Abstract
In laser fault injection, an attacker injects laser to a chip implementing cryptography and exploits a fault to attack the cryptography. A promising approach to counteract fault injection attack is to detect an attempt of fault injection using sensors. In such a sensor-based countermeasure, a sensor detects a physical anomaly and raises an alarm so that the system can react to the attempt of an attack properly. Among them, the bit-flip detector, that detects a short-circuit current induced by a laser fault injection, is actively studied as an efficient realization. In this paper, we give the first security evaluation of the bit-flip detector. We show that an attacker can reveal an internal state by observing how the sensor reacts to laser fault injection. The leakage leads to a variant of probing attack that is feasible non-invasively. We also propose a new cryptanalytic technique that efficiently exploit the leakage to attack AES.
Highlights
In 1997, Boneh, Demillio, and Lipton proposed a novel attack on cryptography based on analyzing a faulty ciphertext released as a result of physical stress applied to an implementation of cryptography [1].The class of attacks is called fault injection attack or fault analysis and is one of the main security issues in implementations of cryptography
Fault injection attack is a serious concern in the industry
We propose the first attack on the sensor-based countermeasure against laser fault injection (LFI) which transforms the sensor into an oracle that leaks an internal state of a target
Summary
In 1997, Boneh, Demillio, and Lipton proposed a novel attack on cryptography based on analyzing a faulty ciphertext released as a result of physical stress applied to an implementation of cryptography [1]. Researchers have proposed various countermeasures against fault injection attack. 1. We propose the first attack on the sensor-based countermeasure against LFI which transforms the sensor into an oracle that leaks an internal state of a target. A fault is said to be the bit-reset fault if a target is forcibly set as 0 as a result of an injection. A laser spot should be sufficiently small to achieve such a high resolution (see Fig. 2) Such a highly selective LFI is expected to become more difficult as the target CMOS technology node becomes smaller.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
