault attack exploitable operations present in the cipher.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: IACR Transactions on Cryptographic Hardware and Embedded Systems
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
