Breaking redundancy-based countermeasures with random faults and power side channel

Redundancy based countermeasures against fault attacks are a popular choice in security-critical commercial products, owing to its high fault coverage and applications to safety/reliability. In this paper, we propose a combined attack on such countermeasures. The attack assumes a random byte/nibble...

وصف كامل

محفوظ في:
التفاصيل البيبلوغرافية
المؤلفون الرئيسيون: Saha, Sayandeep, Jap, Dirmanto, Breier, Jakub, Bhasin, Shivam, Mukhopadhyay, Debdeep, Dasgupta, Pallab
مؤلفون آخرون: 2018 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC)
التنسيق: Conference or Workshop Item
اللغة:English
منشور في: 2019
الموضوعات:
الوصول للمادة أونلاين:https://hdl.handle.net/10356/104811
http://hdl.handle.net/10220/49291
الوسوم: إضافة وسم
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
المؤسسة: Nanyang Technological University
اللغة: English
الوصف
الملخص:Redundancy based countermeasures against fault attacks are a popular choice in security-critical commercial products, owing to its high fault coverage and applications to safety/reliability. In this paper, we propose a combined attack on such countermeasures. The attack assumes a random byte/nibble fault model with existence of side-channel leakage of the final comparison, and no knowledge of the faulty ciphertext. Unlike the previously proposed biased/multiple fault attack, we just need to corrupt one computation branch. Both analytical and experimental evaluation of this attack strategy is presented on software implementations of two state-of-the-art block ciphers, AES and PRESENT, on an ATmega328P microcontroller, via side-channel measurements and a laser-based fault injection. Moreover, this work establishes that even without the knowledge of the faulty ciphertexts, one can still perform differential fault analysis attacks, given the availability of side-channel information.