Generic approach for hardening state machines against strong adversaries

Abstract

Most of the countermeasures against active fault injection attacks focus on securing the datapath of the cryptographic circuits. However, control unit security thus far has been neglected except for a few scattered references and there is not much work done to secure finite state machines (FSMs) against advanced attackers. In this study, the authors propose a novel methodology to remove the vulnerability of control units against active fault attacks. As an initial step, the authors describe an observation which states that because of the non-uniform behaviour of the FSM variables (i.e. state registers, inputs etc.), a direct implementation of non-linear codes for FSM security will not work. Hence, securing FSMs using non-linear codes is an important and difficult problem that requires additional effort. The authors' solution to this problem is built around two ideas. The authors first provide an arithmetic state machine construction for which the robustness of the applied non-linear error detection scheme can be easily measured. This formulation also dramatically simplifies the predictor design. Next, the authors use randomised embedding to achieve unpredictability and uniformity. This two-pronged technique provides a generic solution applicable to any FSM. Consequently, the resulting FSMs will be robust even against very advanced attackers.