Abstract
The integrated circuits are faced with the threats of fault injection attacks (FIAs), which employ the faulty results and differential fault analysis to retrieve the vital information processed by the circuits. Countermeasures should be taken to protect the circuits against FIAs. This paper proposes a security evaluation method to quantitatively analyze the resistance of block ciphers with a Substitution-Permutation Network structure against FIAs from an information-theoretic perspective. A quantitative security factor is defined based on the amount of information leakage. Specifically, an extended cipher model is proposed to numerically analyze the theoretical amount of information leakage, and an efficient approach is proposed to obtain the actual amount of information leakage. Experiments by applying the quantitative evaluation method to AES circuit validate feasibility, efficiency and scalability of the method. The experimental results show that the security factor can quantify the effects of different fault models and countermeasures. 2000 fault injections are sufficient to complete the evaluation under the considered fault models within 10 microseconds. The proposed method can be used during the circuit design stage as well as chip testing stage.
Highlights
Fault injection attack (FIA) has become a serious threat to the security of integrated circuits due to the development of low-cost fault injection techniques, such as clock glitch and power glitch [1], and efficient analysis methods such as differential fault analysis (DFA) [2], which employ the faulty results caused by fault injection attacks (FIAs) to retrieve secret information
We found that existing methods do not directly analyze how secure the information processed by FIAs is, and just analyze the phenomena related to FIAs
Each fault model defines a theoretical upper bound on the amount of information leakage and a theoretical lower bound on the reduced key space
Summary
To resist FIA, countermeasures are proposed and can be classified into four categories [3]: cutting the access point, environment monitoring, fault detection and fault correction. AND PROBLEM STATEMENT Information-theoretic approach which uses the amount of information leakage to judge if a DFA attack on AES is optimal was proposed in [17] In this approach, the amount of information leakage corresponding to a fault model is computed to theoretically estimate the reduced key space for each fault. The actual reduced key space for a DFA attack with a certain fault model is compared with the lower bound. If the actual reduced key space is close to the lower bound, the number of fault injection needed is relatively small and corresponding DFA is optimal.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
